Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/uMBMgvd0FO50Ckc0g3N5MZdFbYM.roa
File: uMBMgvd0FO50Ckc0g3N5MZdFbYM.roa (raw, json)
Hash identifier: nKPUP+emNE7bhnbratQvOhEKPT46by3h3vXPsmjpiGI=
Subject key identifier: B8:C0:4C:82:F7:74:14:EE:74:0A:47:34:83:73:79:31:97:45:6D:83
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198507ADDB3962469ABB4C3D46E7DEC945D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/uMBMgvd0FO50Ckc0g3N5MZdFbYM.roa
Signing time: Mon 28 Jul 2025 10:01:26 +0000
ROA not before: Mon 28 Jul 2025 10:01:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137235
IP address blocks: 151.243.15.0/24 maxlen: 24
151.243.255.0/24 maxlen: 24
151.244.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Aug 2025 10:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:7a:dd:b3:96:24:69:ab:b4:c3:d4:6e:7d:ec:94:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 28 10:01:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8c04c82f77414ee740a47348373793197456d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:07:9b:4c:fc:e5:de:d8:22:d3:4a:32:f6:08:
e5:28:49:e2:13:a4:58:42:6f:76:02:2a:11:bb:10:
a4:6d:74:a3:e0:64:72:d3:e3:c0:2f:49:1f:d3:b3:
44:ad:62:97:20:23:6d:e8:f4:e9:37:9e:b5:2a:72:
f2:fc:56:ae:8f:96:f3:83:00:73:d7:42:06:5d:cc:
53:8b:8f:71:27:d5:44:99:b9:e7:8a:0d:f7:a6:1f:
17:96:ae:2a:90:e4:08:59:5a:ee:f2:df:f8:6b:2a:
d7:a3:6c:5d:c0:2f:cc:91:6f:fa:86:45:80:8b:1b:
49:8f:fa:40:6c:57:fb:cc:7e:e2:2e:65:f7:7b:b8:
03:d2:b3:07:00:24:9b:47:84:f0:6b:72:7f:67:f4:
a8:83:6c:bb:91:e8:5f:2e:09:09:39:49:a9:b0:af:
a7:af:bb:4d:af:e7:4f:aa:93:a0:32:d9:36:05:81:
16:be:28:59:9a:29:3e:e0:90:ee:6a:eb:08:5e:40:
c5:85:0a:c6:9e:00:d4:6d:5e:0e:b7:d7:04:c3:33:
0b:46:66:ad:20:3e:5c:8e:c3:5d:f7:e2:ab:de:55:
33:fa:50:fb:1d:11:63:ee:1a:e3:39:53:24:5c:bb:
f7:a4:35:40:ba:c4:d0:13:a8:6b:c2:04:88:97:1d:
31:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C0:4C:82:F7:74:14:EE:74:0A:47:34:83:73:79:31:97:45:6D:83
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/uMBMgvd0FO50Ckc0g3N5MZdFbYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.15.0/24
151.243.255.0/24
151.244.247.0/24
Signature Algorithm: sha256WithRSAEncryption
25:74:dc:fb:28:69:26:12:99:f4:2d:2d:d9:dc:8e:31:27:39:
a8:8e:f1:f7:11:da:4f:dc:a7:2e:c4:da:a1:0e:58:46:f5:6b:
39:14:e6:5c:0d:f2:fa:f0:02:0c:fe:24:aa:e9:e6:01:e9:8d:
4e:78:ce:80:d1:76:3e:70:5f:b7:7c:0b:8b:c2:e9:1e:a4:74:
2a:ef:f1:49:2d:49:50:39:ff:9a:28:f6:30:a5:31:01:3f:8a:
18:3a:88:63:86:c1:b8:81:0d:fe:49:72:fa:c2:e1:f1:5f:bc:
90:18:ef:0c:0a:5e:98:f1:3f:da:21:29:3e:6f:64:bf:cf:4c:
a9:02:fc:5b:6e:d0:52:26:fd:62:1a:ed:91:ad:eb:cd:87:d0:
48:8c:4e:c5:b8:7e:b7:0f:fc:7f:ce:ba:57:03:f9:da:ba:5e:
aa:0f:7b:46:f9:27:0a:53:8d:0d:bf:ca:b7:c3:c1:94:92:48:
24:ab:98:b6:c3:99:cd:ff:99:c0:23:b6:19:69:65:46:3d:21:
84:93:ce:3a:64:10:54:6b:c3:b9:39:ca:ba:36:ba:f1:59:5f:
7e:85:53:9c:fd:5d:05:06:6e:b7:27:62:12:59:43:36:a9:f5:
51:63:74:b9:32:2c:b5:d0:b7:0f:23:bd:44:28:48:9b:17:66:
a1:a5:0b:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZhQet2zliRpq7TD1G597JRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzI4MTAwMTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGMwNGM4MmY3NzQxNGVlNzQwYTQ3MzQ4MzczNzkzMTk3NDU2ZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4webTPzl3tgi00oy9gjlKEniE6RY
Qm92AioRuxCkbXSj4GRy0+PAL0kf07NErWKXICNt6PTpN561KnLy/Fauj5bzgwBz
10IGXcxTi49xJ9VEmbnnig33ph8Xlq4qkOQIWVru8t/4ayrXo2xdwC/MkW/6hkWA
ixtJj/pAbFf7zH7iLmX3e7gD0rMHACSbR4Twa3J/Z/Sog2y7kehfLgkJOUmpsK+n
r7tNr+dPqpOgMtk2BYEWvihZmik+4JDuausIXkDFhQrGngDUbV4Ot9cEwzMLRmat
ID5cjsNd9+Kr3lUz+lD7HRFj7hrjOVMkXLv3pDVAusTQE6hrwgSIlx0xMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLjATIL3dBTudApHNINzeTGXRW2DMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdU1CTWd2ZDBGTzUwQ2tjMGczTjVNWmRGYllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/MPAwQA
l/P/AwQAl/T3MA0GCSqGSIb3DQEBCwUAA4IBAQAldNz7KGkmEpn0LS3Z3I4xJzmo
jvH3EdpP3KcuxNqhDlhG9Ws5FOZcDfL68AIM/iSq6eYB6Y1OeM6A0XY+cF+3fAuL
wukepHQq7/FJLUlQOf+aKPYwpTEBP4oYOohjhsG4gQ3+SXL6wuHxX7yQGO8MCl6Y
8T/aISk+b2S/z0ypAvxbbtBSJv1iGu2RrevNh9BIjE7FuH63D/x/zrpXA/naul6q
D3tG+ScKU40Nv8q3w8GUkkgkq5i2w5nN/5nAI7YZaWVGPSGEk846ZBBUa8O5Ocq6
NrrxWV9+hVOc/V0FBm63J2ISWUM2qfVRY3S5Miy10LcPI71EKEibF2ahpQvT
-----END CERTIFICATE-----
Generated at Sun Aug 10 03:55:37 2025 by rpki-client