Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kZUYJFGhimE6sK1PuEAuRxb4Izo.roa
File: kZUYJFGhimE6sK1PuEAuRxb4Izo.roa (raw, json)
Hash identifier: hTM9rs9CvnJX0Qez1V3+Pyk0HYbPqOeW9JhssU5Sieo=
Subject key identifier: 91:95:18:24:51:A1:8A:61:3A:B0:AD:4F:B8:40:2E:47:16:F8:23:3A
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7AC836F7135FED043FF476D58EA1D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kZUYJFGhimE6sK1PuEAuRxb4Izo.roa
Signing time: Wed 01 Jan 2025 21:48:44 +0000
ROA not before: Wed 01 Jan 2025 21:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23470
IP address blocks: 151.243.137.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 Jan 2025 04:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ac:83:6f:71:35:fe:d0:43:ff:47:6d:58:ea:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9195182451a18a613ab0ad4fb8402e4716f8233a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:fc:83:e3:ed:f1:f2:ab:19:5b:71:39:ff:62:
bc:42:d9:81:e7:22:49:b6:34:8e:83:49:47:79:55:
8c:34:ae:04:3c:52:8c:ad:fd:1b:e5:62:7e:3b:0d:
4a:69:72:00:68:62:f4:bf:71:bf:76:43:33:b4:39:
65:90:a4:6c:40:a3:66:f6:ed:6c:86:dc:ab:e2:42:
76:a8:67:0f:b7:f2:67:b4:50:b4:b6:9c:3d:8f:ce:
a7:ca:cf:57:e3:c1:bb:db:bc:30:46:b8:22:84:ba:
3e:ce:8c:33:b8:2a:35:8a:ce:32:ec:3e:8b:1c:70:
50:67:b1:8a:65:78:7a:fb:0e:c6:49:f5:45:f3:bd:
3b:42:3e:e3:a0:75:10:ce:9c:2f:a6:10:97:3e:47:
a0:81:6e:53:9b:6e:dd:39:10:aa:f3:96:27:0f:0e:
9c:68:25:bf:85:42:49:92:2e:59:ef:26:0b:2c:fe:
6c:0c:70:3f:c5:7d:ae:b2:ed:6d:1a:2e:1a:10:6f:
08:d3:58:18:37:af:cf:3f:fb:ef:96:47:89:3b:66:
d0:db:24:70:6d:d1:37:f0:73:8b:be:14:96:ee:9a:
4a:ca:93:39:f0:58:1c:05:f0:65:9c:e2:52:6d:66:
28:7f:50:d1:34:4e:6b:0d:b8:c5:90:21:79:22:13:
11:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:95:18:24:51:A1:8A:61:3A:B0:AD:4F:B8:40:2E:47:16:F8:23:3A
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kZUYJFGhimE6sK1PuEAuRxb4Izo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.137.0/24
151.243.162.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:78:19:6c:02:72:46:48:b5:22:04:9f:80:91:ea:ee:36:6a:
f3:10:1d:2e:c3:c1:63:58:a8:5f:5c:f6:72:2a:04:7d:8a:e8:
53:cd:fd:15:91:a1:0c:4a:7e:19:35:a6:87:9a:17:ed:85:0c:
be:06:c5:b2:83:22:cc:09:5e:b5:4f:0b:d9:99:18:9e:6e:d4:
ec:7a:9c:d4:3a:b1:92:64:5d:d9:9f:a1:4a:e9:07:3d:ab:20:
32:6e:80:2b:7a:45:c7:3f:69:17:c8:94:26:32:29:4f:d5:6b:
dc:2c:8c:3e:8e:af:b3:82:d3:47:ed:4b:b9:c6:94:7c:41:1f:
a0:68:6b:a3:5d:8a:57:ff:2f:6e:1d:01:12:0c:92:6e:63:c9:
17:6d:4c:9b:e8:55:29:54:17:95:42:89:95:cf:5e:62:cb:99:
55:6a:a5:ac:07:32:81:70:9f:75:9e:07:e6:3d:c1:b0:7f:ff:
f8:30:ff:f9:0c:35:09:cb:73:ca:39:a9:39:99:47:1d:79:43:
a7:bd:26:9a:1d:35:cb:7c:6b:20:0b:ee:f4:8c:0e:d3:65:58:
5a:82:ef:76:91:00:d6:19:49:ce:62:0c:ce:83:57:43:71:cc:
5b:99:4e:b3:01:1e:d8:66:97:6c:c3:82:46:8c:61:19:05:1d:
57:3b:4c:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj16yDb3E1/tBD/0dtWOodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTk1MTgyNDUxYTE4YTYxM2FiMGFkNGZiODQwMmU0NzE2ZjgyMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+PyD4+3x8qsZW3E5/2K8QtmB5yJJ
tjSOg0lHeVWMNK4EPFKMrf0b5WJ+Ow1KaXIAaGL0v3G/dkMztDllkKRsQKNm9u1s
htyr4kJ2qGcPt/JntFC0tpw9j86nys9X48G727wwRrgihLo+zowzuCo1is4y7D6L
HHBQZ7GKZXh6+w7GSfVF8707Qj7joHUQzpwvphCXPkeggW5Tm27dORCq85YnDw6c
aCW/hUJJki5Z7yYLLP5sDHA/xX2usu1tGi4aEG8I01gYN6/PP/vvlkeJO2bQ2yRw
bdE38HOLvhSW7ppKypM58FgcBfBlnOJSbWYof1DRNE5rDbjFkCF5IhMRBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJGVGCRRoYphOrCtT7hALkcW+CM6MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEva1pVWUpGR2hpbUU2c0sxUHVFQXVSeGI0SXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/OJAwQA
l/OiMA0GCSqGSIb3DQEBCwUAA4IBAQCNeBlsAnJGSLUiBJ+AkeruNmrzEB0uw8Fj
WKhfXPZyKgR9iuhTzf0VkaEMSn4ZNaaHmhfthQy+BsWygyLMCV61TwvZmRiebtTs
epzUOrGSZF3Zn6FK6Qc9qyAyboArekXHP2kXyJQmMilP1WvcLIw+jq+zgtNH7Uu5
xpR8QR+gaGujXYpX/y9uHQESDJJuY8kXbUyb6FUpVBeVQomVz15iy5lVaqWsBzKB
cJ91ngfmPcGwf//4MP/5DDUJy3PKOak5mUcdeUOnvSaaHTXLfGsgC+70jA7TZVha
gu92kQDWGUnOYgzOg1dDccxbmU6zAR7YZpdsw4JGjGEZBR1XO0zc
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:44:28 2025 by rpki-client