Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sh8-eHtdrtpduJ55puDGsyA7uZg.roa
File: sh8-eHtdrtpduJ55puDGsyA7uZg.roa (raw, json)
Hash identifier: 7fllN54aJHzwmbrvSLch7+osQHv47fJ4u8X9LTpi954=
Subject key identifier: B2:1F:3E:78:7B:5D:AE:DA:5D:B8:9E:79:A6:E0:C6:B3:20:3B:B9:98
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019668427FFE5073C6F6890820F4F76F17CD
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sh8-eHtdrtpduJ55puDGsyA7uZg.roa
Signing time: Thu 24 Apr 2025 14:45:10 +0000
ROA not before: Thu 24 Apr 2025 14:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132978
IP address blocks: 151.243.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 May 2025 10:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:42:7f:fe:50:73:c6:f6:89:08:20:f4:f7:6f:17:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 24 14:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b21f3e787b5daeda5db89e79a6e0c6b3203bb998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:61:b3:80:fc:15:5f:12:57:aa:b3:32:97:a6:
a0:fa:50:cf:18:e5:48:02:ab:95:e3:13:44:22:7b:
e2:61:43:12:be:8c:31:77:2f:6d:b6:40:4a:44:a6:
be:51:c8:4e:87:72:41:db:f7:2e:5f:90:7c:77:c3:
ee:2b:d4:d5:57:a5:10:43:fc:17:9a:d4:8d:c0:03:
d1:1a:d9:72:78:03:ee:7b:87:af:7c:e2:7c:75:4d:
2c:76:73:a0:53:e1:05:24:24:85:2c:e7:96:0e:03:
6c:47:a7:fe:79:5f:c8:f4:84:25:13:af:59:b5:52:
56:18:1b:cf:3b:d9:80:d9:42:fe:4f:bc:37:d4:b6:
a4:df:a1:ad:56:f6:64:54:39:f5:4c:52:08:0a:07:
5c:fb:ad:95:3d:47:29:b2:ff:87:62:79:be:35:04:
c4:c9:ac:cc:36:32:86:6d:3b:39:fd:c8:d5:1c:01:
0f:d1:3e:f8:61:51:f8:41:da:a1:6d:60:c9:21:53:
14:19:be:7c:0f:d2:4c:f0:d4:81:74:2a:b0:a7:4b:
ea:97:24:15:92:05:13:0e:be:02:41:1b:52:01:2a:
f0:8f:20:53:c3:75:a5:06:aa:3f:06:4c:70:36:59:
00:54:c7:32:ff:57:ee:53:5c:58:3a:9a:15:32:93:
8a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1F:3E:78:7B:5D:AE:DA:5D:B8:9E:79:A6:E0:C6:B3:20:3B:B9:98
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sh8-eHtdrtpduJ55puDGsyA7uZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.146.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:ae:98:c2:97:74:25:29:aa:ce:37:b1:4d:a8:87:b0:fb:a4:
96:92:21:87:d0:10:fd:29:90:6d:7c:df:79:8d:fc:11:9c:f2:
4c:96:26:9b:e0:98:63:6f:da:14:51:f2:88:fc:9d:4c:96:52:
06:65:f1:92:aa:3e:39:22:4b:5a:ca:25:7e:f6:78:43:f3:d3:
00:b1:f0:36:9f:2a:e5:f2:56:d8:83:31:a2:16:65:22:f8:90:
c7:77:10:12:5c:e8:51:77:a0:15:91:11:8e:e2:31:b2:2b:d8:
3c:17:2f:b4:6b:8c:c8:7e:0e:0b:e0:cb:02:e2:25:ea:bf:6d:
6f:33:c3:f4:6a:17:cd:a5:18:bc:bc:0f:7d:fe:93:38:e7:75:
01:8e:b1:f9:e8:79:87:a2:22:1b:90:49:43:94:7b:b2:03:b8:
56:32:31:c5:b0:a5:76:d8:33:12:f1:f0:07:04:ba:7b:99:e7:
7e:5e:c6:46:10:89:40:f2:a5:2f:18:ad:8a:a9:45:dc:0f:42:
fd:01:7b:71:cc:bc:38:b6:73:fe:4f:cd:af:57:f4:18:01:73:
11:64:06:50:54:c3:61:ff:da:77:6a:97:c8:9c:3d:f7:b9:9e:
b3:31:2a:32:4c:89:ee:2b:67:b3:fa:6f:19:c7:47:c6:5f:8e:
c3:e1:9e:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZoQn/+UHPG9okIIPT3bxfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI0MTQ0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjFmM2U3ODdiNWRhZWRhNWRiODllNzlhNmUwYzZiMzIwM2JiOTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWGzgPwVXxJXqrMyl6ag+lDPGOVI
AquV4xNEInviYUMSvowxdy9ttkBKRKa+UchOh3JB2/cuX5B8d8PuK9TVV6UQQ/wX
mtSNwAPRGtlyeAPue4evfOJ8dU0sdnOgU+EFJCSFLOeWDgNsR6f+eV/I9IQlE69Z
tVJWGBvPO9mA2UL+T7w31Lak36GtVvZkVDn1TFIICgdc+62VPUcpsv+HYnm+NQTE
yazMNjKGbTs5/cjVHAEP0T74YVH4QdqhbWDJIVMUGb58D9JM8NSBdCqwp0vqlyQV
kgUTDr4CQRtSASrwjyBTw3WlBqo/BkxwNlkAVMcy/1fuU1xYOpoVMpOKrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIfPnh7Xa7aXbieeabgxrMgO7mYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvc2g4LWVIdGRydHBkdUo1NXB1REdzeUE3dVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/OSMA0G
CSqGSIb3DQEBCwUAA4IBAQCbrpjCl3QlKarON7FNqIew+6SWkiGH0BD9KZBtfN95
jfwRnPJMliab4Jhjb9oUUfKI/J1MllIGZfGSqj45IktayiV+9nhD89MAsfA2nyrl
8lbYgzGiFmUi+JDHdxASXOhRd6AVkRGO4jGyK9g8Fy+0a4zIfg4L4MsC4iXqv21v
M8P0ahfNpRi8vA99/pM453UBjrH56HmHoiIbkElDlHuyA7hWMjHFsKV22DMS8fAH
BLp7med+XsZGEIlA8qUvGK2KqUXcD0L9AXtxzLw4tnP+T82vV/QYAXMRZAZQVMNh
/9p3apfInD33uZ6zMSoyTInuK2ez+m8Zx0fGX47D4Z4O
-----END CERTIFICATE-----
Generated at Fri May 2 22:47:27 2025 by rpki-client