Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/udKKkOEQYtIIBlTl2Guhqgj6lPs.roa
File: udKKkOEQYtIIBlTl2Guhqgj6lPs.roa (raw, json)
Hash identifier: mF7br+/mdeEa6dCv4pstdWu9znjgfGyhS/O6pBwJwek=
Subject key identifier: B9:D2:8A:90:E1:10:62:D2:08:06:54:E5:D8:6B:A1:AA:08:FA:94:FB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019C8026C0137F1AC23C445AD6E653CD4A57
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/udKKkOEQYtIIBlTl2Guhqgj6lPs.roa
Signing time: Sat 21 Feb 2026 12:22:28 +0000
ROA not before: Sat 21 Feb 2026 12:22:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 151.240.29.0/24 maxlen: 24
151.240.146.0/24 maxlen: 24
151.240.169.0/24 maxlen: 24
151.242.101.0/24 maxlen: 24
151.242.105.0/24 maxlen: 24
151.242.143.0/24 maxlen: 24
151.243.138.0/23 maxlen: 24
151.243.144.0/23 maxlen: 24
151.243.178.0/23 maxlen: 24
151.245.60.0/24 maxlen: 24
151.245.226.0/23 maxlen: 24
151.246.164.0/23 maxlen: 24
151.246.246.0/23 maxlen: 24
151.246.250.0/23 maxlen: 24
151.247.137.0/24 maxlen: 24
151.247.161.0/24 maxlen: 24
151.247.165.0/24 maxlen: 24
151.247.177.0/24 maxlen: 24
151.247.250.0/24 maxlen: 24
151.247.253.0/24 maxlen: 24
151.247.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Mar 2026 10:35:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:80:26:c0:13:7f:1a:c2:3c:44:5a:d6:e6:53:cd:4a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 21 12:22:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b9d28a90e11062d2080654e5d86ba1aa08fa94fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:bc:cb:5e:0d:fa:6d:3a:f9:57:00:f5:2f:a6:
2b:90:59:04:4e:bf:dd:d6:0a:13:25:e1:df:83:87:
6d:cb:0e:0a:c8:b7:8b:bb:29:6a:45:7e:f7:e5:bc:
fd:7b:33:d8:57:4a:51:70:86:db:2b:c9:07:03:e3:
4c:09:58:06:e4:3f:ca:c1:e6:a6:99:3f:b7:5c:bf:
b2:55:ae:e0:4b:28:5d:5b:d6:24:38:b3:96:2b:98:
36:49:b7:cd:dc:f4:4b:b1:b4:b0:97:36:bc:5d:fd:
2e:3a:d5:ba:89:59:9f:13:f0:b1:7d:d8:f2:55:1b:
3f:36:fe:ca:69:47:f5:86:df:1a:09:a1:3f:66:a4:
a4:fa:71:d3:39:9d:87:a7:70:46:e8:4e:58:ca:82:
bb:18:4b:44:2f:81:5e:cc:95:09:6c:3d:51:0c:79:
fc:4c:f6:9d:26:1d:cf:42:7c:6e:af:b3:c2:5b:fc:
8a:10:4d:c2:60:e1:38:77:d0:c0:95:fa:94:7b:8c:
78:0a:4b:3c:5f:c7:00:55:e4:b5:5b:b5:93:2a:09:
35:96:e7:6d:17:e4:98:fd:01:2d:83:6e:f3:72:75:
aa:b3:a9:e0:f2:b7:66:9f:91:33:2f:15:76:c8:d1:
d3:72:f3:80:56:45:77:32:b7:27:87:b3:10:32:22:
2a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D2:8A:90:E1:10:62:D2:08:06:54:E5:D8:6B:A1:AA:08:FA:94:FB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/udKKkOEQYtIIBlTl2Guhqgj6lPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.29.0/24
151.240.146.0/24
151.240.169.0/24
151.242.101.0/24
151.242.105.0/24
151.242.143.0/24
151.243.138.0/23
151.243.144.0/23
151.243.178.0/23
151.245.60.0/24
151.245.226.0/23
151.246.164.0/23
151.246.246.0/23
151.246.250.0/23
151.247.137.0/24
151.247.161.0/24
151.247.165.0/24
151.247.177.0/24
151.247.250.0/24
151.247.253.0-151.247.254.255
Signature Algorithm: sha256WithRSAEncryption
2a:40:a3:08:be:83:32:56:cb:b0:5d:1d:3e:f7:46:7d:27:30:
53:d9:d0:38:19:59:ab:9d:cc:d4:cc:6c:0b:ed:b8:24:09:28:
b6:5b:60:00:56:d7:fa:26:08:60:8e:ca:23:22:95:97:27:45:
05:b7:d3:a7:f0:45:60:e0:9b:2d:ed:fc:f8:75:e3:77:bb:44:
3b:3e:71:76:92:13:9a:83:f1:31:9e:b8:16:21:f8:f8:bb:a4:
06:99:86:38:05:9b:50:2b:0d:f0:e1:9c:bf:db:02:80:92:db:
0d:33:93:c5:c5:63:b4:47:c2:74:ad:37:b1:2f:b2:1f:26:99:
cf:9c:4a:d9:c9:91:c5:cd:89:e5:6f:62:ce:dc:53:66:ce:cc:
86:5d:4c:08:5d:ed:23:ea:48:04:8c:b1:fc:95:b5:7e:5d:aa:
87:b6:f1:12:61:b7:5e:d4:6c:b0:5b:b4:ee:45:4c:55:ec:25:
3c:cc:27:78:09:72:e0:78:02:84:1e:e1:89:01:b1:95:b4:71:
b9:7a:dd:5a:e9:f9:3f:48:f3:3a:03:d7:35:47:06:d5:54:97:
a0:e7:b1:d3:12:db:27:db:ab:d9:8a:1f:81:d0:3f:97:8c:d0:
56:18:ef:60:1f:f9:76:4d:f3:d0:6a:5a:5e:eb:a6:5c:e6:38:
b4:1d:a8:e9
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZyAJsATfxrCPERa1uZTzUpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMjIxMTIyMjI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQyOGE5MGUxMTA2MmQyMDgwNjU0ZTVkODZiYTFhYTA4ZmE5NGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rzLXg36bTr5VwD1L6YrkFkETr/d
1goTJeHfg4dtyw4KyLeLuylqRX735bz9ezPYV0pRcIbbK8kHA+NMCVgG5D/Kweam
mT+3XL+yVa7gSyhdW9YkOLOWK5g2SbfN3PRLsbSwlza8Xf0uOtW6iVmfE/Cxfdjy
VRs/Nv7KaUf1ht8aCaE/ZqSk+nHTOZ2Hp3BG6E5YyoK7GEtEL4FezJUJbD1RDHn8
TPadJh3PQnxur7PCW/yKEE3CYOE4d9DAlfqUe4x4Cks8X8cAVeS1W7WTKgk1ludt
F+SY/QEtg27zcnWqs6ng8rdmn5EzLxV2yNHTcvOAVkV3Mrcnh7MQMiIqLwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFLnSipDhEGLSCAZU5dhroaoI+pT7MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdWRLS2tPRVFZdElJQmxUbDJHdWhxZ2o2bFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBACX
8B0DBACX8JIDBACX8KkDBACX8mUDBACX8mkDBACX8o8DBAGX84oDBAGX85ADBAGX
87IDBACX9TwDBAGX9eIDBAGX9qQDBAGX9vYDBAGX9voDBACX94kDBACX96EDBACX
96UDBACX97EDBACX9/owDAMEAJf3/QMEAJf3/jANBgkqhkiG9w0BAQsFAAOCAQEA
KkCjCL6DMlbLsF0dPvdGfScwU9nQOBlZq53M1MxsC+24JAkotltgAFbX+iYIYI7K
IyKVlydFBbfTp/BFYOCbLe38+HXjd7tEOz5xdpITmoPxMZ64FiH4+LukBpmGOAWb
UCsN8OGcv9sCgJLbDTOTxcVjtEfCdK03sS+yHyaZz5xK2cmRxc2J5W9iztxTZs7M
hl1MCF3tI+pIBIyx/JW1fl2qh7bxEmG3XtRssFu07kVMVewlPMwneAly4HgChB7h
iQGxlbRxuXrdWun5P0jzOgPXNUcG1VSXoOex0xLbJ9ur2YofgdA/l4zQVhjvYB/5
dk3z0GpaXuumXOY4tB2o6Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:08:10 2026 by rpki-client