Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SxDIanL3LDKYWIPgTLNYDD8Mb6k.roa
File: SxDIanL3LDKYWIPgTLNYDD8Mb6k.roa (raw, json)
Hash identifier: g1VVdb6/KSeT2ZjtnIemh9/Nunf+zJt+6ReweThtf+A=
Subject key identifier: 4B:10:C8:6A:72:F7:2C:32:98:58:83:E0:4C:B3:58:0C:3F:0C:6F:A9
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019637D642DA2155D45C9A140D03F7B074EA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SxDIanL3LDKYWIPgTLNYDD8Mb6k.roa
Signing time: Tue 15 Apr 2025 05:05:10 +0000
ROA not before: Tue 15 Apr 2025 05:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207252
IP address blocks: 151.242.176.0/22 maxlen: 24
151.243.208.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 06:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:37:d6:42:da:21:55:d4:5c:9a:14:0d:03:f7:b0:74:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 15 05:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b10c86a72f72c32985883e04cb3580c3f0c6fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e2:74:b3:f5:a4:df:0f:a2:3a:78:04:c0:2a:
bb:e7:fd:b0:a3:f3:05:48:b4:ec:63:2c:10:a4:f4:
fd:32:09:62:37:c2:4c:33:20:79:9f:f3:f1:76:1c:
7f:c8:a0:d4:66:50:aa:ef:13:51:53:8f:c4:0e:bc:
38:5b:47:39:2b:32:76:2a:11:a6:b3:a6:00:bf:53:
45:48:fe:9e:14:7c:bd:04:23:4e:cd:84:b8:d0:3d:
29:18:b8:ad:57:4d:03:41:d9:a0:ba:7d:d9:f6:7d:
03:c0:19:af:db:62:8c:6f:b9:9a:c3:eb:f9:62:8c:
3a:1e:ab:e3:19:3e:f2:ff:6a:26:ac:46:ec:7d:f8:
b5:cf:28:09:63:8a:8c:9f:a6:6e:eb:4f:43:a1:8e:
9c:85:f9:9f:c8:a1:7e:17:3e:2a:8e:e0:a6:b6:c4:
1b:59:70:97:6a:00:b3:48:e6:a8:ec:6b:51:70:15:
8b:f7:c8:ef:de:a9:47:94:61:98:bb:a7:e1:7b:63:
2b:dd:e1:4a:45:0a:d3:17:4b:45:b7:17:5f:fa:bc:
3d:cb:5d:95:d6:a3:73:bb:59:60:a4:e4:66:a4:35:
bf:df:31:23:7e:25:ae:b1:30:05:c9:e4:de:57:1c:
b8:87:9b:5b:09:ea:a2:a3:0e:61:4a:37:ab:79:af:
d4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:10:C8:6A:72:F7:2C:32:98:58:83:E0:4C:B3:58:0C:3F:0C:6F:A9
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SxDIanL3LDKYWIPgTLNYDD8Mb6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.176.0/22
151.243.208.0/22
Signature Algorithm: sha256WithRSAEncryption
93:73:c2:7d:1b:e6:88:4c:3a:96:2f:a8:ce:ac:59:2c:84:d9:
ca:15:4c:dd:7d:3e:be:1f:44:31:dc:a8:8c:92:62:51:4b:ee:
73:1f:66:a2:68:14:55:d2:79:ca:15:80:f6:a6:c5:99:bc:43:
4d:21:b9:7e:72:d1:4e:79:14:5a:1c:b4:d6:c4:d9:2d:5f:80:
71:9d:13:7f:34:90:bb:9d:62:2b:13:ec:03:a6:79:e7:9d:48:
de:8f:00:e3:dc:35:ab:a2:ab:5b:32:b5:85:51:c0:2a:78:b1:
88:47:f4:d2:b1:0b:2d:ba:86:e0:de:fc:6c:97:86:4e:2e:ce:
59:6f:16:d1:35:d4:8b:96:89:16:27:31:b3:35:00:ed:b2:72:
02:1f:f3:40:e7:bc:14:3b:07:2a:cc:7f:ac:9e:7d:7d:93:46:
bf:11:7e:9a:37:d3:7c:e2:00:e2:d3:f8:ef:f2:04:3b:18:ed:
b4:68:0b:38:e7:a6:6b:bf:cc:9e:4c:e0:e9:89:22:e2:d3:35:
41:2b:5d:c0:8e:0b:36:87:6c:fe:97:93:e6:44:26:15:c2:b5:
8e:3d:d4:96:c3:0e:89:5e:32:1b:b7:a6:b5:7f:a2:78:4c:fb:
b8:2c:ec:1a:c0:8e:0d:b6:fd:e7:fd:cc:59:da:95:69:f5:e1:
95:76:3a:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZY31kLaIVXUXJoUDQP3sHTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDE1MDUwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjEwYzg2YTcyZjcyYzMyOTg1ODgzZTA0Y2IzNTgwYzNmMGM2ZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eJ0s/Wk3w+iOngEwCq75/2wo/MF
SLTsYywQpPT9MgliN8JMMyB5n/Pxdhx/yKDUZlCq7xNRU4/EDrw4W0c5KzJ2KhGm
s6YAv1NFSP6eFHy9BCNOzYS40D0pGLitV00DQdmgun3Z9n0DwBmv22KMb7maw+v5
Yow6HqvjGT7y/2omrEbsffi1zygJY4qMn6Zu609DoY6chfmfyKF+Fz4qjuCmtsQb
WXCXagCzSOao7GtRcBWL98jv3qlHlGGYu6fhe2Mr3eFKRQrTF0tFtxdf+rw9y12V
1qNzu1lgpORmpDW/3zEjfiWusTAFyeTeVxy4h5tbCeqiow5hSjerea/U7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEsQyGpy9ywymFiD4EyzWAw/DG+pMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvU3hESWFuTDNMREtZV0lQZ1RMTllERDhNYjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCl/KwAwQC
l/PQMA0GCSqGSIb3DQEBCwUAA4IBAQCTc8J9G+aITDqWL6jOrFkshNnKFUzdfT6+
H0Qx3KiMkmJRS+5zH2aiaBRV0nnKFYD2psWZvENNIbl+ctFOeRRaHLTWxNktX4Bx
nRN/NJC7nWIrE+wDpnnnnUjejwDj3DWroqtbMrWFUcAqeLGIR/TSsQstuobg3vxs
l4ZOLs5ZbxbRNdSLlokWJzGzNQDtsnICH/NA57wUOwcqzH+snn19k0a/EX6aN9N8
4gDi0/jv8gQ7GO20aAs456Zrv8yeTODpiSLi0zVBK13Ajgs2h2z+l5PmRCYVwrWO
PdSWww6JXjIbt6a1f6J4TPu4LOwawI4Ntv3n/cxZ2pVp9eGVdjqm
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:00:50 2025 by rpki-client