Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/TH4zvB-jF_uiXSxbU7lFzKCGAB4.roa
File: TH4zvB-jF_uiXSxbU7lFzKCGAB4.roa (raw, json)
Hash identifier: qVDwYkcpCd42yf9yDTZ89K3P+MkHedmbgl8YEUwHtq8=
Subject key identifier: 4C:7E:33:BC:1F:A3:17:FB:A2:5D:2C:5B:53:B9:45:CC:A0:86:00:1E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195277214FC79CEFE2E1B4C909FE81B1ECC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/TH4zvB-jF_uiXSxbU7lFzKCGAB4.roa
Signing time: Fri 21 Feb 2025 07:39:02 +0000
ROA not before: Fri 21 Feb 2025 07:39:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 151.242.64.0/24 maxlen: 24
151.243.57.0/24 maxlen: 24
151.243.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 16:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:72:14:fc:79:ce:fe:2e:1b:4c:90:9f:e8:1b:1e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 21 07:39:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c7e33bc1fa317fba25d2c5b53b945cca086001e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c8:b2:e6:8d:49:31:a3:ac:c4:36:91:10:9a:
0b:54:41:9d:07:a7:04:b2:69:b6:57:b4:87:c2:27:
4d:9d:43:38:c8:db:d0:f0:28:cd:de:1d:68:3a:5c:
7f:5a:b4:c2:d6:0c:8e:f6:b7:0e:b3:26:79:1f:ef:
65:05:38:d3:ad:57:67:4d:43:38:a4:a9:86:77:b8:
3f:de:b4:1d:2a:a6:6d:2c:86:0a:95:a3:39:11:91:
3c:dd:4d:b2:80:5a:e4:33:bc:d3:e8:30:13:1f:f4:
37:a8:c9:63:3e:d5:ee:bc:f9:d7:ec:91:8c:31:b6:
0f:0b:34:8e:d2:08:d8:f3:22:ed:fb:19:66:c3:95:
c4:09:b2:da:c4:bd:25:3a:b4:95:47:b6:51:54:df:
cb:46:1a:1f:2a:9d:39:c2:5d:16:54:f9:aa:8c:29:
0a:9d:28:34:3b:3f:16:d1:fe:45:99:8b:70:33:50:
23:6f:46:c3:f8:77:9a:b3:92:8d:66:c0:b1:2e:8a:
07:8d:e2:9e:ae:18:6d:d0:30:f1:65:ef:a0:dd:90:
29:bf:64:ff:ac:dd:27:6f:2e:38:6e:f9:88:b5:cc:
a4:85:80:07:58:43:14:e0:df:cd:46:ab:6e:b6:6e:
24:23:c4:86:14:94:65:41:fe:8c:e8:e0:af:e0:47:
a3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:7E:33:BC:1F:A3:17:FB:A2:5D:2C:5B:53:B9:45:CC:A0:86:00:1E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/TH4zvB-jF_uiXSxbU7lFzKCGAB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.64.0/24
151.243.57.0/24
151.243.80.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:5a:15:52:9c:f2:27:ec:05:04:39:e5:e5:17:04:75:bd:ea:
df:97:83:ce:a9:02:cc:62:b3:4a:f9:b8:6a:6e:6b:a8:72:06:
4f:61:29:e4:80:24:21:00:fb:ea:5f:57:5d:76:a4:fb:43:d2:
83:a6:64:ed:6e:3e:40:10:ce:ad:80:08:15:1d:ad:8e:f5:72:
ee:57:3a:b0:10:ce:9e:55:43:86:aa:c8:cf:ea:04:a1:bd:46:
68:ce:35:fd:7e:b1:44:dd:9b:8a:3e:f4:19:54:9c:0f:64:f4:
ec:c3:a1:89:2a:3d:e7:52:d1:59:53:13:62:85:80:bc:26:03:
53:ff:32:19:ca:5c:93:67:8a:31:5a:70:1b:c4:81:59:c8:99:
12:46:30:5b:6c:8d:e4:ec:c7:ed:7c:cd:a3:a7:de:dd:4e:aa:
d2:d9:e1:e9:70:0a:12:06:77:27:20:9a:3f:a0:03:28:8b:47:
ec:91:f3:0b:33:ee:0b:bb:f4:34:6e:4e:65:59:c5:8f:c4:75:
cc:65:01:cf:24:df:5b:e6:63:59:bd:d1:11:cc:29:af:be:bf:
28:5c:64:59:45:c8:51:9f:6c:01:83:35:3d:1c:ca:66:d1:3e:
2e:58:f3:93:c5:55:f4:31:95:5b:f7:23:3f:c6:c0:af:85:a0:
a3:0f:40:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUnchT8ec7+LhtMkJ/oGx7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjIxMDczOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzdlMzNiYzFmYTMxN2ZiYTI1ZDJjNWI1M2I5NDVjY2EwODYwMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssiy5o1JMaOsxDaREJoLVEGdB6cE
smm2V7SHwidNnUM4yNvQ8CjN3h1oOlx/WrTC1gyO9rcOsyZ5H+9lBTjTrVdnTUM4
pKmGd7g/3rQdKqZtLIYKlaM5EZE83U2ygFrkM7zT6DATH/Q3qMljPtXuvPnX7JGM
MbYPCzSO0gjY8yLt+xlmw5XECbLaxL0lOrSVR7ZRVN/LRhofKp05wl0WVPmqjCkK
nSg0Oz8W0f5FmYtwM1Ajb0bD+Heas5KNZsCxLooHjeKerhht0DDxZe+g3ZApv2T/
rN0nby44bvmItcykhYAHWEMU4N/NRqtutm4kI8SGFJRlQf6M6OCv4EejQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEx+M7wfoxf7ol0sW1O5RcyghgAeMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVEg0enZCLWpGX3VpWFN4YlU3bEZ6S0NHQUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/JAAwQA
l/M5AwQAl/NQMA0GCSqGSIb3DQEBCwUAA4IBAQBMWhVSnPIn7AUEOeXlFwR1verf
l4POqQLMYrNK+bhqbmuocgZPYSnkgCQhAPvqX1dddqT7Q9KDpmTtbj5AEM6tgAgV
Ha2O9XLuVzqwEM6eVUOGqsjP6gShvUZozjX9frFE3ZuKPvQZVJwPZPTsw6GJKj3n
UtFZUxNihYC8JgNT/zIZylyTZ4oxWnAbxIFZyJkSRjBbbI3k7MftfM2jp97dTqrS
2eHpcAoSBncnIJo/oAMoi0fskfMLM+4Lu/Q0bk5lWcWPxHXMZQHPJN9b5mNZvdER
zCmvvr8oXGRZRchRn2wBgzU9HMpm0T4uWPOTxVX0MZVb9yM/xsCvhaCjD0AC
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:38:48 2025 by rpki-client