Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/C6qQqmOTQs8S1_iWrbK4wgJDd-w.roa
File: C6qQqmOTQs8S1_iWrbK4wgJDd-w.roa (raw, json)
Hash identifier: tP3jzhs9E9U6kb3bowMhENtHuPl8yF6R4dEKtyBipng=
Subject key identifier: 0B:AA:90:AA:63:93:42:CF:12:D7:F8:96:AD:B2:B8:C2:02:43:77:EC
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197D49B17DE0A3D93A8A2F340312041DC2F
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/C6qQqmOTQs8S1_iWrbK4wgJDd-w.roa
Signing time: Fri 04 Jul 2025 08:43:43 +0000
ROA not before: Fri 04 Jul 2025 08:43:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9232
IP address blocks: 37.202.213.0/24 maxlen: 24
37.202.221.0/24 maxlen: 24
151.242.18.0/24 maxlen: 24
151.242.19.0/24 maxlen: 24
151.242.21.0/24 maxlen: 24
151.242.68.0/24 maxlen: 24
151.242.70.0/24 maxlen: 24
151.242.71.0/24 maxlen: 24
151.243.107.0/24 maxlen: 24
151.243.108.0/24 maxlen: 24
151.243.109.0/24 maxlen: 24
151.243.110.0/24 maxlen: 24
151.244.8.0/24 maxlen: 24
151.244.12.0/24 maxlen: 24
151.244.24.0/24 maxlen: 24
151.244.30.0/24 maxlen: 24
151.244.40.0/24 maxlen: 24
151.244.65.0/24 maxlen: 24
151.244.73.0/24 maxlen: 24
151.244.86.0/24 maxlen: 24
151.244.93.0/24 maxlen: 24
151.244.97.0/24 maxlen: 24
151.244.101.0/24 maxlen: 24
151.244.105.0/24 maxlen: 24
151.244.110.0/24 maxlen: 24
151.244.114.0/24 maxlen: 24
151.244.118.0/24 maxlen: 24
151.244.124.0/24 maxlen: 24
151.245.32.0/24 maxlen: 24
151.245.72.0/24 maxlen: 24
151.245.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Jul 2025 06:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:9b:17:de:0a:3d:93:a8:a2:f3:40:31:20:41:dc:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 4 08:43:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0baa90aa639342cf12d7f896adb2b8c2024377ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a6:d0:61:f6:e9:00:d4:89:fd:52:41:cb:20:
c2:6a:ab:6b:82:86:d0:4d:2a:b1:b5:4b:d6:9e:04:
bd:6e:d2:d7:e9:ed:8c:e9:76:df:ff:db:3f:62:3e:
57:b7:7e:a2:45:58:95:8f:88:b8:d3:52:f1:e1:94:
be:0e:e5:13:c2:cd:e1:87:70:b8:c1:d3:b7:54:3b:
fc:25:5d:ca:5b:00:be:e1:94:db:0d:20:d5:8b:3d:
1c:76:97:53:33:44:b3:f5:92:03:84:b3:21:ca:1b:
f8:88:62:34:c1:41:b2:92:31:ce:63:7e:65:21:b0:
63:61:16:a6:79:48:39:e6:f5:0a:74:a9:60:66:04:
19:86:e6:1b:be:0d:98:94:a8:a4:07:a4:b4:00:8a:
7f:5e:58:35:5c:1f:ea:62:eb:ae:28:56:84:89:90:
3f:6f:cd:43:7e:8f:d8:5f:23:b9:b5:64:a7:ed:96:
c6:39:36:36:e7:ab:b3:41:fa:de:dd:2d:5f:de:97:
3c:3a:6f:26:cc:64:06:57:5e:5e:0e:04:16:79:1e:
e0:3c:56:c4:17:51:a7:97:bc:10:53:15:99:b0:e7:
5b:b0:a3:73:bc:ab:ac:b5:c7:23:16:93:c1:aa:f1:
57:9f:a4:71:fa:13:1e:fe:30:b6:d5:20:60:cf:d9:
c4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:AA:90:AA:63:93:42:CF:12:D7:F8:96:AD:B2:B8:C2:02:43:77:EC
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/C6qQqmOTQs8S1_iWrbK4wgJDd-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.213.0/24
37.202.221.0/24
151.242.18.0/23
151.242.21.0/24
151.242.68.0/24
151.242.70.0/23
151.243.107.0-151.243.110.255
151.244.8.0/24
151.244.12.0/24
151.244.24.0/24
151.244.30.0/24
151.244.40.0/24
151.244.65.0/24
151.244.73.0/24
151.244.86.0/24
151.244.93.0/24
151.244.97.0/24
151.244.101.0/24
151.244.105.0/24
151.244.110.0/24
151.244.114.0/24
151.244.118.0/24
151.244.124.0/24
151.245.32.0/24
151.245.72.0/24
151.245.92.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:5a:f2:9d:e5:d4:5a:52:29:f3:67:27:4e:61:87:fe:7c:7b:
e6:8c:b7:d6:b1:ee:4d:e3:4a:dd:bf:8a:d9:ff:93:59:3a:39:
7f:7b:e1:4f:31:64:5d:61:9f:53:ae:ac:df:b7:08:a5:42:6c:
ac:ca:26:32:78:14:cf:d4:21:49:2f:bc:35:b6:29:29:16:4d:
d5:d7:a7:bb:d4:db:fa:3c:8d:f8:33:f2:81:36:5d:67:c3:24:
bd:60:3a:18:6c:8c:a2:95:7a:c9:af:0f:5f:44:a2:e4:13:0f:
55:c1:4f:8e:5c:80:37:73:6d:4c:66:63:29:56:f2:30:0e:f0:
2d:5e:3b:f6:56:4e:e5:92:ec:07:f7:28:2d:c0:79:2d:10:e6:
a6:42:e8:c3:72:f9:13:70:73:cf:ac:f5:77:76:5d:5f:6a:db:
58:4c:a6:69:23:e2:43:ca:c7:1c:cd:d6:fe:9d:44:45:a3:25:
00:5d:50:f5:de:4d:e5:4c:a9:eb:9b:17:94:bc:9d:39:41:7c:
1a:88:b9:2e:c8:5a:60:06:41:c8:ac:83:4a:1b:e4:64:0f:0e:
4d:a4:2b:dd:07:1b:a2:af:01:3c:7f:56:3c:e5:ef:d0:9c:48:
b8:76:2a:01:a9:c8:04:1c:e9:6e:ef:63:84:c0:7e:43:60:04:
aa:0a:67:f7
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZfUmxfeCj2TqKLzQDEgQdwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA0MDg0MzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmFhOTBhYTYzOTM0MmNmMTJkN2Y4OTZhZGIyYjhjMjAyNDM3N2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqbQYfbpANSJ/VJByyDCaqtrgobQ
TSqxtUvWngS9btLX6e2M6Xbf/9s/Yj5Xt36iRViVj4i401Lx4ZS+DuUTws3hh3C4
wdO3VDv8JV3KWwC+4ZTbDSDViz0cdpdTM0Sz9ZIDhLMhyhv4iGI0wUGykjHOY35l
IbBjYRameUg55vUKdKlgZgQZhuYbvg2YlKikB6S0AIp/Xlg1XB/qYuuuKFaEiZA/
b81Dfo/YXyO5tWSn7ZbGOTY256uzQfre3S1f3pc8Om8mzGQGV15eDgQWeR7gPFbE
F1Gnl7wQUxWZsOdbsKNzvKustccjFpPBqvFXn6Rx+hMe/jC21SBgz9nEDwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFAuqkKpjk0LPEtf4lq2yuMICQ3fsMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQzZxUXFtT1RRczhTMV9pV3JiSzR3Z0pEZC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAl
ytUDBAAlyt0DBAGX8hIDBACX8hUDBACX8kQDBAGX8kYwDAMEAJfzawMEAJfzbgME
AJf0CAMEAJf0DAMEAJf0GAMEAJf0HgMEAJf0KAMEAJf0QQMEAJf0SQMEAJf0VgME
AJf0XQMEAJf0YQMEAJf0ZQMEAJf0aQMEAJf0bgMEAJf0cgMEAJf0dgMEAJf0fAME
AJf1IAMEAJf1SAMEAJf1XDANBgkqhkiG9w0BAQsFAAOCAQEAp1ryneXUWlIp82cn
TmGH/nx75oy31rHuTeNK3b+K2f+TWTo5f3vhTzFkXWGfU66s37cIpUJsrMomMngU
z9QhSS+8NbYpKRZN1denu9Tb+jyN+DPygTZdZ8MkvWA6GGyMopV6ya8PX0Si5BMP
VcFPjlyAN3NtTGZjKVbyMA7wLV479lZO5ZLsB/coLcB5LRDmpkLow3L5E3Bzz6z1
d3ZdX2rbWEymaSPiQ8rHHM3W/p1ERaMlAF1Q9d5N5Uyp65sXlLydOUF8Goi5Lsha
YAZByKyDShvkZA8OTaQr3Qcboq8BPH9WPOXv0JxIuHYqAanIBBzpbu9jhMB+Q2AE
qgpn9w==
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:38:58 2025 by rpki-client