Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/toY0eEuvm7SNwrSdcoRXzXcYgD0.roa
File: toY0eEuvm7SNwrSdcoRXzXcYgD0.roa (raw, json)
Hash identifier: lkVPXwmhJ69Q/kjn9cwqKl5s3rmzdoaqELrl3B9GneY=
Subject key identifier: B6:86:34:78:4B:AF:9B:B4:8D:C2:B4:9D:72:84:57:CD:77:18:80:3D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019590C08152B08C6021D31B3E19887027BD
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/toY0eEuvm7SNwrSdcoRXzXcYgD0.roa
Signing time: Thu 13 Mar 2025 18:24:49 +0000
ROA not before: Thu 13 Mar 2025 18:24:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138195
IP address blocks: 151.242.22.0/24 maxlen: 24
151.243.143.0/24 maxlen: 24
151.243.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Mar 2025 19:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:c0:81:52:b0:8c:60:21:d3:1b:3e:19:88:70:27:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 13 18:24:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b68634784baf9bb48dc2b49d728457cd7718803d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d4:26:97:da:79:ba:d2:51:f8:fc:ad:0c:eb:
5e:3c:a9:f1:e0:ec:93:26:20:c0:71:35:37:89:40:
57:62:d2:fe:c4:ca:01:3b:31:2d:70:c8:a3:1c:e9:
a2:ed:18:7b:cf:1c:10:e5:84:c2:47:e8:d2:ff:62:
02:7c:ce:c6:c8:44:53:aa:54:75:e9:da:bc:79:ad:
f5:e1:aa:14:5b:d4:c4:fe:9e:76:34:14:71:7c:32:
7e:35:80:b8:da:8a:0a:c3:5c:da:0f:c8:f1:49:5a:
36:c4:58:74:e0:22:c4:97:31:17:8a:3f:1c:b0:94:
9b:dc:16:b5:07:30:83:66:ee:63:c2:10:b8:d4:0b:
d9:9a:b5:46:fd:3c:6b:97:09:87:27:df:7c:e9:3a:
45:64:60:b1:20:ae:72:0a:51:7f:d6:c7:b0:1c:05:
8e:a2:59:5f:34:cc:0c:bf:d6:12:60:41:9c:bc:39:
9f:7f:3a:44:a8:00:99:f3:36:7f:39:5d:0c:6c:85:
37:82:9b:2b:dc:7f:8f:52:5e:c8:95:e2:07:28:a4:
a1:77:63:ff:ed:a6:e2:03:c0:ac:f2:c7:14:57:81:
7d:76:2a:3d:8c:d6:98:70:e6:3d:52:55:63:bc:c6:
f2:27:a6:ee:28:2e:83:93:34:b8:20:fb:64:f1:96:
4e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:86:34:78:4B:AF:9B:B4:8D:C2:B4:9D:72:84:57:CD:77:18:80:3D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/toY0eEuvm7SNwrSdcoRXzXcYgD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.22.0/24
151.243.143.0/24
151.243.175.0/24
Signature Algorithm: sha256WithRSAEncryption
06:9e:fa:81:8a:f5:6f:94:9f:8d:b8:29:5a:65:7f:59:1f:a3:
37:71:1d:ed:b9:cd:9a:a4:0c:2f:50:57:b1:fe:c1:18:15:6b:
70:80:7a:d4:6b:6e:9a:75:98:93:4c:bb:79:04:e5:ff:11:05:
7e:5e:96:cb:27:31:15:14:02:a6:fa:54:ec:c2:48:5d:f3:ea:
e8:3d:39:4f:0a:85:a3:50:41:55:77:5c:3e:10:91:c0:4e:32:
3c:56:92:92:60:b9:3c:b7:f7:ac:91:d4:1b:52:11:bb:e7:12:
10:6d:89:1c:14:c6:99:7d:fc:bc:3e:6c:01:91:8a:88:e8:b5:
20:80:13:e2:64:40:07:14:df:2c:9b:75:0f:20:1a:c6:1c:75:
25:cf:a6:7d:6e:92:c2:aa:33:23:ea:b6:40:66:5f:10:e1:7a:
c7:80:31:c5:bd:92:b0:0a:f7:33:9b:67:52:ec:82:21:8f:ae:
6e:2b:73:a7:bc:a6:73:b8:3b:e5:4a:fe:9a:53:9d:78:25:67:
97:32:d4:3c:be:27:1d:3e:4e:af:80:b9:56:e8:4a:7a:10:fe:
7b:f1:6b:0b:cd:80:6b:1d:4f:7b:b1:55:55:e7:31:7d:65:7b:
af:3f:60:e6:16:5f:f6:8c:2e:42:b9:9a:71:15:8e:fd:d3:15:
12:a4:8c:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZWQwIFSsIxgIdMbPhmIcCe9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzEzMTgyNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjg2MzQ3ODRiYWY5YmI0OGRjMmI0OWQ3Mjg0NTdjZDc3MTg4MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdQml9p5utJR+PytDOtePKnx4OyT
JiDAcTU3iUBXYtL+xMoBOzEtcMijHOmi7Rh7zxwQ5YTCR+jS/2ICfM7GyERTqlR1
6dq8ea314aoUW9TE/p52NBRxfDJ+NYC42ooKw1zaD8jxSVo2xFh04CLElzEXij8c
sJSb3Ba1BzCDZu5jwhC41AvZmrVG/TxrlwmHJ9986TpFZGCxIK5yClF/1sewHAWO
ollfNMwMv9YSYEGcvDmffzpEqACZ8zZ/OV0MbIU3gpsr3H+PUl7IleIHKKShd2P/
7abiA8Cs8scUV4F9dio9jNaYcOY9UlVjvMbyJ6buKC6DkzS4IPtk8ZZO5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLaGNHhLr5u0jcK0nXKEV813GIA9MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdG9ZMGVFdXZtN1NOd3JTZGNvUlh6WGNZZ0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/IWAwQA
l/OPAwQAl/OvMA0GCSqGSIb3DQEBCwUAA4IBAQAGnvqBivVvlJ+NuClaZX9ZH6M3
cR3tuc2apAwvUFex/sEYFWtwgHrUa26adZiTTLt5BOX/EQV+XpbLJzEVFAKm+lTs
wkhd8+roPTlPCoWjUEFVd1w+EJHATjI8VpKSYLk8t/eskdQbUhG75xIQbYkcFMaZ
ffy8PmwBkYqI6LUggBPiZEAHFN8sm3UPIBrGHHUlz6Z9bpLCqjMj6rZAZl8Q4XrH
gDHFvZKwCvczm2dS7IIhj65uK3OnvKZzuDvlSv6aU514JWeXMtQ8vicdPk6vgLlW
6Ep6EP578WsLzYBrHU97sVVV5zF9ZXuvP2DmFl/2jC5CuZpxFY790xUSpIx3
-----END CERTIFICATE-----
Generated at Fri Apr 11 08:37:28 2025 by rpki-client