Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1h_vRi6JBFfUSLG-BAZMSQZr8B8.roa
File: 1h_vRi6JBFfUSLG-BAZMSQZr8B8.roa (raw, json)
Hash identifier: J0RsuBUTf9Q0osIcBkveGKF+GDPFd2Fjw3YT0KIlYiU=
Subject key identifier: D6:1F:EF:46:2E:89:04:57:D4:48:B1:BE:04:06:4C:49:06:6B:F0:1F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019504A8C0CFED0F7249FFD03196DFCD1DD3
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1h_vRi6JBFfUSLG-BAZMSQZr8B8.roa
Signing time: Fri 14 Feb 2025 13:32:02 +0000
ROA not before: Fri 14 Feb 2025 13:32:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 151.242.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Feb 2025 07:38:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:04:a8:c0:cf:ed:0f:72:49:ff:d0:31:96:df:cd:1d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 14 13:32:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d61fef462e890457d448b1be04064c49066bf01f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d6:89:34:0b:4a:47:fd:d0:2c:78:b8:bc:02:
92:0e:a4:c7:09:98:bd:30:d0:81:cd:c5:b6:61:92:
69:cb:ff:7b:f9:95:12:ab:7b:7f:31:45:ed:2e:05:
82:52:07:c0:c7:a9:18:05:98:67:57:f9:1b:09:50:
5d:1c:ed:c4:60:11:c7:b7:7b:26:8d:5f:79:e0:a8:
48:10:56:54:11:a6:30:26:a5:75:5a:ed:8b:33:4f:
b2:8c:d1:cc:24:27:48:c6:55:d1:7e:a0:e7:ba:7b:
a5:8f:10:d9:a9:64:7b:09:cc:f2:86:48:a6:41:e1:
ff:38:1b:a4:2f:1c:6c:98:4b:4b:cd:a4:97:e4:f7:
07:a0:75:68:ae:7b:f5:6a:41:a7:16:0e:70:3a:95:
e8:33:a4:06:7a:cc:5f:e2:c8:9f:b5:a1:ab:8d:07:
a3:49:65:bb:9b:b5:e3:dd:3d:c7:e4:65:39:29:a0:
55:61:9c:e2:e9:2b:39:f7:ec:c9:57:b2:a1:fd:cc:
fb:87:0a:3f:8d:a5:ed:70:29:2f:3c:21:0c:28:8d:
29:64:47:c2:99:2c:e5:13:c8:7d:3a:7f:d0:0c:e1:
be:10:39:bc:4f:33:98:e0:55:73:3c:0c:0b:17:23:
ff:3f:d2:c9:03:06:be:c2:24:3a:4f:41:e2:e7:7b:
eb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1F:EF:46:2E:89:04:57:D4:48:B1:BE:04:06:4C:49:06:6B:F0:1F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1h_vRi6JBFfUSLG-BAZMSQZr8B8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.64.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:bd:bd:13:ea:3e:b9:c2:c5:72:73:f3:08:1e:2e:db:25:93:
73:37:98:8d:49:54:7a:d3:bc:72:ca:d6:c9:c3:20:6a:92:05:
2b:5e:e5:ec:31:7e:80:98:2b:3c:7c:9d:b8:8b:7d:b9:e2:62:
43:a6:86:b7:c9:01:ad:5b:39:a4:a0:43:43:59:40:86:1b:a8:
ff:aa:8e:06:a7:9e:74:56:a5:3c:80:92:1c:88:b3:1a:0b:05:
d7:eb:75:0d:ee:e5:9c:ac:0a:01:a8:47:27:3d:f4:75:45:61:
f7:fe:c6:67:cc:60:aa:7b:bc:26:b0:f7:7c:58:ad:02:7c:49:
09:13:ed:71:e0:c7:47:2c:b4:ae:1e:a7:99:6b:d9:72:17:22:
5e:12:e9:bf:6f:85:5b:74:99:d8:87:6b:9a:e3:ba:57:b4:8c:
ed:8e:14:af:80:0b:39:01:1c:c0:0a:0e:bd:44:d9:03:0f:75:
55:2d:94:e9:75:5a:8b:6b:8e:42:ea:0c:60:13:bb:c3:cd:0e:
9f:9e:00:b4:7c:cf:0f:2c:be:e9:d3:6b:e1:24:0d:2f:a8:4a:
eb:46:b7:a3:2e:fd:28:56:6d:2a:71:2e:a5:a0:67:b1:b0:4b:
1c:a7:55:22:d5:66:26:b8:fa:f6:41:35:1b:9a:8f:6d:68:f4:
93:df:7e:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUEqMDP7Q9ySf/QMZbfzR3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjE0MTMzMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjFmZWY0NjJlODkwNDU3ZDQ0OGIxYmUwNDA2NGM0OTA2NmJmMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdaJNAtKR/3QLHi4vAKSDqTHCZi9
MNCBzcW2YZJpy/97+ZUSq3t/MUXtLgWCUgfAx6kYBZhnV/kbCVBdHO3EYBHHt3sm
jV954KhIEFZUEaYwJqV1Wu2LM0+yjNHMJCdIxlXRfqDnunuljxDZqWR7Cczyhkim
QeH/OBukLxxsmEtLzaSX5PcHoHVornv1akGnFg5wOpXoM6QGesxf4siftaGrjQej
SWW7m7Xj3T3H5GU5KaBVYZzi6Ss59+zJV7Kh/cz7hwo/jaXtcCkvPCEMKI0pZEfC
mSzlE8h9On/QDOG+EDm8TzOY4FVzPAwLFyP/P9LJAwa+wiQ6T0Hi53vr4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYf70YuiQRX1EixvgQGTEkGa/AfMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMWhfdlJpNkpCRmZVU0xHLUJBWk1TUVpyOEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/JAMA0G
CSqGSIb3DQEBCwUAA4IBAQCtvb0T6j65wsVyc/MIHi7bJZNzN5iNSVR607xyytbJ
wyBqkgUrXuXsMX6AmCs8fJ24i3254mJDpoa3yQGtWzmkoENDWUCGG6j/qo4Gp550
VqU8gJIciLMaCwXX63UN7uWcrAoBqEcnPfR1RWH3/sZnzGCqe7wmsPd8WK0CfEkJ
E+1x4MdHLLSuHqeZa9lyFyJeEum/b4VbdJnYh2ua47pXtIztjhSvgAs5ARzACg69
RNkDD3VVLZTpdVqLa45C6gxgE7vDzQ6fngC0fM8PLL7p02vhJA0vqErrRrejLv0o
Vm0qcS6loGexsEscp1Ui1WYmuPr2QTUbmo9taPST337v
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:29:32 2025 by rpki-client