Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/YzIaPvoBEKEtHMYAGq1g9mrn02g.roa
File: YzIaPvoBEKEtHMYAGq1g9mrn02g.roa (raw, json)
Hash identifier: M0oFH8GpFQspb7MR43hjUSef4kUPVeAOFVUxEiBXIbg=
Subject key identifier: 63:32:1A:3E:FA:01:10:A1:2D:1C:C6:00:1A:AD:60:F6:6A:E7:D3:68
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196A433A914D3A96DCBEA0C993AEB1DB0AA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/YzIaPvoBEKEtHMYAGq1g9mrn02g.roa
Signing time: Tue 06 May 2025 06:06:11 +0000
ROA not before: Tue 06 May 2025 06:06:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 151.242.15.0/24 maxlen: 24
151.242.23.0/24 maxlen: 24
151.242.40.0/24 maxlen: 24
151.242.73.0/24 maxlen: 24
151.242.74.0/24 maxlen: 24
151.242.75.0/24 maxlen: 24
151.242.76.0/24 maxlen: 24
151.242.77.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.80.0/24 maxlen: 24
151.242.81.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
151.242.170.0/24 maxlen: 24
151.242.171.0/24 maxlen: 24
151.242.172.0/24 maxlen: 24
151.242.173.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.4.0/24 maxlen: 24
151.243.5.0/24 maxlen: 24
151.243.35.0/24 maxlen: 24
151.243.38.0/24 maxlen: 24
151.243.41.0/24 maxlen: 24
151.243.52.0/24 maxlen: 24
151.243.53.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.244.5.0/24 maxlen: 24
151.244.6.0/24 maxlen: 24
151.244.56.0/24 maxlen: 24
151.244.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 May 2025 13:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:33:a9:14:d3:a9:6d:cb:ea:0c:99:3a:eb:1d:b0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 6 06:06:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63321a3efa0110a12d1cc6001aad60f66ae7d368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bd:77:fc:56:a9:be:90:e7:d6:1f:77:19:49:
96:c9:b0:0c:95:d9:e8:db:b6:e2:35:d4:5d:67:73:
47:81:c9:9c:59:de:04:de:4d:84:6d:5e:d9:a5:7a:
8d:1b:69:a8:d8:6c:4d:43:5e:15:a3:a5:ff:ff:29:
d7:bd:bc:ce:f3:c9:af:eb:5f:ee:c6:5b:e7:05:30:
32:68:e9:9b:63:00:9a:fc:72:df:94:83:0f:c8:6d:
bc:15:3f:2f:be:d7:06:ac:b9:dd:6a:c5:7a:ae:1c:
8e:e4:12:63:b8:d1:08:4a:fa:9f:6e:2e:37:b0:32:
8e:1d:a9:73:69:5b:f9:85:fe:6f:55:ce:a2:f9:db:
b8:22:ca:4a:a6:39:24:ec:61:e7:93:30:9f:2f:7e:
2c:c9:a4:9c:71:c4:ab:8e:ac:06:4b:41:99:39:ca:
e9:a6:e5:78:cb:f5:81:98:44:e8:0d:c4:0a:05:19:
2b:72:ac:75:78:a1:8d:c1:e1:58:0b:52:df:2a:eb:
ba:59:be:f7:f4:e4:0d:51:98:32:de:85:3c:d7:d1:
55:2e:f5:29:a6:c0:53:c5:ca:12:85:22:6b:34:1c:
25:f2:e7:9a:a7:af:ac:ad:5a:95:59:b7:a6:1c:98:
93:67:41:12:2e:32:a4:9c:e0:92:97:7d:d7:96:c4:
86:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:32:1A:3E:FA:01:10:A1:2D:1C:C6:00:1A:AD:60:F6:6A:E7:D3:68
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/YzIaPvoBEKEtHMYAGq1g9mrn02g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.15.0/24
151.242.23.0/24
151.242.40.0/24
151.242.73.0-151.242.82.255
151.242.170.0-151.242.173.255
151.242.242.0/24
151.243.4.0/23
151.243.35.0/24
151.243.38.0/24
151.243.41.0/24
151.243.52.0/23
151.243.115.0/24
151.243.120.0/24
151.244.4.0-151.244.6.255
151.244.56.0/24
151.244.58.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:1f:1e:28:e4:33:c7:fc:dc:4c:cd:c2:73:25:77:75:44:69:
c0:5c:8d:60:87:29:ed:f7:d7:d9:3c:7d:cf:0b:1c:6f:1b:5f:
2f:85:78:31:f2:2f:c6:85:ba:7a:80:ba:93:0e:6d:4e:ef:9d:
72:7c:c7:f9:c8:66:c8:5f:be:ae:63:35:b8:7a:32:9e:ed:d9:
d3:18:6d:f5:a1:b7:1c:de:07:56:f0:25:e2:c9:f4:2c:c0:5b:
e4:88:14:44:31:f3:a3:f3:be:26:eb:ee:e3:93:3e:18:05:d3:
e9:77:25:46:b6:70:59:72:7e:89:5f:d4:08:80:c9:95:ae:75:
ac:f1:f8:18:1c:fa:98:e6:6e:87:31:92:2b:8c:86:5b:a1:09:
ce:e3:00:3e:ce:fe:72:ff:24:25:65:f4:5e:ec:8a:bf:3d:62:
fe:8e:54:53:3e:5e:20:b9:99:e9:88:6d:af:3a:72:7e:3b:da:
e9:a0:6a:a9:3d:5d:e8:57:48:4e:b7:09:08:19:69:1a:be:c0:
b1:1c:71:60:b6:6a:cb:cf:55:65:ac:ee:24:32:bc:ab:da:ff:
9e:89:85:2a:ee:d6:0e:78:f6:b4:8c:2d:ae:a4:4a:c3:ab:ee:
35:52:fd:00:4b:89:cd:a4:45:69:c2:cf:39:3c:16:d8:06:f9:
2d:e7:59:9a
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZakM6kU06lty+oMmTrrHbCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA2MDYwNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzMyMWEzZWZhMDExMGExMmQxY2M2MDAxYWFkNjBmNjZhZTdkMzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi713/FapvpDn1h93GUmWybAMldno
27biNdRdZ3NHgcmcWd4E3k2EbV7ZpXqNG2mo2GxNQ14Vo6X//ynXvbzO88mv61/u
xlvnBTAyaOmbYwCa/HLflIMPyG28FT8vvtcGrLndasV6rhyO5BJjuNEISvqfbi43
sDKOHalzaVv5hf5vVc6i+du4IspKpjkk7GHnkzCfL34syaScccSrjqwGS0GZOcrp
puV4y/WBmEToDcQKBRkrcqx1eKGNweFYC1LfKuu6Wb739OQNUZgy3oU819FVLvUp
psBTxcoShSJrNBwl8ueap6+srVqVWbemHJiTZ0ESLjKknOCSl33XlsSGdQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFGMyGj76ARChLRzGABqtYPZq59NoMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWXpJYVB2b0JFS0V0SE1ZQUdxMWc5bXJuMDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAl/IP
AwQAl/IXAwQAl/IoMAwDBACX8kkDBACX8lIwDAMEAZfyqgMEAZfyrAMEAJfy8gME
AZfzBAMEAJfzIwMEAJfzJgMEAJfzKQMEAZfzNAMEAJfzcwMEAJfzeDAMAwQCl/QE
AwQAl/QGAwQAl/Q4AwQAl/Q6MA0GCSqGSIb3DQEBCwUAA4IBAQCsHx4o5DPH/NxM
zcJzJXd1RGnAXI1ghynt99fZPH3PCxxvG18vhXgx8i/Ghbp6gLqTDm1O751yfMf5
yGbIX76uYzW4ejKe7dnTGG31obcc3gdW8CXiyfQswFvkiBREMfOj874m6+7jkz4Y
BdPpdyVGtnBZcn6JX9QIgMmVrnWs8fgYHPqY5m6HMZIrjIZboQnO4wA+zv5y/yQl
ZfRe7Iq/PWL+jlRTPl4guZnpiG2vOnJ+O9rpoGqpPV3oV0hOtwkIGWkavsCxHHFg
tmrLz1VlrO4kMryr2v+eiYUq7tYOePa0jC2upErDq+41Uv0AS4nNpEVpws85PBbY
Bvkt51ma
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:54:04 2025 by rpki-client