Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/__ammW9XoAC-YhHSpheRLcuGwl4.roa
File: __ammW9XoAC-YhHSpheRLcuGwl4.roa (raw, json)
Hash identifier: V6QMTkjb4UWzGwwy3R5kQiwon5kSq2D60mNJwpHeIsg=
Subject key identifier: FF:F6:A6:99:6F:57:A0:00:BE:62:11:D2:A6:17:91:2D:CB:86:C2:5E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7AEF89CBB3EB5F9E0F25B789335AA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/__ammW9XoAC-YhHSpheRLcuGwl4.roa
Signing time: Wed 01 Jan 2025 21:48:45 +0000
ROA not before: Wed 01 Jan 2025 21:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 153377
IP address blocks: 151.243.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 18:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ae:f8:9c:bb:3e:b5:f9:e0:f2:5b:78:93:35:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fff6a6996f57a000be6211d2a617912dcb86c25e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4c:03:1d:24:91:01:f0:c8:c5:35:7d:f4:7c:
ce:b1:7a:c2:72:c1:db:ae:e6:98:c7:83:ac:58:a8:
77:b7:e4:48:9e:06:58:31:59:2e:c3:02:8e:ea:62:
26:f4:44:d3:61:a5:82:3c:58:03:ee:59:d5:15:01:
39:6f:71:ff:5d:f1:a2:55:70:fc:92:c7:f8:43:7a:
e6:bf:e8:f3:f0:21:38:37:08:e5:7b:cb:59:00:12:
4d:d2:74:e5:53:d1:85:24:68:3f:9c:c2:e0:32:ab:
ef:a6:8c:a3:9a:81:cc:66:73:15:24:7d:cb:12:ba:
bf:8a:7e:1b:81:ef:57:88:0f:54:49:ea:e7:50:35:
63:31:9a:41:b6:55:85:65:ad:63:f3:58:6b:e9:33:
fa:78:ab:81:fb:1f:a4:91:92:b1:58:54:eb:39:8d:
7e:4b:dc:39:02:36:df:78:d2:40:21:5e:46:13:49:
6e:88:18:e7:91:57:86:42:89:f3:4f:4a:06:09:f1:
99:85:f1:23:0e:54:98:7b:cb:eb:ce:96:b8:08:9c:
bd:49:b4:2b:ab:da:f8:85:a0:10:33:2b:15:c9:b6:
f4:4c:60:a6:37:76:d1:2a:dd:53:c3:09:46:d0:10:
1e:c9:8e:2c:03:1a:cc:a4:35:88:2a:a0:fe:32:4c:
2c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F6:A6:99:6F:57:A0:00:BE:62:11:D2:A6:17:91:2D:CB:86:C2:5E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/__ammW9XoAC-YhHSpheRLcuGwl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.244.0/24
Signature Algorithm: sha256WithRSAEncryption
03:43:09:60:bd:61:cf:4b:a7:39:f4:21:a4:b5:02:07:7e:d3:
6c:42:c9:d1:11:ec:9b:77:f4:06:f7:0e:2e:c8:12:db:53:32:
11:85:49:8e:8f:7b:b7:f0:cb:a0:63:02:7b:8e:e8:2f:1a:04:
e0:c0:e5:15:6a:5d:fd:96:1e:9a:34:f1:17:0e:0f:c7:63:e3:
fd:17:49:28:43:9b:ad:8b:e1:c6:7d:8f:97:41:64:20:9f:2d:
dd:28:c1:76:5c:44:c7:be:e4:72:a0:aa:46:1d:96:55:d3:bb:
34:c8:51:e6:b0:df:05:15:eb:16:14:0d:4b:a4:14:92:5b:b5:
27:7e:72:a6:0a:4d:90:73:65:3e:50:f0:97:85:31:3e:25:13:
e8:ea:f0:89:60:2e:94:05:c8:8e:d5:4e:fb:8f:39:97:3c:3a:
b0:52:ee:a1:14:33:39:ba:c1:f5:9b:f5:f9:73:2d:f9:da:16:
e4:fd:4c:f0:c3:93:d6:99:13:19:a8:02:9e:95:05:23:d3:a8:
a5:59:8f:73:6b:e1:c1:28:23:4e:ce:32:8a:ae:01:90:48:0f:
7a:0c:cb:98:43:87:fe:6e:79:49:2f:fb:33:5c:08:80:fd:e8:
5d:d1:c7:c7:39:fd:11:1e:0a:a2:3d:c5:91:79:24:b4:a2:c7:
0f:fe:bb:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1674nLs+tfng8lt4kzWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmY2YTY5OTZmNTdhMDAwYmU2MjExZDJhNjE3OTEyZGNiODZjMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UwDHSSRAfDIxTV99HzOsXrCcsHb
ruaYx4OsWKh3t+RIngZYMVkuwwKO6mIm9ETTYaWCPFgD7lnVFQE5b3H/XfGiVXD8
ksf4Q3rmv+jz8CE4Nwjle8tZABJN0nTlU9GFJGg/nMLgMqvvpoyjmoHMZnMVJH3L
Erq/in4bge9XiA9USernUDVjMZpBtlWFZa1j81hr6TP6eKuB+x+kkZKxWFTrOY1+
S9w5AjbfeNJAIV5GE0luiBjnkVeGQonzT0oGCfGZhfEjDlSYe8vrzpa4CJy9SbQr
q9r4haAQMysVybb0TGCmN3bRKt1TwwlG0BAeyY4sAxrMpDWIKqD+MkwsjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP/2pplvV6AAvmIR0qYXkS3LhsJeMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvX19hbW1XOVhvQUMtWWhIU3BoZVJMY3VHd2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/P0MA0G
CSqGSIb3DQEBCwUAA4IBAQADQwlgvWHPS6c59CGktQIHftNsQsnREeybd/QG9w4u
yBLbUzIRhUmOj3u38MugYwJ7jugvGgTgwOUVal39lh6aNPEXDg/HY+P9F0koQ5ut
i+HGfY+XQWQgny3dKMF2XETHvuRyoKpGHZZV07s0yFHmsN8FFesWFA1LpBSSW7Un
fnKmCk2Qc2U+UPCXhTE+JRPo6vCJYC6UBciO1U77jzmXPDqwUu6hFDM5usH1m/X5
cy352hbk/Uzww5PWmRMZqAKelQUj06ilWY9za+HBKCNOzjKKrgGQSA96DMuYQ4f+
bnlJL/szXAiA/ehd0cfHOf0RHgqiPcWReSS0oscP/rv1
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:50:30 2025 by rpki-client