Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/TDp27dAgPX-JW-8PvGz_GDPgm3w.roa
File: TDp27dAgPX-JW-8PvGz_GDPgm3w.roa (raw, json)
Hash identifier: AS0+uJl/krffxY64Bpp6GbFt8hfBobOSoo0QxTcCK3o=
Subject key identifier: 4C:3A:76:ED:D0:20:3D:7F:89:5B:EF:0F:BC:6C:FF:18:33:E0:9B:7C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01969E82221FEFD1CFE1239EA76B54D4A9D3
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/TDp27dAgPX-JW-8PvGz_GDPgm3w.roa
Signing time: Mon 05 May 2025 03:34:10 +0000
ROA not before: Mon 05 May 2025 03:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 151.240.60.0/23 maxlen: 24
151.240.74.0/24 maxlen: 24
151.242.134.0/24 maxlen: 24
151.242.135.0/24 maxlen: 24
151.242.224.0/22 maxlen: 24
151.242.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 May 2025 12:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9e:82:22:1f:ef:d1:cf:e1:23:9e:a7:6b:54:d4:a9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 5 03:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c3a76edd0203d7f895bef0fbc6cff1833e09b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:14:de:05:ab:1e:e7:fc:a2:59:09:c0:4a:5f:
10:34:26:ac:51:ef:fe:ac:c0:b1:24:d7:3d:91:64:
dd:87:82:b4:48:21:12:e8:52:13:9d:4a:1a:b6:25:
04:96:76:00:19:82:5e:d9:e4:ae:ea:80:fb:32:23:
99:5f:7d:59:6d:a5:d3:dd:b0:90:6e:cd:8c:0c:7e:
62:15:6b:e1:37:54:7f:81:53:94:75:06:f0:56:c9:
71:e0:dd:06:e8:8d:90:57:b8:4e:0b:d0:f3:32:49:
b0:1d:dd:75:da:56:a3:2f:5c:43:af:02:2a:03:8e:
24:0b:e3:6f:17:2a:f8:44:ae:38:b1:27:71:81:af:
4b:b0:17:a4:2b:95:26:40:4a:19:39:ab:2d:f6:33:
33:67:af:2c:cb:74:07:71:96:25:de:96:b5:83:ec:
c7:b4:8b:a1:bd:36:ca:9e:61:31:89:46:97:20:e9:
c5:6d:03:1e:76:dc:b4:74:95:81:5b:61:d8:d9:c3:
95:18:60:e3:76:84:f9:fd:e6:76:8d:14:16:89:35:
10:5e:0e:b5:db:71:80:f3:9c:94:35:53:34:04:6f:
e8:89:0e:e9:6e:c2:01:d0:57:9e:20:da:e4:74:2f:
0b:71:71:04:81:2e:93:e1:d0:d2:06:f1:0f:fd:35:
cf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3A:76:ED:D0:20:3D:7F:89:5B:EF:0F:BC:6C:FF:18:33:E0:9B:7C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/TDp27dAgPX-JW-8PvGz_GDPgm3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.60.0/23
151.240.74.0/24
151.242.134.0/23
151.242.224.0/22
151.242.236.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:ba:0e:dc:03:62:bf:6d:ba:c5:37:9d:8f:f4:00:01:5a:fe:
8b:65:46:a3:52:22:46:d2:c7:16:8c:a9:56:ba:77:1f:ed:7a:
73:79:06:40:88:c2:cb:b6:e5:53:fc:9b:ce:8f:eb:07:0d:91:
a3:76:5b:5a:85:c5:e7:3c:2a:71:ab:6e:10:70:a2:e0:99:df:
27:90:fd:05:1c:18:c1:ce:0f:22:27:bf:1d:29:11:44:32:d5:
a0:e1:96:ba:8e:b3:2a:78:01:19:c7:f4:e7:2b:d3:34:99:f6:
51:d1:26:4a:66:69:19:91:f6:f6:85:5e:a4:d7:95:e4:66:ea:
9c:47:94:c8:2d:f5:17:0a:07:df:8b:4a:8c:d0:f2:7e:91:dc:
29:5d:59:db:86:5f:41:d8:cb:16:3c:fa:8f:fc:b4:09:1d:30:
19:9d:d4:35:bb:6e:d3:74:3f:2e:1d:31:fe:90:a7:15:03:6d:
4c:5a:1b:af:de:6d:29:d2:66:f4:1a:96:ae:c7:a7:4d:d1:05:
80:1d:36:6f:7a:80:df:58:87:08:c6:8b:1c:74:62:18:11:7b:
a8:70:f9:11:5d:ff:f4:b4:f8:33:c6:9d:87:67:7c:4a:72:e8:
89:ae:c9:d4:d0:c6:ac:fc:60:04:e1:41:13:33:3f:7e:12:db:
6c:59:49:66
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZaegiIf79HP4SOep2tU1KnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA1MDMzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzNhNzZlZGQwMjAzZDdmODk1YmVmMGZiYzZjZmYxODMzZTA5YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxTeBase5/yiWQnASl8QNCasUe/+
rMCxJNc9kWTdh4K0SCES6FITnUoatiUElnYAGYJe2eSu6oD7MiOZX31ZbaXT3bCQ
bs2MDH5iFWvhN1R/gVOUdQbwVslx4N0G6I2QV7hOC9DzMkmwHd112lajL1xDrwIq
A44kC+NvFyr4RK44sSdxga9LsBekK5UmQEoZOast9jMzZ68sy3QHcZYl3pa1g+zH
tIuhvTbKnmExiUaXIOnFbQMedty0dJWBW2HY2cOVGGDjdoT5/eZ2jRQWiTUQXg61
23GA85yUNVM0BG/oiQ7pbsIB0FeeINrkdC8LcXEEgS6T4dDSBvEP/TXP3QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEw6du3QID1/iVvvD7xs/xgz4Jt8MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVERwMjdkQWdQWC1KVy04UHZHel9HRFBnbTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBl/A8AwQA
l/BKAwQBl/KGAwQCl/LgAwQCl/LsMA0GCSqGSIb3DQEBCwUAA4IBAQCrug7cA2K/
bbrFN52P9AABWv6LZUajUiJG0scWjKlWuncf7XpzeQZAiMLLtuVT/JvOj+sHDZGj
dltahcXnPCpxq24QcKLgmd8nkP0FHBjBzg8iJ78dKRFEMtWg4Za6jrMqeAEZx/Tn
K9M0mfZR0SZKZmkZkfb2hV6k15XkZuqcR5TILfUXCgffi0qM0PJ+kdwpXVnbhl9B
2MsWPPqP/LQJHTAZndQ1u27TdD8uHTH+kKcVA21MWhuv3m0p0mb0Gpaux6dN0QWA
HTZveoDfWIcIxoscdGIYEXuocPkRXf/0tPgzxp2HZ3xKcuiJrsnU0Mas/GAE4UET
Mz9+EttsWUlm
-----END CERTIFICATE-----
Generated at Mon May 12 19:48:52 2025 by rpki-client