Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/vZcAReP9nwqI-1kRWe4C4hps5Y8.roa
File: vZcAReP9nwqI-1kRWe4C4hps5Y8.roa (raw, json)
Hash identifier: kcuVZ88tu2R36MmXWxfykNpTy+jkgA+XBgDd4Dr9Vpo=
Subject key identifier: BD:97:00:45:E3:FD:9F:0A:88:FB:59:11:59:EE:02:E2:1A:6C:E5:8F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7AA1FA4B4D2179BCDCA89610E9E13
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/vZcAReP9nwqI-1kRWe4C4hps5Y8.roa
Signing time: Wed 01 Jan 2025 21:48:43 +0000
ROA not before: Wed 01 Jan 2025 21:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 151.242.110.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 05:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:aa:1f:a4:b4:d2:17:9b:cd:ca:89:61:0e:9e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd970045e3fd9f0a88fb591159ee02e21a6ce58f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d7:f9:f1:ac:8d:44:8c:8f:37:d2:5c:5c:8d:
57:78:f0:d6:bd:f6:22:44:d4:af:8d:cd:dc:6e:a9:
2c:83:9c:70:e9:c7:a0:f8:d3:df:c5:97:d2:f7:1d:
56:59:e6:8d:7f:7c:ae:01:3b:34:dd:54:f1:ea:1c:
03:13:8f:6e:2b:a3:ac:dd:18:53:ef:53:79:f5:a8:
6f:a9:d4:93:78:f7:66:65:df:62:19:ba:69:99:b2:
75:bc:ec:83:b4:62:fd:a6:b0:40:31:e4:29:f2:46:
05:1c:48:72:4a:07:9c:fc:bc:83:34:7e:79:72:67:
cf:dd:ad:f2:b8:c8:34:a4:ad:27:2a:8a:53:7e:a1:
90:23:40:0f:eb:18:f5:c5:0a:01:d0:9e:66:f6:3b:
55:f3:3e:22:1b:db:26:77:d7:89:43:f6:be:83:a4:
96:07:98:52:0a:44:2f:24:06:69:b3:d7:7c:4d:3e:
41:f0:e8:29:6c:d8:a2:e0:8e:e4:d3:b4:76:ec:f5:
15:da:ed:02:f3:8b:fd:0a:76:1f:16:31:9a:51:26:
bb:e0:c9:63:c0:ad:9b:d6:aa:83:39:94:c0:c8:19:
f9:fa:c1:49:f5:8a:e7:20:d3:f0:f6:23:a4:0a:92:
9a:f0:f5:9f:9e:58:f2:cd:1e:fd:e3:14:01:fa:e0:
13:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:97:00:45:E3:FD:9F:0A:88:FB:59:11:59:EE:02:E2:1A:6C:E5:8F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/vZcAReP9nwqI-1kRWe4C4hps5Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.110.0/24
151.242.117.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:75:63:34:00:1f:52:c6:22:15:5c:10:7f:4d:ef:50:c1:74:
34:14:d6:88:25:cc:6c:0a:03:56:1e:2b:5d:97:96:f7:ad:73:
d7:64:fd:73:76:37:33:51:d5:70:0b:60:d4:d4:5c:47:4d:de:
2d:eb:d5:09:93:1a:11:16:d3:d1:0e:5b:d2:fa:c0:07:4e:25:
3c:cf:c7:24:c1:9e:65:6e:94:56:16:31:89:b5:e4:55:6a:1d:
5f:20:56:d7:de:2a:af:4a:02:79:37:1f:f4:49:ee:70:98:16:
f9:48:d8:0c:52:85:4c:d1:e3:1d:e2:cd:85:f2:2a:40:1c:cd:
7f:06:37:4e:22:42:12:e8:36:c6:04:66:bb:55:60:8b:18:a5:
dd:c5:db:b5:89:6c:86:24:c1:50:23:d6:8f:56:10:06:c1:fa:
c4:33:c4:bf:3d:a5:cb:4f:d6:b5:d4:11:87:6c:20:09:5b:a3:
58:0a:aa:5b:09:e3:26:7b:6b:8c:c9:ea:cc:e3:9c:ae:8d:54:
d5:4e:97:71:7b:79:33:ae:20:bd:09:70:56:25:a1:47:1f:5a:
c1:95:8f:e0:fb:72:92:1d:28:8e:72:86:23:c0:66:8f:fc:b3:
c8:0e:a3:54:c4:a2:5f:9a:9d:5b:e9:15:19:49:be:87:d4:a2:
fc:d9:3f:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj16ofpLTSF5vNyolhDp4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk3MDA0NWUzZmQ5ZjBhODhmYjU5MTE1OWVlMDJlMjFhNmNlNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNf58ayNRIyPN9JcXI1XePDWvfYi
RNSvjc3cbqksg5xw6ceg+NPfxZfS9x1WWeaNf3yuATs03VTx6hwDE49uK6Os3RhT
71N59ahvqdSTePdmZd9iGbppmbJ1vOyDtGL9prBAMeQp8kYFHEhySgec/LyDNH55
cmfP3a3yuMg0pK0nKopTfqGQI0AP6xj1xQoB0J5m9jtV8z4iG9smd9eJQ/a+g6SW
B5hSCkQvJAZps9d8TT5B8OgpbNii4I7k07R27PUV2u0C84v9CnYfFjGaUSa74Mlj
wK2b1qqDOZTAyBn5+sFJ9YrnINPw9iOkCpKa8PWfnljyzR794xQB+uATWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL2XAEXj/Z8KiPtZEVnuAuIabOWPMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdlpjQVJlUDlud3FJLTFrUldlNEM0aHBzNVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/JuAwQA
l/J1MA0GCSqGSIb3DQEBCwUAA4IBAQAcdWM0AB9SxiIVXBB/Te9QwXQ0FNaIJcxs
CgNWHitdl5b3rXPXZP1zdjczUdVwC2DU1FxHTd4t69UJkxoRFtPRDlvS+sAHTiU8
z8ckwZ5lbpRWFjGJteRVah1fIFbX3iqvSgJ5Nx/0Se5wmBb5SNgMUoVM0eMd4s2F
8ipAHM1/BjdOIkIS6DbGBGa7VWCLGKXdxdu1iWyGJMFQI9aPVhAGwfrEM8S/PaXL
T9a11BGHbCAJW6NYCqpbCeMme2uMyerM45yujVTVTpdxe3kzriC9CXBWJaFHH1rB
lY/g+3KSHSiOcoYjwGaP/LPIDqNUxKJfmp1b6RUZSb6H1KL82T+N
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:35:32 2025 by rpki-client