Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yEtLq3LSh5aqhAq-gMF5TjNVi2Q.roa
File: yEtLq3LSh5aqhAq-gMF5TjNVi2Q.roa (raw, json)
Hash identifier: IRtZmLxIErbvS30nIn5fES5iS1S9Dchisc4VWDthz1M=
Subject key identifier: C8:4B:4B:AB:72:D2:87:96:AA:84:0A:BE:80:C1:79:4E:33:55:8B:64
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D1A58FD2BDDE720E179602A91E6C7081
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yEtLq3LSh5aqhAq-gMF5TjNVi2Q.roa
Signing time: Fri 22 Aug 2025 11:59:05 +0000
ROA not before: Fri 22 Aug 2025 11:59:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49608
IP address blocks: 151.241.22.0/24 maxlen: 24
151.245.25.0/24 maxlen: 24
151.245.30.0/24 maxlen: 24
151.245.40.0/24 maxlen: 24
151.245.46.0/24 maxlen: 24
151.245.52.0/24 maxlen: 24
151.247.193.0/24 maxlen: 24
151.247.206.0/24 maxlen: 24
151.247.214.0/24 maxlen: 24
151.247.222.0/24 maxlen: 24
151.247.240.0/24 maxlen: 24
151.247.247.0/24 maxlen: 24
151.247.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:a5:8f:d2:bd:de:72:0e:17:96:02:a9:1e:6c:70:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 22 11:59:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c84b4bab72d28796aa840abe80c1794e33558b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:41:49:9e:27:38:3a:67:68:c2:e9:d5:ce:e5:
72:98:70:07:b3:8c:29:d7:2b:48:eb:95:97:a1:49:
3d:79:6c:43:9b:2b:a6:81:9b:ae:42:3d:02:2f:e0:
11:95:ea:80:22:2c:e8:ce:a6:b7:62:5a:41:a0:c2:
c3:dc:ce:1d:73:a4:31:05:36:cc:f6:0e:6f:b5:fe:
37:83:5f:72:ef:5b:f8:97:ad:12:8f:3c:ab:13:61:
ea:ff:9f:fc:2c:33:4a:5e:c8:6f:7d:9d:76:51:3c:
d4:e7:3a:36:89:32:11:63:b0:27:14:4e:1b:e8:18:
96:5a:fd:1e:02:82:78:cb:6e:4c:82:c4:e9:68:fa:
8b:bc:f5:9c:61:3e:b1:e6:2d:a5:7a:df:42:ee:0f:
08:7f:05:9f:68:98:c2:64:19:76:39:d9:be:4a:2b:
bd:64:57:fb:df:af:ff:e3:d4:3d:fd:09:b2:6b:3d:
f0:ed:02:45:d8:5e:50:cc:6b:ae:91:41:dc:2a:29:
14:c8:20:8a:a0:db:91:09:20:82:0d:91:95:42:3a:
11:c3:8c:9d:33:d4:83:e9:6d:41:84:dc:c1:86:53:
97:bf:39:1f:51:4c:fe:96:3c:5f:63:16:8c:2a:3f:
be:cb:de:cc:6d:e1:79:e9:ce:ae:96:db:20:f1:1b:
58:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:4B:4B:AB:72:D2:87:96:AA:84:0A:BE:80:C1:79:4E:33:55:8B:64
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yEtLq3LSh5aqhAq-gMF5TjNVi2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.22.0/24
151.245.25.0/24
151.245.30.0/24
151.245.40.0/24
151.245.46.0/24
151.245.52.0/24
151.247.193.0/24
151.247.206.0/24
151.247.214.0/24
151.247.222.0/24
151.247.240.0/24
151.247.247.0/24
151.247.255.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:a7:59:b6:09:df:91:6c:f1:25:fb:08:33:4c:4e:ba:44:a3:
00:4e:5c:dc:3a:26:99:3f:52:db:23:dc:0a:48:fe:8a:bc:35:
c7:39:ab:47:d6:e2:b8:88:44:fc:49:95:33:99:88:67:d1:f8:
3b:e3:bc:e8:ec:b3:81:6a:05:83:8a:41:d0:1f:34:5f:fa:85:
0e:24:24:59:0f:8c:0d:58:d3:b4:5b:f6:23:7a:d1:d1:bd:bd:
36:be:32:f6:17:01:2a:1f:ba:72:d5:a1:2c:9b:90:ca:a7:f1:
df:ec:be:95:ac:5c:aa:b9:66:78:84:51:a1:c7:ee:ec:90:f6:
2a:45:10:67:d7:76:2b:52:aa:19:ec:5a:b7:1a:bf:9a:6f:93:
f4:a9:99:81:2d:ca:ad:8c:0b:62:48:01:46:e9:55:41:66:d6:
74:1f:5b:9f:a0:23:de:18:e2:75:a4:83:29:26:19:69:8e:7d:
28:39:cd:84:27:27:6b:d5:d1:09:bd:2b:45:3b:7c:c8:dc:0f:
50:04:b0:2d:f1:8c:c1:5e:c9:0e:ad:98:6e:c6:40:89:e7:52:
0e:7b:b9:cb:1a:21:2c:dc:c5:ae:c4:92:95:43:7a:4c:d2:7e:
24:3b:86:1c:78:06:cb:af:9d:7f:f5:aa:a4:76:82:8f:49:56:
7f:31:94:75
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZjRpY/Svd5yDheWAqkebHCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIyMTE1OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODRiNGJhYjcyZDI4Nzk2YWE4NDBhYmU4MGMxNzk0ZTMzNTU4YjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskFJnic4OmdowunVzuVymHAHs4wp
1ytI65WXoUk9eWxDmyumgZuuQj0CL+ARleqAIizozqa3YlpBoMLD3M4dc6QxBTbM
9g5vtf43g19y71v4l60SjzyrE2Hq/5/8LDNKXshvfZ12UTzU5zo2iTIRY7AnFE4b
6BiWWv0eAoJ4y25MgsTpaPqLvPWcYT6x5i2let9C7g8IfwWfaJjCZBl2Odm+Siu9
ZFf736//49Q9/Qmyaz3w7QJF2F5QzGuukUHcKikUyCCKoNuRCSCCDZGVQjoRw4yd
M9SD6W1BhNzBhlOXvzkfUUz+ljxfYxaMKj++y97MbeF56c6ultsg8RtYAwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMhLS6ty0oeWqoQKvoDBeU4zVYtkMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveUV0THEzTFNoNWFxaEFxLWdNRjVUak5WaTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAl/EWAwQA
l/UZAwQAl/UeAwQAl/UoAwQAl/UuAwQAl/U0AwQAl/fBAwQAl/fOAwQAl/fWAwQA
l/feAwQAl/fwAwQAl/f3AwQAl/f/MA0GCSqGSIb3DQEBCwUAA4IBAQCcp1m2Cd+R
bPEl+wgzTE66RKMATlzcOiaZP1LbI9wKSP6KvDXHOatH1uK4iET8SZUzmYhn0fg7
47zo7LOBagWDikHQHzRf+oUOJCRZD4wNWNO0W/YjetHRvb02vjL2FwEqH7py1aEs
m5DKp/Hf7L6VrFyquWZ4hFGhx+7skPYqRRBn13YrUqoZ7Fq3Gr+ab5P0qZmBLcqt
jAtiSAFG6VVBZtZ0H1ufoCPeGOJ1pIMpJhlpjn0oOc2EJydr1dEJvStFO3zI3A9Q
BLAt8YzBXskOrZhuxkCJ51IOe7nLGiEs3MWuxJKVQ3pM0n4kO4YceAbLr51/9aqk
doKPSVZ/MZR1
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:38:13 2025 by rpki-client