Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N-uyNXHzxI5fBEHeMMWw8S-bBX0.roa
File: N-uyNXHzxI5fBEHeMMWw8S-bBX0.roa (raw, json)
Hash identifier: ZbfrNXDOITcoM7qLoA52zYM4VOe8i+ACbuHs2ei88ck=
Subject key identifier: 37:EB:B2:35:71:F3:C4:8E:5F:04:41:DE:30:C5:B0:F1:2F:9B:05:7D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01958FE20854F23D2E38A1BDE484E4A49ADC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N-uyNXHzxI5fBEHeMMWw8S-bBX0.roa
Signing time: Thu 13 Mar 2025 14:21:49 +0000
ROA not before: Thu 13 Mar 2025 14:21:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 151.242.45.0/24 maxlen: 24
151.242.57.0/24 maxlen: 24
151.242.200.0/22 maxlen: 22
151.242.204.0/22 maxlen: 22
151.243.44.0/22 maxlen: 22
151.243.105.0/24 maxlen: 24
151.243.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 06:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:e2:08:54:f2:3d:2e:38:a1:bd:e4:84:e4:a4:9a:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 13 14:21:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37ebb23571f3c48e5f0441de30c5b0f12f9b057d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b3:39:08:09:a6:08:53:d9:03:95:62:20:26:
1b:4e:27:e8:6d:7d:6c:4d:2d:90:75:bb:e8:5a:75:
b2:4f:47:fb:70:6c:50:0c:d8:16:0b:50:21:57:18:
50:c9:b0:ba:5e:66:9a:f7:c9:99:13:94:3d:67:ee:
65:2d:f2:4f:9f:36:e8:3c:57:cb:38:75:72:32:42:
aa:65:b0:c7:d8:31:e2:a8:5f:0c:03:01:b8:56:87:
43:f7:47:74:0c:7f:27:a9:5d:71:d3:8f:d7:53:bf:
8c:f7:e5:05:f0:a7:b0:a7:75:d4:98:84:a6:d7:4e:
19:f3:84:c4:20:9d:62:fd:fd:41:ad:f5:e7:c2:63:
6b:fe:44:e0:63:10:2b:fc:b2:de:7d:1b:90:c9:30:
ed:c4:a6:75:04:a1:6a:0e:3b:b7:b9:9a:1f:a3:c4:
66:82:95:d6:72:69:29:b7:b2:15:9b:b4:f9:7e:3b:
6d:15:02:fd:44:54:91:4a:de:fe:9a:84:75:7a:bf:
70:53:5b:20:b7:a1:76:16:4a:78:aa:88:69:09:0d:
cc:89:de:34:09:b2:d4:66:dd:8a:dc:16:b3:d7:2a:
1c:1f:13:25:03:78:b2:6f:d9:db:d5:fe:6c:bf:65:
d5:4b:dd:2b:80:8a:85:cc:90:40:92:6f:33:1f:83:
d3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:EB:B2:35:71:F3:C4:8E:5F:04:41:DE:30:C5:B0:F1:2F:9B:05:7D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N-uyNXHzxI5fBEHeMMWw8S-bBX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.45.0/24
151.242.57.0/24
151.242.200.0/21
151.243.44.0/22
151.243.105.0/24
151.243.159.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:97:bf:76:5f:07:7e:db:5c:56:da:e8:ef:08:23:e2:72:f2:
6a:f3:b3:cc:75:82:2f:f8:77:fd:56:b6:e1:12:a0:d8:7a:b1:
c4:c0:53:80:fb:fa:43:cf:fe:09:44:8d:2f:a0:2a:8f:45:e4:
04:10:65:eb:c4:ec:7a:d3:86:e5:f3:00:3a:b1:d7:ac:6f:17:
ea:20:14:61:4e:81:37:4a:87:7d:1f:cc:e3:69:2e:7c:ff:44:
ec:48:9c:d9:eb:53:c9:15:ed:dd:6d:fd:34:ad:25:40:57:ca:
32:f1:04:8b:f7:eb:66:ab:11:95:67:36:ea:14:aa:17:8b:46:
6d:2c:91:11:fa:92:ae:5b:25:d4:a3:8b:3c:35:3e:7c:aa:d0:
0a:92:16:28:83:b0:03:61:2d:dc:0f:5f:b2:46:b0:d0:ad:e0:
89:dd:bb:d4:de:2e:40:1f:15:f8:50:c2:e4:b0:ed:4b:55:6c:
ac:6d:11:89:0c:e7:b2:61:1d:01:5d:37:a6:cf:0e:a7:52:59:
48:c3:4c:4f:7b:27:8c:8f:63:94:30:d4:fd:1b:f2:51:18:a4:
27:2f:d3:9c:56:ff:98:94:7e:d8:66:c8:22:c6:fe:63:88:e8:
67:e9:77:cd:39:b6:2c:ce:3c:2e:70:5f:e1:b4:b8:5f:76:01:
f9:e6:5d:da
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZWP4ghU8j0uOKG95ITkpJrcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzEzMTQyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2ViYjIzNTcxZjNjNDhlNWYwNDQxZGUzMGM1YjBmMTJmOWIwNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbM5CAmmCFPZA5ViICYbTifobX1s
TS2QdbvoWnWyT0f7cGxQDNgWC1AhVxhQybC6Xmaa98mZE5Q9Z+5lLfJPnzboPFfL
OHVyMkKqZbDH2DHiqF8MAwG4VodD90d0DH8nqV1x04/XU7+M9+UF8Kewp3XUmISm
104Z84TEIJ1i/f1BrfXnwmNr/kTgYxAr/LLefRuQyTDtxKZ1BKFqDju3uZofo8Rm
gpXWcmkpt7IVm7T5fjttFQL9RFSRSt7+moR1er9wU1sgt6F2Fkp4qohpCQ3Mid40
CbLUZt2K3Baz1yocHxMlA3iyb9nb1f5sv2XVS90rgIqFzJBAkm8zH4PT0QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDfrsjVx88SOXwRB3jDFsPEvmwV9MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTi11eU5YSHp4STVmQkVIZU1NV3c4Uy1iQlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAl/ItAwQA
l/I5AwQDl/LIAwQCl/MsAwQAl/NpAwQAl/OfMA0GCSqGSIb3DQEBCwUAA4IBAQCn
l792Xwd+21xW2ujvCCPicvJq87PMdYIv+Hf9VrbhEqDYerHEwFOA+/pDz/4JRI0v
oCqPReQEEGXrxOx604bl8wA6sdesbxfqIBRhToE3Sod9H8zjaS58/0TsSJzZ61PJ
Fe3dbf00rSVAV8oy8QSL9+tmqxGVZzbqFKoXi0ZtLJER+pKuWyXUo4s8NT58qtAK
khYog7ADYS3cD1+yRrDQreCJ3bvU3i5AHxX4UMLksO1LVWysbRGJDOeyYR0BXTem
zw6nUllIw0xPeyeMj2OUMNT9G/JRGKQnL9OcVv+YlH7YZsgixv5jiOhn6XfNObYs
zjwucF/htLhfdgH55l3a
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:35:31 2025 by rpki-client