Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lmgc2uA8oiyY57basaseTHHFasw.roa
File: lmgc2uA8oiyY57basaseTHHFasw.roa (raw, json)
Hash identifier: 25V4pUUHBfGuahRfrnXO/s1FqMQbDtzSmWrWC/OG/Fw=
Subject key identifier: 96:68:1C:DA:E0:3C:A2:2C:98:E7:B6:DA:B1:AB:1E:4C:71:C5:6A:CC
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195BCAFC19629BB112C6EF1D4CA356B0F8E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lmgc2uA8oiyY57basaseTHHFasw.roa
Signing time: Sat 22 Mar 2025 07:09:49 +0000
ROA not before: Sat 22 Mar 2025 07:09:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137897
IP address blocks: 151.242.36.0/24 maxlen: 24
151.243.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 09:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bc:af:c1:96:29:bb:11:2c:6e:f1:d4:ca:35:6b:0f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 22 07:09:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96681cdae03ca22c98e7b6dab1ab1e4c71c56acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6a:a9:09:97:fa:29:1a:1e:7b:13:2a:ae:ec:
e5:88:86:dc:39:e8:8e:57:5c:a7:13:f3:78:07:fa:
08:aa:1b:cf:af:a2:97:39:e5:80:8d:b7:f3:4f:cf:
a8:6b:65:15:50:0e:17:2f:cc:0a:6f:ac:52:ed:c6:
93:6d:aa:57:a9:4f:33:fd:1d:c9:16:8d:14:af:7b:
99:42:03:d8:5b:fb:42:e1:3d:0a:df:e4:59:64:75:
d9:87:4b:1e:86:06:24:e0:b2:04:9e:78:b8:68:99:
c2:87:02:89:0f:87:52:22:ff:6a:c6:56:be:58:e0:
94:b7:9a:5c:b3:d2:83:fe:35:b4:a9:38:f7:9a:d1:
22:cd:b6:ef:10:6b:84:f7:b0:47:fa:34:49:29:87:
ac:71:8e:1c:64:55:d2:57:9c:00:a4:8a:84:f5:a0:
51:66:42:03:79:e3:44:c6:ea:31:04:bd:e5:34:85:
29:82:2c:cc:c8:d8:9f:a4:c4:56:95:c1:ba:10:76:
7a:8a:b0:7a:64:06:c8:2d:5b:96:5e:ac:df:a9:1e:
b1:d4:38:e9:2f:4f:bc:e1:bf:4c:96:35:4f:4c:8f:
e8:79:be:7d:64:aa:70:30:f8:a3:6b:35:fb:19:12:
c2:74:95:f3:c8:b5:38:36:59:b3:9e:06:af:52:4a:
19:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:68:1C:DA:E0:3C:A2:2C:98:E7:B6:DA:B1:AB:1E:4C:71:C5:6A:CC
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lmgc2uA8oiyY57basaseTHHFasw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.36.0/24
151.243.234.0/24
Signature Algorithm: sha256WithRSAEncryption
23:93:ad:90:bb:6f:17:c5:21:3d:cc:b9:cd:8f:2b:a2:e2:41:
56:58:81:5f:81:89:51:46:7a:a7:aa:5c:6f:6e:de:6a:45:42:
92:26:7a:18:4f:8a:75:c4:7c:54:8a:88:85:ae:ae:41:05:c5:
ad:c1:4b:f9:bd:fe:fd:33:43:f6:13:8e:93:42:15:d6:dc:3b:
1f:dc:40:c9:76:8d:56:8e:dc:59:db:dd:ea:da:58:85:ab:d2:
a4:66:81:49:6b:9d:2f:5a:06:7b:a2:a3:24:1c:e0:24:5b:c8:
a4:5f:eb:ca:d3:7d:87:19:62:6d:8f:03:9e:7d:8e:af:31:b0:
1b:e0:18:fb:34:46:68:a4:8b:2a:92:8f:84:9c:89:52:0f:eb:
73:a2:a5:08:b8:fc:50:95:5e:a4:a5:4d:45:87:bf:ca:03:6e:
e6:81:79:a7:1b:10:e4:1f:66:50:72:47:b3:0c:7b:76:d3:c5:
d9:e0:5c:55:3c:8c:df:41:69:07:58:c0:3c:d8:d8:a5:48:82:
c7:04:f3:2e:d2:c9:48:eb:25:a2:75:c9:75:de:2b:f8:0f:0c:
77:e6:63:80:dc:dc:bf:af:5c:1b:04:41:8a:d0:be:a1:b3:e0:
e9:69:e5:c0:14:1e:b0:fa:35:13:a3:40:4f:53:09:67:d8:21:
44:0d:58:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZW8r8GWKbsRLG7x1Mo1aw+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzIyMDcwOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY4MWNkYWUwM2NhMjJjOThlN2I2ZGFiMWFiMWU0YzcxYzU2YWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmqpCZf6KRoeexMqruzliIbcOeiO
V1ynE/N4B/oIqhvPr6KXOeWAjbfzT8+oa2UVUA4XL8wKb6xS7caTbapXqU8z/R3J
Fo0Ur3uZQgPYW/tC4T0K3+RZZHXZh0sehgYk4LIEnni4aJnChwKJD4dSIv9qxla+
WOCUt5pcs9KD/jW0qTj3mtEizbbvEGuE97BH+jRJKYescY4cZFXSV5wApIqE9aBR
ZkIDeeNExuoxBL3lNIUpgizMyNifpMRWlcG6EHZ6irB6ZAbILVuWXqzfqR6x1Djp
L0+84b9MljVPTI/oeb59ZKpwMPijazX7GRLCdJXzyLU4NlmzngavUkoZRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJZoHNrgPKIsmOe22rGrHkxxxWrMMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbG1nYzJ1QThvaXlZNTdiYXNhc2VUSEhGYXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/IkAwQA
l/PqMA0GCSqGSIb3DQEBCwUAA4IBAQAjk62Qu28XxSE9zLnNjyui4kFWWIFfgYlR
Rnqnqlxvbt5qRUKSJnoYT4p1xHxUioiFrq5BBcWtwUv5vf79M0P2E46TQhXW3Dsf
3EDJdo1WjtxZ293q2liFq9KkZoFJa50vWgZ7oqMkHOAkW8ikX+vK032HGWJtjwOe
fY6vMbAb4Bj7NEZopIsqko+EnIlSD+tzoqUIuPxQlV6kpU1Fh7/KA27mgXmnGxDk
H2ZQckezDHt208XZ4FxVPIzfQWkHWMA82NilSILHBPMu0slI6yWidcl13iv4Dwx3
5mOA3Ny/r1wbBEGK0L6hs+DpaeXAFB6w+jUTo0BPUwln2CFEDViB
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:33:20 2025 by rpki-client