Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hGRTCu-REJVr0R0RjloSbZ8Z67c.roa
File: hGRTCu-REJVr0R0RjloSbZ8Z67c.roa (raw, json)
Hash identifier: uUgKLnGySzGQ7ka1e2cTDNYqkt3GT49cYOVlXkF93Ng=
Subject key identifier: 84:64:53:0A:EF:91:10:95:6B:D1:1D:11:8E:5A:12:6D:9F:19:EB:B7
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196944F0E73C5FBCDBBF2106889960C3C92
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hGRTCu-REJVr0R0RjloSbZ8Z67c.roa
Signing time: Sat 03 May 2025 04:02:11 +0000
ROA not before: Sat 03 May 2025 04:02:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 149573
IP address blocks: 151.243.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 May 2025 10:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:94:4f:0e:73:c5:fb:cd:bb:f2:10:68:89:96:0c:3c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 3 04:02:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8464530aef9110956bd11d118e5a126d9f19ebb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f8:97:e8:e8:43:95:26:93:ff:ab:2e:c6:4c:
8e:6c:bb:8e:77:70:54:ba:4b:9e:9a:40:ea:52:54:
50:71:a2:48:43:33:80:d1:3e:3f:a3:a3:17:b7:47:
73:92:92:ba:f7:52:4a:ae:51:53:d2:99:61:76:c2:
bf:f4:7c:8f:d2:c5:43:3b:51:bf:f6:64:f1:69:1e:
b3:37:ee:ee:88:f7:b2:5d:cb:f5:91:dd:76:ce:96:
89:d9:db:9e:68:f7:55:6d:66:45:4d:e7:72:ec:f9:
d2:2c:63:c7:97:2e:b6:78:02:3a:03:5e:69:c7:08:
20:40:05:3f:e1:1e:a3:97:9d:ae:4f:02:9a:35:72:
3d:87:1f:29:b8:ac:6c:2a:5d:28:99:3d:7e:d7:5e:
70:ea:d5:55:89:44:00:77:5a:a0:6c:c2:ca:83:4d:
2c:9e:cf:20:01:f4:d2:3e:11:0d:0c:66:97:56:f2:
62:b9:65:b2:a8:3d:db:ab:71:63:07:37:e9:fd:18:
d7:01:9d:36:cf:27:95:74:03:53:f0:e7:31:3e:a8:
53:30:52:2d:3f:db:46:c0:86:40:73:c5:76:03:6b:
95:66:3a:8d:5b:48:4c:0d:98:0e:8f:26:7c:cc:84:
11:a7:bd:99:b4:3d:66:c0:9d:00:76:a0:07:06:2d:
bd:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:64:53:0A:EF:91:10:95:6B:D1:1D:11:8E:5A:12:6D:9F:19:EB:B7
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hGRTCu-REJVr0R0RjloSbZ8Z67c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.12.0/24
Signature Algorithm: sha256WithRSAEncryption
03:52:6b:05:86:c4:7f:02:f4:87:14:17:0e:e7:ee:f5:2d:87:
26:6f:1e:2e:de:26:35:cd:af:e5:31:c0:ec:27:50:1f:2e:22:
3b:20:96:b1:d8:9d:f0:31:e4:4f:5d:1d:07:16:79:5b:01:6f:
bd:c7:ea:12:46:7b:09:ab:5e:6d:ca:87:c2:df:ed:e3:41:cd:
56:c4:3d:ad:4f:b4:14:41:cc:60:e4:69:2a:f9:9b:6a:e1:41:
b6:41:0d:e0:75:0c:dd:00:2e:fc:c9:8f:23:b5:c6:f7:9f:12:
03:e3:90:41:c2:c7:14:fd:59:33:3e:31:b0:35:f5:99:35:e5:
92:36:92:d6:25:01:93:2c:9b:5f:d3:71:e7:7f:da:f8:9e:a1:
c6:f3:bd:62:5b:10:1f:3b:28:c5:5e:71:25:fc:f8:be:b4:0c:
70:1f:3d:ca:b1:8f:e6:00:77:f5:0e:c0:d4:07:78:57:1d:2d:
af:d3:b5:dd:d0:86:a0:57:f3:07:ca:97:98:23:e5:a0:b7:43:
4f:89:68:9d:5f:e9:e0:8c:ba:cf:0a:01:c5:4d:fa:a4:11:a3:
23:00:aa:1e:6c:de:3b:18:7a:49:ba:2d:c6:22:d7:33:4c:77:
80:12:9b:19:bc:4f:7d:54:78:df:3a:0f:b6:1d:f0:c9:e5:1e:
99:33:61:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaUTw5zxfvNu/IQaImWDDySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTAzMDQwMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDY0NTMwYWVmOTExMDk1NmJkMTFkMTE4ZTVhMTI2ZDlmMTllYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuviX6OhDlSaT/6suxkyObLuOd3BU
ukuemkDqUlRQcaJIQzOA0T4/o6MXt0dzkpK691JKrlFT0plhdsK/9HyP0sVDO1G/
9mTxaR6zN+7uiPeyXcv1kd12zpaJ2dueaPdVbWZFTedy7PnSLGPHly62eAI6A15p
xwggQAU/4R6jl52uTwKaNXI9hx8puKxsKl0omT1+115w6tVViUQAd1qgbMLKg00s
ns8gAfTSPhENDGaXVvJiuWWyqD3bq3FjBzfp/RjXAZ02zyeVdANT8OcxPqhTMFIt
P9tGwIZAc8V2A2uVZjqNW0hMDZgOjyZ8zIQRp72ZtD1mwJ0AdqAHBi29QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRkUwrvkRCVa9EdEY5aEm2fGeu3MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvaEdSVEN1LVJFSlZyMFIwUmpsb1NiWjhaNjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/MMMA0G
CSqGSIb3DQEBCwUAA4IBAQADUmsFhsR/AvSHFBcO5+71LYcmbx4u3iY1za/lMcDs
J1AfLiI7IJax2J3wMeRPXR0HFnlbAW+9x+oSRnsJq15tyofC3+3jQc1WxD2tT7QU
Qcxg5Gkq+Ztq4UG2QQ3gdQzdAC78yY8jtcb3nxID45BBwscU/VkzPjGwNfWZNeWS
NpLWJQGTLJtf03Hnf9r4nqHG871iWxAfOyjFXnEl/Pi+tAxwHz3KsY/mAHf1DsDU
B3hXHS2v07Xd0IagV/MHypeYI+Wgt0NPiWidX+ngjLrPCgHFTfqkEaMjAKoebN47
GHpJui3GItczTHeAEpsZvE99VHjfOg+2HfDJ5R6ZM2E0
-----END CERTIFICATE-----
Generated at Sat Jun 7 06:29:46 2025 by rpki-client