Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/P09Y5F2Hj10JkjOybJ20CVAmJQs.roa
File: P09Y5F2Hj10JkjOybJ20CVAmJQs.roa (raw, json)
Hash identifier: GZqOwuMKMK7PXgbQH0YtqwERMofxPCpe7ZOEoTlMjcI=
Subject key identifier: 3F:4F:58:E4:5D:87:8F:5D:09:92:33:B2:6C:9D:B4:09:50:26:25:0B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196007B693AE43796F3DB0280F0A8D7361A
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/P09Y5F2Hj10JkjOybJ20CVAmJQs.roa
Signing time: Fri 04 Apr 2025 11:06:49 +0000
ROA not before: Fri 04 Apr 2025 11:06:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 151.240.60.0/23 maxlen: 23
151.242.44.0/24 maxlen: 24
151.242.56.0/24 maxlen: 24
151.242.65.0/24 maxlen: 24
151.242.224.0/22 maxlen: 24
151.242.236.0/22 maxlen: 24
151.243.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Apr 2025 15:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:7b:69:3a:e4:37:96:f3:db:02:80:f0:a8:d7:36:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 4 11:06:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f4f58e45d878f5d099233b26c9db4095026250b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b0:74:aa:4f:2d:2e:1d:84:e5:69:18:9b:fc:
dd:0f:ba:1e:e6:b4:92:ff:1e:3b:b5:4b:88:8c:a2:
12:16:82:c9:9f:2b:db:3b:ae:00:95:d1:54:a2:aa:
e7:0c:21:bc:ab:98:34:18:ce:b5:62:17:77:9d:34:
d9:9e:fb:2e:f2:30:92:b9:26:73:ff:03:3f:7f:d5:
2f:8c:00:24:b7:84:34:a3:04:57:24:6f:08:81:06:
e3:b7:43:ce:3a:3c:cd:da:4d:58:e7:31:c0:7d:0f:
38:ba:53:32:47:20:ea:0c:cf:35:4d:5c:6d:b3:91:
00:45:3f:46:26:6c:7e:f9:da:77:74:9c:24:9d:88:
85:52:81:94:37:a0:0b:b9:a3:76:43:3e:f5:cc:cc:
32:74:82:fc:36:79:10:a9:35:21:eb:87:af:f7:f0:
8c:4e:57:0d:97:fc:5a:14:7f:a5:b0:98:f9:fe:6b:
5c:42:e5:f3:4e:0d:2b:80:31:f9:3e:76:18:c6:56:
d0:a3:93:d3:00:d3:48:76:b8:74:c8:b2:0c:7a:09:
27:71:09:71:af:2d:1c:cf:0c:6b:a0:70:83:52:ee:
7d:e4:56:7c:98:ca:5f:85:bd:0d:31:2e:94:31:19:
87:98:42:2d:13:48:05:45:d8:be:0a:52:16:19:64:
4d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4F:58:E4:5D:87:8F:5D:09:92:33:B2:6C:9D:B4:09:50:26:25:0B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/P09Y5F2Hj10JkjOybJ20CVAmJQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.60.0/23
151.242.44.0/24
151.242.56.0/24
151.242.65.0/24
151.242.224.0/22
151.242.236.0/22
151.243.214.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:97:c0:7c:1a:8c:2a:48:a3:92:59:24:9e:35:44:12:10:b3:
a4:b3:c4:46:3a:94:67:b7:81:fb:1c:68:e8:9f:1a:e9:a2:03:
e5:83:af:a6:b6:1e:62:6c:4e:e3:9c:2a:ce:64:2e:db:43:26:
3f:42:93:8c:ff:a1:b0:f9:f2:31:f0:db:68:cc:7c:f3:b8:cf:
7f:32:1e:5a:3b:9f:6b:e2:52:f4:8c:50:e9:b0:0b:cb:d4:25:
41:04:04:0b:19:27:53:c1:e4:bf:61:24:29:3c:87:0a:83:59:
24:38:b2:b6:33:ff:df:5a:9b:42:2a:bc:1c:eb:91:5c:00:6b:
84:35:3a:41:ce:13:70:75:60:de:6e:1f:f5:58:8c:9e:e1:f2:
28:64:1c:ad:94:2c:e6:f6:09:fc:6e:aa:97:f2:f9:e9:8f:c6:
84:0a:4d:78:1e:67:08:c8:1d:84:4c:29:92:9a:d2:88:e3:a2:
20:b7:4f:85:2a:1f:b4:8a:3e:ab:e7:18:9a:2a:21:3b:9d:3b:
15:c4:48:e7:47:f1:b0:bd:a9:b3:64:8a:0b:96:af:99:56:e6:
2e:14:c2:7c:6b:94:35:74:38:ef:2f:f4:33:ba:87:ad:0b:a7:
8a:4f:90:55:0b:5b:79:f8:a8:b4:bb:42:77:ff:68:79:eb:50:
0e:2c:07:bc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZYAe2k65DeW89sCgPCo1zYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDA0MTEwNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjRmNThlNDVkODc4ZjVkMDk5MjMzYjI2YzlkYjQwOTUwMjYyNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7B0qk8tLh2E5WkYm/zdD7oe5rSS
/x47tUuIjKISFoLJnyvbO64AldFUoqrnDCG8q5g0GM61Yhd3nTTZnvsu8jCSuSZz
/wM/f9UvjAAkt4Q0owRXJG8IgQbjt0POOjzN2k1Y5zHAfQ84ulMyRyDqDM81TVxt
s5EART9GJmx++dp3dJwknYiFUoGUN6ALuaN2Qz71zMwydIL8NnkQqTUh64ev9/CM
TlcNl/xaFH+lsJj5/mtcQuXzTg0rgDH5PnYYxlbQo5PTANNIdrh0yLIMegkncQlx
ry0czwxroHCDUu595FZ8mMpfhb0NMS6UMRmHmEItE0gFRdi+ClIWGWRNwQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFD9PWORdh49dCZIzsmydtAlQJiULMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUDA5WTVGMkhqMTBKa2pPeWJKMjBDVkFtSlFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBl/A8AwQA
l/IsAwQAl/I4AwQAl/JBAwQCl/LgAwQCl/LsAwQAl/PWMA0GCSqGSIb3DQEBCwUA
A4IBAQBal8B8GowqSKOSWSSeNUQSELOks8RGOpRnt4H7HGjonxrpogPlg6+mth5i
bE7jnCrOZC7bQyY/QpOM/6Gw+fIx8NtozHzzuM9/Mh5aO59r4lL0jFDpsAvL1CVB
BAQLGSdTweS/YSQpPIcKg1kkOLK2M//fWptCKrwc65FcAGuENTpBzhNwdWDebh/1
WIye4fIoZBytlCzm9gn8bqqX8vnpj8aECk14HmcIyB2ETCmSmtKI46Igt0+FKh+0
ij6r5xiaKiE7nTsVxEjnR/GwvamzZIoLlq+ZVuYuFMJ8a5Q1dDjvL/QzuoetC6eK
T5BVC1t5+Ki0u0J3/2h561AOLAe8
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:52:13 2025 by rpki-client