Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mRjaVfEiHwpZ6wh1_IXQ2H_RfZ0.roa
File: mRjaVfEiHwpZ6wh1_IXQ2H_RfZ0.roa (raw, json)
Hash identifier: v48beIu9chjoiFUiCj0RRqM0a3avTT7+7cla5/HPF7I=
Subject key identifier: 99:18:DA:55:F1:22:1F:0A:59:EB:08:75:FC:85:D0:D8:7F:D1:7D:9D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196D58A462158AEBED53BAD8ACD106BAB28
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mRjaVfEiHwpZ6wh1_IXQ2H_RfZ0.roa
Signing time: Thu 15 May 2025 20:02:10 +0000
ROA not before: Thu 15 May 2025 20:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 149573
IP address blocks: 151.242.51.0/24 maxlen: 24
151.243.12.0/24 maxlen: 24
151.243.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 May 2025 14:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d5:8a:46:21:58:ae:be:d5:3b:ad:8a:cd:10:6b:ab:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 15 20:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9918da55f1221f0a59eb0875fc85d0d87fd17d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:86:f4:fd:b1:80:5d:ff:7a:5c:ff:34:45:19:
e8:1f:50:a4:46:93:c7:55:1f:58:36:c2:14:8f:2a:
83:01:7d:78:d8:3d:3f:0a:71:8c:53:3e:e4:dc:bb:
b1:84:14:df:38:37:eb:c3:79:1b:5f:86:1a:42:d1:
50:69:2b:ce:c2:75:5f:3f:05:85:10:c1:c7:6d:df:
a9:63:88:75:f1:bb:dd:d6:de:af:30:3f:f7:ad:24:
35:62:04:68:dd:d0:27:ad:ae:13:ff:a0:a0:bb:f0:
b2:fd:1a:fb:07:ad:2b:48:ba:12:b2:f3:8b:4e:19:
8e:6c:02:fa:8a:d3:76:1a:66:25:de:77:c7:e9:50:
c4:17:ee:b9:14:d8:09:db:ec:1a:2a:a9:b4:17:2e:
94:b0:c6:54:8e:e1:a7:6c:d3:74:64:a7:44:98:31:
de:71:eb:cd:cb:50:96:94:46:a7:8a:c3:a0:97:f4:
14:0f:58:fa:35:98:06:d9:0f:32:00:72:6a:98:fe:
cf:90:cf:da:ed:ee:07:a5:63:ea:33:39:47:73:39:
56:c9:a7:b1:1f:ef:f3:1b:38:77:05:25:20:fc:3c:
25:4b:f1:60:94:81:ac:86:25:3b:4e:b4:43:10:ee:
88:f4:20:57:6c:9a:ab:e2:70:0d:bd:65:17:3b:e2:
cc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:18:DA:55:F1:22:1F:0A:59:EB:08:75:FC:85:D0:D8:7F:D1:7D:9D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mRjaVfEiHwpZ6wh1_IXQ2H_RfZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.51.0/24
151.243.12.0/24
151.243.98.0/24
Signature Algorithm: sha256WithRSAEncryption
89:5f:a2:c2:ff:f4:d6:72:b0:d2:55:57:8c:52:c1:12:f8:b4:
a2:95:94:7f:92:9f:c2:7d:e2:f9:aa:65:0b:53:17:41:db:23:
5b:4e:84:47:34:29:ad:63:b3:9c:28:72:fa:4a:ac:4a:62:35:
91:dc:f5:86:f5:aa:53:13:ee:4f:5d:ab:83:c7:e3:b7:2e:d0:
02:99:41:d9:f2:a5:86:91:3f:0b:02:89:9a:e9:87:d1:ed:d4:
21:87:0e:33:5d:87:37:69:02:86:33:a5:b6:04:fa:41:6b:51:
b5:87:c2:1d:b2:ec:26:fd:8f:d3:73:55:4b:f7:1f:90:de:8e:
89:4f:4d:60:b7:a1:5c:3d:af:64:a6:84:80:6b:85:70:32:30:
de:5f:2d:85:5e:f1:4f:f3:2f:ea:45:f1:2a:77:90:d0:bb:67:
df:3d:4c:a1:59:ad:b6:bc:b7:41:d3:73:86:9b:dd:09:58:42:
05:38:3b:6e:cb:45:89:32:9b:a7:e8:bc:01:e1:e8:ce:8f:e0:
a5:d8:bb:74:7c:0c:89:17:cd:ad:8a:22:aa:be:c1:5f:fe:0f:
3b:af:65:ca:f8:b6:a9:76:ba:50:25:f3:fe:ea:85:25:c3:28:
32:42:93:7c:7f:0d:8a:b5:22:38:a5:2f:92:e9:39:b6:c6:ae:
8a:7d:7e:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZbVikYhWK6+1Tutis0Qa6soMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTE1MjAwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTE4ZGE1NWYxMjIxZjBhNTllYjA4NzVmYzg1ZDBkODdmZDE3ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4b0/bGAXf96XP80RRnoH1CkRpPH
VR9YNsIUjyqDAX142D0/CnGMUz7k3LuxhBTfODfrw3kbX4YaQtFQaSvOwnVfPwWF
EMHHbd+pY4h18bvd1t6vMD/3rSQ1YgRo3dAnra4T/6Cgu/Cy/Rr7B60rSLoSsvOL
ThmObAL6itN2GmYl3nfH6VDEF+65FNgJ2+waKqm0Fy6UsMZUjuGnbNN0ZKdEmDHe
cevNy1CWlEanisOgl/QUD1j6NZgG2Q8yAHJqmP7PkM/a7e4HpWPqMzlHczlWyaex
H+/zGzh3BSUg/DwlS/FglIGshiU7TrRDEO6I9CBXbJqr4nANvWUXO+LMcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJkY2lXxIh8KWesIdfyF0Nh/0X2dMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbVJqYVZmRWlId3BaNndoMV9JWFEySF9SZlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/IzAwQA
l/MMAwQAl/NiMA0GCSqGSIb3DQEBCwUAA4IBAQCJX6LC//TWcrDSVVeMUsES+LSi
lZR/kp/CfeL5qmULUxdB2yNbToRHNCmtY7OcKHL6SqxKYjWR3PWG9apTE+5PXauD
x+O3LtACmUHZ8qWGkT8LAoma6YfR7dQhhw4zXYc3aQKGM6W2BPpBa1G1h8Idsuwm
/Y/Tc1VL9x+Q3o6JT01gt6FcPa9kpoSAa4VwMjDeXy2FXvFP8y/qRfEqd5DQu2ff
PUyhWa22vLdB03OGm90JWEIFODtuy0WJMpun6LwB4ejOj+Cl2Lt0fAyJF82tiiKq
vsFf/g87r2XK+LapdrpQJfP+6oUlwygyQpN8fw2KtSI4pS+S6Tm2xq6KfX6i
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:13:29 2025 by rpki-client