Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xh1VcthgKq-ldKNrJ4tKWXx_y8o.roa
File: xh1VcthgKq-ldKNrJ4tKWXx_y8o.roa (raw, json)
Hash identifier: Q/VvJ3L55xx87ZYKTh2afyJl8vC2BmjasW7SoUGsiYk=
Subject key identifier: C6:1D:55:72:D8:60:2A:AF:A5:74:A3:6B:27:8B:4A:59:7C:7F:CB:CA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01963D10C40D8D3DAF6189A6D7D7D793160D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xh1VcthgKq-ldKNrJ4tKWXx_y8o.roa
Signing time: Wed 16 Apr 2025 05:27:11 +0000
ROA not before: Wed 16 Apr 2025 05:27:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 151.242.40.0/24 maxlen: 24
151.242.170.0/24 maxlen: 24
151.242.171.0/24 maxlen: 24
151.242.172.0/24 maxlen: 24
151.242.173.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.4.0/24 maxlen: 24
151.243.5.0/24 maxlen: 24
151.243.52.0/24 maxlen: 24
151.243.53.0/24 maxlen: 24
151.243.60.0/24 maxlen: 24
151.243.61.0/24 maxlen: 24
151.243.62.0/24 maxlen: 24
151.243.63.0/24 maxlen: 24
151.243.88.0/24 maxlen: 24
151.243.89.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 26 Apr 2025 12:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:10:c4:0d:8d:3d:af:61:89:a6:d7:d7:d7:93:16:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 16 05:27:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c61d5572d8602aafa574a36b278b4a597c7fcbca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:10:38:b8:db:d7:4e:a2:a3:78:3c:39:02:7e:
40:a9:76:d4:25:70:36:d7:65:27:36:18:10:3a:12:
95:31:e9:3b:5b:72:af:b3:a5:67:00:44:3e:7c:60:
f2:f7:d7:89:5b:66:66:3c:48:fb:a0:bc:f1:5c:09:
37:92:35:65:d9:32:a3:d1:43:76:75:ec:e9:7e:82:
d8:b9:83:1c:24:5a:ab:aa:11:43:27:1b:01:8d:6a:
bd:6c:21:75:30:f8:53:75:ac:95:10:c8:d2:eb:b5:
56:bd:16:cf:75:e2:83:b5:4c:fb:60:b4:88:b9:4e:
e5:46:af:8c:37:f3:4a:f8:03:71:06:8c:81:1a:55:
e9:8a:44:1c:0e:47:15:f1:22:55:19:9b:aa:0f:e8:
b9:6a:ff:27:74:ce:9c:6d:c9:0e:bd:1b:f1:82:23:
b2:50:eb:4b:73:76:5e:2d:3c:3b:62:7f:48:40:46:
76:d9:ab:cc:bd:41:c2:1d:bc:b5:3c:a4:20:81:2a:
ad:fb:1a:7f:31:3c:5a:3b:9c:5c:0e:61:04:e0:06:
4c:a0:92:67:42:26:2d:8a:db:3b:75:5d:b4:34:13:
17:76:73:62:30:91:0f:1e:be:5d:45:d9:a2:29:de:
1e:05:dc:43:5c:70:1e:89:fb:ed:1d:c7:3f:49:33:
db:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1D:55:72:D8:60:2A:AF:A5:74:A3:6B:27:8B:4A:59:7C:7F:CB:CA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xh1VcthgKq-ldKNrJ4tKWXx_y8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.40.0/24
151.242.170.0-151.242.173.255
151.242.242.0/24
151.243.4.0/23
151.243.52.0/23
151.243.60.0/22
151.243.88.0/23
151.243.115.0/24
151.243.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:34:e0:c4:fb:9c:92:29:1c:00:a2:67:7d:3a:60:83:bb:b0:
b8:4e:95:a5:08:7a:0e:58:d7:e7:3a:bc:7a:0d:82:b5:dc:ad:
3c:37:ec:d9:39:04:d2:25:fe:2c:cc:bc:79:3d:0e:68:4a:64:
40:47:f9:c6:67:23:5c:e6:7a:bc:14:8e:28:f7:73:1b:e3:31:
3f:94:11:40:4c:85:92:f8:9d:38:42:9d:7c:a6:8e:47:d4:a0:
a1:6b:a5:ec:c4:d7:88:7f:0d:34:01:13:a9:88:28:d2:ec:d0:
c0:55:47:fd:e3:8b:a9:2d:bd:2a:07:79:21:ec:68:bf:2e:02:
52:df:58:69:fe:1d:fc:d5:2b:2e:84:72:93:dd:de:b0:70:15:
cd:18:ec:10:b7:94:d2:da:ea:1f:8e:83:8b:d1:bc:8f:00:7b:
15:05:a3:ed:ba:f7:42:5b:f8:fd:f6:c2:95:59:ea:1b:e2:42:
69:bb:97:82:92:c6:ae:30:ec:53:eb:a3:e8:9a:98:59:df:08:
08:64:1d:b2:2f:91:92:29:1f:f8:d4:ce:81:5c:2a:9f:29:ac:
bf:e5:4c:e6:52:e6:ed:db:5f:88:d2:53:e8:35:2b:4e:74:75:
e7:51:c1:82:e6:1e:8c:d1:bd:e8:61:e9:df:a5:60:e0:f4:b5:
f9:c5:24:cf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZY9EMQNjT2vYYmm19fXkxYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDE2MDUyNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjFkNTU3MmQ4NjAyYWFmYTU3NGEzNmIyNzhiNGE1OTdjN2ZjYmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxA4uNvXTqKjeDw5An5AqXbUJXA2
12UnNhgQOhKVMek7W3Kvs6VnAEQ+fGDy99eJW2ZmPEj7oLzxXAk3kjVl2TKj0UN2
dezpfoLYuYMcJFqrqhFDJxsBjWq9bCF1MPhTdayVEMjS67VWvRbPdeKDtUz7YLSI
uU7lRq+MN/NK+ANxBoyBGlXpikQcDkcV8SJVGZuqD+i5av8ndM6cbckOvRvxgiOy
UOtLc3ZeLTw7Yn9IQEZ22avMvUHCHby1PKQggSqt+xp/MTxaO5xcDmEE4AZMoJJn
QiYtits7dV20NBMXdnNiMJEPHr5dRdmiKd4eBdxDXHAeifvtHcc/STPbHwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFMYdVXLYYCqvpXSjayeLSll8f8vKMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveGgxVmN0aGdLcS1sZEtOcko0dEtXWHhfeThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAl/IoMAwD
BAGX8qoDBAGX8qwDBACX8vIDBAGX8wQDBAGX8zQDBAKX8zwDBAGX81gDBACX83MD
BACX83gwDQYJKoZIhvcNAQELBQADggEBAG004MT7nJIpHACiZ306YIO7sLhOlaUI
eg5Y1+c6vHoNgrXcrTw37Nk5BNIl/izMvHk9DmhKZEBH+cZnI1zmerwUjij3cxvj
MT+UEUBMhZL4nThCnXymjkfUoKFrpezE14h/DTQBE6mIKNLs0MBVR/3ji6ktvSoH
eSHsaL8uAlLfWGn+HfzVKy6EcpPd3rBwFc0Y7BC3lNLa6h+Og4vRvI8AexUFo+26
90Jb+P32wpVZ6hviQmm7l4KSxq4w7FPro+iamFnfCAhkHbIvkZIpH/jUzoFcKp8p
rL/lTOZS5u3bX4jSU+g1K050dedRwYLmHozRvehh6d+lYOD0tfnFJM8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:00:33 2025 by rpki-client