Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SD3YuHQz9-fxiRKOW3ivvkVbR98.roa
File: SD3YuHQz9-fxiRKOW3ivvkVbR98.roa (raw, json)
Hash identifier: NeCs5lEH0JNZjBPYetT5C3aAbCcyZuHzk6LGyOabynM=
Subject key identifier: 48:3D:D8:B8:74:33:F7:E7:F1:89:12:8E:5B:78:AF:BE:45:5B:47:DF
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196A57B69FC41419F573FCCB35F2EF53C53
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SD3YuHQz9-fxiRKOW3ivvkVbR98.roa
Signing time: Tue 06 May 2025 12:04:10 +0000
ROA not before: Tue 06 May 2025 12:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137235
IP address blocks: 151.240.75.0/24 maxlen: 24
151.243.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 May 2025 18:08:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:7b:69:fc:41:41:9f:57:3f:cc:b3:5f:2e:f5:3c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 6 12:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=483dd8b87433f7e7f189128e5b78afbe455b47df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:76:c7:04:1e:5e:d8:cb:eb:f0:6d:fc:21:54:
b4:e4:74:eb:1d:be:f5:c2:cc:5d:c1:ff:3c:5e:59:
8b:3b:fe:4c:1f:b5:08:48:75:be:83:0b:6f:a4:02:
a0:c0:51:9b:84:70:89:b4:f7:46:cd:fc:0f:19:d7:
c5:ab:95:bc:aa:b4:3d:8e:72:45:f4:9a:20:81:c9:
08:cb:8a:f2:e1:e5:f3:0c:d6:df:ee:1f:bb:ea:35:
1b:a0:87:e9:42:2f:78:d5:ca:b3:57:87:78:c4:9c:
8d:d9:ef:fd:97:88:15:36:92:c6:0f:71:01:76:ea:
9f:29:e7:4d:9a:c1:ec:8f:a7:cc:f8:bf:21:4c:19:
8c:9c:4d:79:f4:29:49:f6:05:24:67:15:e8:fd:81:
3a:9b:98:82:10:60:d9:c8:0f:b3:35:01:70:b0:f2:
e3:61:b7:be:9d:4d:5a:dc:b5:e6:42:44:2a:64:3f:
63:41:2e:8e:1a:fe:9c:5e:0a:30:9b:f3:42:6a:7f:
58:c2:b6:06:3a:35:71:6d:9b:4d:5e:19:52:71:7a:
e5:21:07:6e:0c:b1:f7:d2:15:40:24:65:19:57:02:
06:15:e6:ba:bb:5a:e0:80:32:5b:18:33:ea:31:61:
cb:14:16:76:d6:87:7e:39:05:48:d6:bf:cf:ee:64:
89:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:3D:D8:B8:74:33:F7:E7:F1:89:12:8E:5B:78:AF:BE:45:5B:47:DF
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SD3YuHQz9-fxiRKOW3ivvkVbR98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.75.0/24
151.243.255.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:32:45:db:c2:81:48:52:b5:bc:c6:8a:6c:ea:15:9d:a1:c8:
a1:11:ea:ad:28:d1:d1:79:38:12:3b:9a:2d:7c:64:d2:58:8e:
49:c0:f5:9e:f7:62:d5:0e:7e:ef:3f:73:97:fb:fd:17:1c:d7:
fe:3a:9a:0a:58:84:d2:81:68:f0:5b:ac:66:ab:25:a1:38:33:
84:02:b7:61:76:3a:2d:e9:b3:c8:f1:54:71:a7:3e:61:49:76:
4d:65:c1:c6:ec:5b:89:5c:70:4d:11:70:ea:3e:29:7d:12:b7:
70:73:22:ca:b7:4e:8c:fd:58:c1:c2:58:5a:1a:40:4f:45:c6:
8e:53:88:d2:98:c9:80:0b:f4:48:46:5f:0d:a0:33:1c:6b:ae:
a7:b4:63:2b:66:f4:3f:20:ed:6c:c4:3d:ec:7e:13:71:6f:28:
67:6f:07:b7:cc:8b:98:a4:42:b3:f7:2b:ad:03:7f:b1:71:34:
a4:d2:6e:c0:c4:74:20:62:91:eb:84:00:a3:19:8a:05:48:b6:
ed:72:f6:43:8e:31:af:2d:de:4f:86:2d:e4:66:c3:b1:4b:ee:
ad:25:3a:f4:0b:dd:08:5f:a2:df:cf:1c:a3:95:ac:c8:7e:1c:
81:4e:dc:52:f7:94:ee:1e:11:6b:c3:56:78:10:90:7e:69:2d:
63:3d:53:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZale2n8QUGfVz/Ms18u9TxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA2MTIwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODNkZDhiODc0MzNmN2U3ZjE4OTEyOGU1Yjc4YWZiZTQ1NWI0N2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnbHBB5e2Mvr8G38IVS05HTrHb71
wsxdwf88XlmLO/5MH7UISHW+gwtvpAKgwFGbhHCJtPdGzfwPGdfFq5W8qrQ9jnJF
9JoggckIy4ry4eXzDNbf7h+76jUboIfpQi941cqzV4d4xJyN2e/9l4gVNpLGD3EB
duqfKedNmsHsj6fM+L8hTBmMnE159ClJ9gUkZxXo/YE6m5iCEGDZyA+zNQFwsPLj
Ybe+nU1a3LXmQkQqZD9jQS6OGv6cXgowm/NCan9YwrYGOjVxbZtNXhlScXrlIQdu
DLH30hVAJGUZVwIGFea6u1rggDJbGDPqMWHLFBZ21od+OQVI1r/P7mSJZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEg92Lh0M/fn8YkSjlt4r75FW0ffMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvU0QzWXVIUXo5LWZ4aVJLT1czaXZ2a1ZiUjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/BLAwQA
l/P/MA0GCSqGSIb3DQEBCwUAA4IBAQAsMkXbwoFIUrW8xops6hWdocihEeqtKNHR
eTgSO5otfGTSWI5JwPWe92LVDn7vP3OX+/0XHNf+OpoKWITSgWjwW6xmqyWhODOE
Ardhdjot6bPI8VRxpz5hSXZNZcHG7FuJXHBNEXDqPil9ErdwcyLKt06M/VjBwlha
GkBPRcaOU4jSmMmAC/RIRl8NoDMca66ntGMrZvQ/IO1sxD3sfhNxbyhnbwe3zIuY
pEKz9yutA3+xcTSk0m7AxHQgYpHrhACjGYoFSLbtcvZDjjGvLd5Phi3kZsOxS+6t
JTr0C90IX6LfzxyjlazIfhyBTtxS95TuHhFrw1Z4EJB+aS1jPVPv
-----END CERTIFICATE-----
Generated at Mon Jun 9 08:56:03 2025 by rpki-client