Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OisXHOn0qusAi8_O-J-6f-2yM1c.roa
File: OisXHOn0qusAi8_O-J-6f-2yM1c.roa (raw, json)
Hash identifier: YMPMKq9E7nv20uu4WNpZ4E4aeKNKNDe33NtNwq2kfpU=
Subject key identifier: 3A:2B:17:1C:E9:F4:AA:EB:00:8B:CF:CE:F8:9F:BA:7F:ED:B2:33:57
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195845642339826CA381AE3FD4F7D4AD801
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OisXHOn0qusAi8_O-J-6f-2yM1c.roa
Signing time: Tue 11 Mar 2025 08:33:20 +0000
ROA not before: Tue 11 Mar 2025 08:33:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 151.242.44.0/24 maxlen: 24
151.242.56.0/24 maxlen: 24
151.242.224.0/22 maxlen: 24
151.243.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 14:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:56:42:33:98:26:ca:38:1a:e3:fd:4f:7d:4a:d8:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 11 08:33:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a2b171ce9f4aaeb008bcfcef89fba7fedb23357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ee:66:62:c0:a5:dd:b8:18:5b:92:ff:55:d0:
11:37:8b:39:82:ac:2a:95:5a:64:6a:b5:84:ed:68:
09:cd:c2:8b:12:74:74:9b:ae:ab:18:58:c6:70:d5:
db:58:0e:39:d6:3a:58:b6:3e:53:fe:10:85:df:a8:
1f:13:03:15:9f:61:60:f0:44:7e:32:b1:9f:fd:2c:
1b:38:11:df:dc:f8:0e:e8:05:fa:56:d6:dd:51:7a:
4c:51:47:a0:13:aa:c8:94:3a:cb:d1:68:cf:7c:ce:
0a:45:57:bb:5e:65:11:46:1b:79:e0:d5:13:c4:09:
7e:f4:01:0f:8b:1f:16:88:22:be:54:71:4a:5a:c9:
bf:b7:f9:cf:f2:bd:9f:03:8a:4c:3f:3a:f7:52:da:
9b:42:6b:ea:7f:e7:f5:69:e8:e8:0e:20:93:22:6c:
6f:8f:ce:07:b5:31:2f:81:15:58:a8:34:9e:4b:57:
e3:cc:e5:18:e8:63:68:9d:95:59:63:4e:73:fe:2d:
2b:2f:a3:10:aa:aa:e4:65:e6:8e:24:29:a2:31:df:
91:c5:b2:af:b8:ea:70:a7:2a:e9:ed:b3:93:21:e6:
fe:05:90:35:cd:ff:2e:f6:79:a2:85:70:92:83:aa:
ed:56:34:35:86:60:f1:a1:c2:ef:af:54:f6:60:fe:
e8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2B:17:1C:E9:F4:AA:EB:00:8B:CF:CE:F8:9F:BA:7F:ED:B2:33:57
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OisXHOn0qusAi8_O-J-6f-2yM1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.44.0/24
151.242.56.0/24
151.242.224.0/22
151.243.234.0/24
Signature Algorithm: sha256WithRSAEncryption
14:6b:cc:08:88:ad:94:4b:00:bd:1c:eb:c6:72:a7:64:73:da:
57:55:60:6c:5e:c5:c1:d8:a3:ba:d2:4e:4d:f2:bf:07:fd:6b:
67:e6:d1:6d:95:03:d8:f6:b7:f0:b7:f2:7c:11:f0:24:d5:e6:
a3:3a:1f:7d:12:10:39:80:9c:d9:c8:4f:84:7c:db:5e:40:58:
72:92:e5:3e:75:d1:5d:17:61:c4:95:be:37:1f:03:23:e9:f3:
54:9f:6e:fa:53:ef:2a:6c:34:13:49:a6:39:3f:fd:44:fd:20:
f5:56:40:37:92:14:47:7c:99:aa:63:f8:2f:fb:7c:87:23:90:
b2:38:d5:39:5c:05:fe:5d:2a:8e:9e:f3:96:e3:83:44:96:90:
ec:80:f1:93:62:ba:b0:a4:48:43:c2:fe:a4:7d:52:f3:20:a6:
7b:35:e7:65:6e:cb:1c:10:12:24:a0:50:6d:de:11:17:ef:f3:
a9:97:0c:0d:c8:a2:a3:0c:8e:3c:ef:1b:86:0d:c8:5c:a6:1f:
77:78:f3:8c:1e:3e:f0:26:9c:de:fd:d3:f9:8b:ec:a8:75:45:
b5:cb:25:3d:29:77:20:8c:2e:55:cc:f2:a7:e2:e4:e9:d5:ff:
de:be:97:c3:a1:7f:7d:b0:26:18:60:09:f2:10:d3:57:e2:ca:
f8:b9:56:c9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZWEVkIzmCbKOBrj/U99StgBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzExMDgzMzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTJiMTcxY2U5ZjRhYWViMDA4YmNmY2VmODlmYmE3ZmVkYjIzMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+5mYsCl3bgYW5L/VdARN4s5gqwq
lVpkarWE7WgJzcKLEnR0m66rGFjGcNXbWA451jpYtj5T/hCF36gfEwMVn2Fg8ER+
MrGf/SwbOBHf3PgO6AX6VtbdUXpMUUegE6rIlDrL0WjPfM4KRVe7XmURRht54NUT
xAl+9AEPix8WiCK+VHFKWsm/t/nP8r2fA4pMPzr3UtqbQmvqf+f1aejoDiCTImxv
j84HtTEvgRVYqDSeS1fjzOUY6GNonZVZY05z/i0rL6MQqqrkZeaOJCmiMd+RxbKv
uOpwpyrp7bOTIeb+BZA1zf8u9nmihXCSg6rtVjQ1hmDxocLvr1T2YP7oUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDorFxzp9KrrAIvPzvifun/tsjNXMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvT2lzWEhPbjBxdXNBaThfTy1KLTZmLTJ5TTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/IsAwQA
l/I4AwQCl/LgAwQAl/PqMA0GCSqGSIb3DQEBCwUAA4IBAQAUa8wIiK2USwC9HOvG
cqdkc9pXVWBsXsXB2KO60k5N8r8H/Wtn5tFtlQPY9rfwt/J8EfAk1eajOh99EhA5
gJzZyE+EfNteQFhykuU+ddFdF2HElb43HwMj6fNUn276U+8qbDQTSaY5P/1E/SD1
VkA3khRHfJmqY/gv+3yHI5CyONU5XAX+XSqOnvOW44NElpDsgPGTYrqwpEhDwv6k
fVLzIKZ7NedlbsscEBIkoFBt3hEX7/OplwwNyKKjDI487xuGDchcph93ePOMHj7w
Jpze/dP5i+yodUW1yyU9KXcgjC5VzPKn4uTp1f/evpfDoX99sCYYYAnyENNX4sr4
uVbJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:55:52 2025 by rpki-client