Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/zSLStR0zbZKzUpD7tKotoCW6nSs.roa
File: zSLStR0zbZKzUpD7tKotoCW6nSs.roa (raw, json)
Hash identifier: 34DhwVIzh9KhHsZi4iLSJYFC0Fj/vQZhePczKbHXMzE=
Subject key identifier: CD:22:D2:B5:1D:33:6D:92:B3:52:90:FB:B4:AA:2D:A0:25:BA:9D:2B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196944F0F3C455F81E3B4CC63D82BE89D4D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/zSLStR0zbZKzUpD7tKotoCW6nSs.roa
Signing time: Sat 03 May 2025 04:02:11 +0000
ROA not before: Sat 03 May 2025 04:02:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395839
IP address blocks: 151.243.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 May 2025 03:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:94:4f:0f:3c:45:5f:81:e3:b4:cc:63:d8:2b:e8:9d:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 3 04:02:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd22d2b51d336d92b35290fbb4aa2da025ba9d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f3:5a:61:f2:24:48:bd:cb:f1:8b:78:58:6d:
64:62:8a:d2:19:be:62:d2:f1:ba:86:61:ad:61:1c:
ac:58:7c:ad:3e:a2:0a:15:85:40:b8:10:e2:4e:a8:
6b:5e:23:42:3c:40:e7:ba:0a:55:42:4c:0f:9d:ed:
a9:36:af:9c:29:2f:9b:47:35:15:89:64:6d:71:63:
43:20:3c:50:d9:d7:3b:45:e3:d6:4c:f3:d8:d4:ce:
10:a7:8d:1f:8f:1b:2d:75:1e:6a:3e:4c:2c:3b:96:
49:09:4f:d5:b8:ab:d8:91:6d:61:4c:73:32:58:18:
ae:2b:ac:ed:e9:44:e3:41:ed:86:6b:23:6b:5d:15:
2f:7a:ea:ce:0e:02:c2:3b:29:b6:c0:0c:3b:3e:84:
9b:92:ea:15:eb:82:4f:42:59:ea:e7:c4:1d:1e:f7:
83:67:7a:b3:73:2c:d9:7c:3b:c9:23:40:e1:0c:46:
2f:92:ef:00:b8:b2:6f:1a:63:23:63:bf:aa:50:5a:
cc:d0:15:ed:18:3e:c2:a7:49:a1:36:c0:13:93:31:
82:7a:77:04:34:8a:70:b6:60:fc:c9:f1:82:cd:24:
11:da:23:2f:d5:50:fd:f0:db:3b:3b:27:1c:f0:ec:
62:e7:7b:75:e0:21:d5:a4:fa:8f:ef:bc:9f:48:a3:
c4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:22:D2:B5:1D:33:6D:92:B3:52:90:FB:B4:AA:2D:A0:25:BA:9D:2B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/zSLStR0zbZKzUpD7tKotoCW6nSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.98.0/24
Signature Algorithm: sha256WithRSAEncryption
34:53:57:2d:8c:2a:8b:96:05:8d:fe:b0:5c:1a:04:a6:98:aa:
51:26:1c:23:0e:e8:46:4c:52:fc:11:06:93:91:36:81:d3:7c:
ae:6d:0c:15:5c:a3:c7:d3:a9:1f:31:3a:85:4d:00:f4:ba:79:
e9:05:18:59:0d:ea:d3:d6:52:2d:7d:89:a4:17:74:53:ed:b9:
0c:5d:33:52:5e:cc:05:f1:6b:96:67:ac:70:50:19:16:10:fe:
d5:d8:5f:0b:5b:5a:dc:85:38:20:6c:bf:db:34:bb:a7:6f:81:
4b:a6:8e:bc:bf:d0:f0:6d:bd:e0:83:b6:29:57:19:42:55:8f:
f5:92:04:02:8b:79:71:dc:08:c1:5d:2a:08:a3:63:d9:42:85:
d4:d8:34:54:dd:49:5f:fb:4e:7a:cc:d8:83:fe:95:e9:a3:1e:
82:70:3e:4f:18:d5:c1:53:d2:a8:dd:3c:d3:1b:49:49:7b:38:
ec:89:03:88:c8:ba:31:c4:57:33:ec:ce:58:d5:12:fc:f0:0e:
5a:6f:23:59:37:68:bf:d0:79:69:97:ad:36:5b:cf:68:b7:27:
f7:3a:84:09:19:f9:89:66:12:e7:41:27:3d:5a:db:56:aa:e8:
95:4e:33:46:3d:d9:f9:3e:26:90:3d:1e:d8:96:c9:b0:e8:4d:
90:e8:50:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaUTw88RV+B47TMY9gr6J1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTAzMDQwMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDIyZDJiNTFkMzM2ZDkyYjM1MjkwZmJiNGFhMmRhMDI1YmE5ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPNaYfIkSL3L8Yt4WG1kYorSGb5i
0vG6hmGtYRysWHytPqIKFYVAuBDiTqhrXiNCPEDnugpVQkwPne2pNq+cKS+bRzUV
iWRtcWNDIDxQ2dc7RePWTPPY1M4Qp40fjxstdR5qPkwsO5ZJCU/VuKvYkW1hTHMy
WBiuK6zt6UTjQe2GayNrXRUveurODgLCOym2wAw7PoSbkuoV64JPQlnq58QdHveD
Z3qzcyzZfDvJI0DhDEYvku8AuLJvGmMjY7+qUFrM0BXtGD7Cp0mhNsATkzGCencE
NIpwtmD8yfGCzSQR2iMv1VD98Ns7Oycc8Oxi53t14CHVpPqP77yfSKPEIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0i0rUdM22Ss1KQ+7SqLaAlup0rMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvelNMU3RSMHpiWkt6VXBEN3RLb3RvQ1c2blNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/NiMA0G
CSqGSIb3DQEBCwUAA4IBAQA0U1ctjCqLlgWN/rBcGgSmmKpRJhwjDuhGTFL8EQaT
kTaB03yubQwVXKPH06kfMTqFTQD0unnpBRhZDerT1lItfYmkF3RT7bkMXTNSXswF
8WuWZ6xwUBkWEP7V2F8LW1rchTggbL/bNLunb4FLpo68v9Dwbb3gg7YpVxlCVY/1
kgQCi3lx3AjBXSoIo2PZQoXU2DRU3Ulf+056zNiD/pXpox6CcD5PGNXBU9Ko3TzT
G0lJezjsiQOIyLoxxFcz7M5Y1RL88A5abyNZN2i/0Hlpl602W89otyf3OoQJGfmJ
ZhLnQSc9WttWquiVTjNGPdn5PiaQPR7Ylsmw6E2Q6FBG
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:22:22 2025 by rpki-client