Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GwxxWEyHY8KHU-f072qMDqNShpE.roa
File: GwxxWEyHY8KHU-f072qMDqNShpE.roa (raw, json)
Hash identifier: Jj9m1xli9AvbuRDRgdJjGHUdsBzmEQ2uEa7gVQ62MJs=
Subject key identifier: 1B:0C:71:58:4C:87:63:C2:87:53:E7:F4:EF:6A:8C:0E:A3:52:86:91
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197EE55C2AD84584983134363E9E56165C8
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GwxxWEyHY8KHU-f072qMDqNShpE.roa
Signing time: Wed 09 Jul 2025 08:38:07 +0000
ROA not before: Wed 09 Jul 2025 08:38:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
151.243.7.0/24 maxlen: 24
151.243.10.0/24 maxlen: 24
151.243.152.0/22 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.243.0/24 maxlen: 24
151.244.54.0/24 maxlen: 24
151.244.180.0/24 maxlen: 24
151.244.224.0/24 maxlen: 24
151.245.3.0/24 maxlen: 24
151.245.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Jul 2025 17:29:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ee:55:c2:ad:84:58:49:83:13:43:63:e9:e5:61:65:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 9 08:38:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b0c71584c8763c28753e7f4ef6a8c0ea3528691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9d:6d:d5:58:0e:1d:5f:75:9b:8c:39:d3:ef:
27:bc:01:85:16:b6:86:16:9b:39:25:97:95:fc:6e:
73:37:2a:02:a4:50:1e:08:23:49:ec:64:44:6d:a5:
46:e2:b8:66:82:63:37:1f:fe:a3:7e:e9:4a:fb:b4:
6b:bb:0d:7c:45:57:01:96:db:62:80:20:0d:93:0e:
f2:28:80:db:45:a3:0d:04:ec:85:1b:b5:8c:da:4b:
37:75:9a:90:87:e3:32:fb:31:47:c4:64:4b:cc:44:
97:f4:ac:d1:60:28:7b:76:d1:a3:c4:ce:31:63:88:
46:fa:cb:47:b5:c2:cc:c1:01:3d:fa:3b:05:53:27:
f5:35:1f:dc:07:64:32:8b:12:b4:fa:ee:02:99:dc:
bf:34:c7:f6:c1:b8:03:6c:dc:6c:27:f8:99:ff:b6:
42:8d:27:33:e4:00:c3:39:28:7d:8c:03:b5:c3:43:
c1:15:fd:0f:a2:01:11:72:d0:8c:33:31:c4:56:ed:
20:d8:58:be:1f:ce:a8:fe:83:9f:45:49:3e:c1:17:
81:db:60:bd:be:0d:92:0c:34:bd:b0:2b:d0:6d:26:
20:9f:a3:2e:46:76:25:30:da:f9:3c:3f:10:92:18:
1c:3d:93:58:3e:ec:17:11:2c:97:73:7f:a0:c2:c7:
2a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:0C:71:58:4C:87:63:C2:87:53:E7:F4:EF:6A:8C:0E:A3:52:86:91
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GwxxWEyHY8KHU-f072qMDqNShpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
37.202.201.0/24
151.243.7.0/24
151.243.10.0/24
151.243.152.0/22
151.243.228.0/24
151.243.243.0/24
151.244.54.0/24
151.244.180.0/24
151.244.224.0/24
151.245.3.0/24
151.245.60.0/22
Signature Algorithm: sha256WithRSAEncryption
52:21:0e:6a:46:92:ab:9b:73:e2:fe:a4:53:f7:59:4e:a9:b8:
b2:e0:5c:eb:c8:88:ee:10:d2:c2:41:e5:33:bc:2f:03:61:cf:
5f:ea:bd:5e:10:6f:3a:92:dd:2c:94:e1:38:1e:e3:14:96:2f:
06:33:30:bb:68:63:24:10:8d:75:73:cf:57:91:07:b2:da:cf:
77:7d:e6:0d:cb:4b:9c:f7:0e:6a:a2:24:39:f2:a5:27:4e:2d:
a3:ce:4d:4e:f7:15:06:f4:ea:63:e5:2b:6e:a7:47:55:de:b4:
89:66:ba:10:fe:e2:40:14:6b:dd:56:62:08:ca:41:13:d6:e4:
38:81:fa:9b:e2:b7:d5:b3:e0:08:ed:de:fb:2e:c4:9b:a4:ae:
ec:86:63:7c:e9:be:79:46:93:6c:41:36:c3:48:f1:3f:06:47:
30:a0:ca:c6:d6:e8:e9:8e:67:d2:e5:fd:e1:74:e5:ac:16:49:
2b:07:e3:ad:c8:bb:40:d3:26:96:cd:89:ea:4d:43:d3:4e:51:
58:76:e4:db:39:28:8c:e7:af:11:aa:09:ea:e4:74:4b:ab:a9:
46:cf:a7:83:b4:b8:34:53:d3:08:47:b3:5d:31:df:9e:4e:67:
db:dd:7e:b9:14:28:d5:cc:1f:36:53:d8:f4:14:2e:26:4c:fd:
f7:70:bf:b3
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZfuVcKthFhJgxNDY+nlYWXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA5MDgzODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjBjNzE1ODRjODc2M2MyODc1M2U3ZjRlZjZhOGMwZWEzNTI4NjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp1t1VgOHV91m4w50+8nvAGFFraG
Fps5JZeV/G5zNyoCpFAeCCNJ7GREbaVG4rhmgmM3H/6jfulK+7Rruw18RVcBltti
gCANkw7yKIDbRaMNBOyFG7WM2ks3dZqQh+My+zFHxGRLzESX9KzRYCh7dtGjxM4x
Y4hG+stHtcLMwQE9+jsFUyf1NR/cB2QyixK0+u4Cmdy/NMf2wbgDbNxsJ/iZ/7ZC
jScz5ADDOSh9jAO1w0PBFf0PogERctCMMzHEVu0g2Fi+H86o/oOfRUk+wReB22C9
vg2SDDS9sCvQbSYgn6MuRnYlMNr5PD8QkhgcPZNYPuwXESyXc3+gwscqWQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBsMcVhMh2PCh1Pn9O9qjA6jUoaRMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvR3d4eFdFeUhZOEtIVS1mMDcycU1EcU5TaHBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAJcrCAwQA
JcrJAwQAl/MHAwQAl/MKAwQCl/OYAwQAl/PkAwQAl/PzAwQAl/Q2AwQAl/S0AwQA
l/TgAwQAl/UDAwQCl/U8MA0GCSqGSIb3DQEBCwUAA4IBAQBSIQ5qRpKrm3Pi/qRT
91lOqbiy4FzryIjuENLCQeUzvC8DYc9f6r1eEG86kt0slOE4HuMUli8GMzC7aGMk
EI11c89XkQey2s93feYNy0uc9w5qoiQ58qUnTi2jzk1O9xUG9Opj5Stup0dV3rSJ
ZroQ/uJAFGvdVmIIykET1uQ4gfqb4rfVs+AI7d77LsSbpK7shmN86b55RpNsQTbD
SPE/BkcwoMrG1ujpjmfS5f3hdOWsFkkrB+OtyLtA0yaWzYnqTUPTTlFYduTbOSiM
568Rqgnq5HRLq6lGz6eDtLg0U9MIR7NdMd+eTmfb3X65FCjVzB82U9j0FC4mTP33
cL+z
-----END CERTIFICATE-----
Generated at Sat Jul 26 12:13:36 2025 by rpki-client