Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GUW2qnbUcBGNgKnN6AQ3RCSybQ8.roa
File: GUW2qnbUcBGNgKnN6AQ3RCSybQ8.roa (raw, json)
Hash identifier: aEAhkEfsQHjNjuN5MESUm5Z/DXGbd7l539C1gPWzoBs=
Subject key identifier: 19:45:B6:AA:76:D4:70:11:8D:80:A9:CD:E8:04:37:44:24:B2:6D:0F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197FA85E8BCA7C0682CCE2AC02D3CEE1294
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GUW2qnbUcBGNgKnN6AQ3RCSybQ8.roa
Signing time: Fri 11 Jul 2025 17:26:09 +0000
ROA not before: Fri 11 Jul 2025 17:26:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 37.202.206.0/24 maxlen: 24
151.242.49.0/24 maxlen: 24
151.242.114.0/24 maxlen: 24
151.242.123.0/24 maxlen: 24
151.242.126.0/24 maxlen: 24
151.243.64.0/20 maxlen: 24
151.243.97.0/24 maxlen: 24
151.243.106.0/24 maxlen: 24
151.244.181.0/24 maxlen: 24
151.244.221.0/24 maxlen: 24
151.244.223.0/24 maxlen: 24
151.244.229.0/24 maxlen: 24
151.244.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Jul 2025 06:18:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:fa:85:e8:bc:a7:c0:68:2c:ce:2a:c0:2d:3c:ee:12:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 11 17:26:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1945b6aa76d470118d80a9cde804374424b26d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:43:ec:76:b9:7e:d7:cc:bd:40:2a:a5:64:09:
e3:4d:81:af:d6:10:ad:24:7a:8f:0a:28:97:8f:67:
56:94:0b:4a:ea:06:96:dc:f7:6f:67:31:fe:54:91:
ea:1f:e8:1a:1b:33:08:0c:83:02:09:e3:8a:72:82:
cd:6e:f4:2f:2b:4d:47:4a:72:74:fd:0a:ae:e0:bc:
59:05:56:ff:0e:28:ec:d8:70:f7:93:cd:2c:a0:11:
32:df:0c:9e:5e:d2:2f:31:68:52:f4:f3:34:ec:43:
2a:e0:01:3a:3c:d5:86:71:43:c7:d4:af:0e:12:11:
bc:5e:9b:2d:90:68:3c:1f:5c:8f:6e:c8:12:b1:46:
58:aa:71:22:28:80:c0:1b:a5:06:98:0f:19:47:c6:
8a:04:c5:21:af:c5:6f:13:49:84:ae:46:df:cc:10:
17:33:57:bc:78:21:25:27:43:78:c6:41:29:8c:25:
14:de:a8:66:e5:36:23:ba:f4:44:7b:7d:51:50:a2:
46:d6:5b:d4:af:13:88:e5:d6:41:38:2f:b7:94:ac:
59:6c:b2:d4:d3:10:ed:c2:1e:fc:29:44:d3:38:65:
4a:38:44:df:2c:11:ad:44:5c:58:47:f1:3e:87:bc:
34:8b:0a:47:47:41:d0:3e:59:da:0b:9f:85:4d:26:
7f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:45:B6:AA:76:D4:70:11:8D:80:A9:CD:E8:04:37:44:24:B2:6D:0F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GUW2qnbUcBGNgKnN6AQ3RCSybQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.206.0/24
151.242.49.0/24
151.242.114.0/24
151.242.123.0/24
151.242.126.0/24
151.243.64.0/20
151.243.97.0/24
151.243.106.0/24
151.244.181.0/24
151.244.221.0/24
151.244.223.0/24
151.244.229.0-151.244.230.255
Signature Algorithm: sha256WithRSAEncryption
1f:1d:94:0a:bb:74:8a:3d:fb:eb:2e:ab:c1:25:68:6c:ad:3c:
9f:70:ff:c1:29:64:7d:4c:16:d3:ee:18:cf:0e:e1:70:7d:ae:
41:48:cd:5d:d6:72:13:98:b8:8c:e3:10:30:a1:35:b3:67:7a:
7b:66:ab:fa:6b:b8:40:03:ec:11:e7:45:4f:c7:1b:cb:3c:25:
e0:80:a6:42:52:80:1f:df:bf:57:3a:1f:62:b0:93:62:e1:ee:
f7:1e:16:38:c4:99:66:b7:24:29:db:10:98:7d:c0:1e:99:99:
d3:7f:a8:43:56:a8:ee:c7:71:02:af:eb:ca:17:19:99:75:43:
59:8a:bc:5c:8e:4b:39:e9:e2:e8:58:6c:73:4b:95:ee:8f:b1:
38:5f:81:45:4c:2a:80:cf:13:e3:bf:9c:6e:a3:2a:2c:ca:79:
1d:89:15:01:54:56:2b:de:c0:ae:16:db:73:21:44:0e:38:69:
04:a5:c2:19:66:d8:9e:99:f5:03:a9:2f:6d:67:a5:ad:4e:2a:
3b:3d:80:08:62:29:40:4f:c0:23:24:f1:b2:7f:d4:b6:b4:8b:
9b:15:46:c4:15:55:ab:17:4b:1c:96:e0:7e:42:8f:01:0a:e3:
34:bf:e1:0f:b6:ac:90:99:a8:b9:13:29:bc:34:a0:95:21:3f:
a6:6f:66:8b
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZf6hei8p8BoLM4qwC087hKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzExMTcyNjA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTQ1YjZhYTc2ZDQ3MDExOGQ4MGE5Y2RlODA0Mzc0NDI0YjI2ZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUPsdrl+18y9QCqlZAnjTYGv1hCt
JHqPCiiXj2dWlAtK6gaW3PdvZzH+VJHqH+gaGzMIDIMCCeOKcoLNbvQvK01HSnJ0
/Qqu4LxZBVb/Dijs2HD3k80soBEy3wyeXtIvMWhS9PM07EMq4AE6PNWGcUPH1K8O
EhG8XpstkGg8H1yPbsgSsUZYqnEiKIDAG6UGmA8ZR8aKBMUhr8VvE0mErkbfzBAX
M1e8eCElJ0N4xkEpjCUU3qhm5TYjuvREe31RUKJG1lvUrxOI5dZBOC+3lKxZbLLU
0xDtwh78KUTTOGVKOETfLBGtRFxYR/E+h7w0iwpHR0HQPlnaC5+FTSZ/cQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFBlFtqp21HARjYCpzegEN0Qksm0PMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvR1VXMnFuYlVjQkdOZ0tuTjZBUTNSQ1N5YlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAJcrOAwQA
l/IxAwQAl/JyAwQAl/J7AwQAl/J+AwQEl/NAAwQAl/NhAwQAl/NqAwQAl/S1AwQA
l/TdAwQAl/TfMAwDBACX9OUDBACX9OYwDQYJKoZIhvcNAQELBQADggEBAB8dlAq7
dIo9++suq8ElaGytPJ9w/8EpZH1MFtPuGM8O4XB9rkFIzV3WchOYuIzjEDChNbNn
entmq/pruEAD7BHnRU/HG8s8JeCApkJSgB/fv1c6H2Kwk2Lh7vceFjjEmWa3JCnb
EJh9wB6ZmdN/qENWqO7HcQKv68oXGZl1Q1mKvFyOSznp4uhYbHNLle6PsThfgUVM
KoDPE+O/nG6jKizKeR2JFQFUVivewK4W23MhRA44aQSlwhlm2J6Z9QOpL21npa1O
Kjs9gAhiKUBPwCMk8bJ/1La0i5sVRsQVVasXSxyW4H5CjwEK4zS/4Q+2rJCZqLkT
Kbw0oJUhP6ZvZos=
-----END CERTIFICATE-----
Generated at Sat Jul 26 12:06:54 2025 by rpki-client