Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HjpFErLS0fAD4qaUtGKwl8xoBKQ.roa
File: HjpFErLS0fAD4qaUtGKwl8xoBKQ.roa (raw, json)
Hash identifier: /HFxPyjIYBwn79WT8YgJ9OC7Pt+r4HzkKrU/8tUMIkk=
Subject key identifier: 1E:3A:45:12:B2:D2:D1:F0:03:E2:A6:94:B4:62:B0:97:CC:68:04:A4
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01977E33914EB73DE2EC36C4CDF20EAC4F3E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HjpFErLS0fAD4qaUtGKwl8xoBKQ.roa
Signing time: Tue 17 Jun 2025 14:03:18 +0000
ROA not before: Tue 17 Jun 2025 14:03:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 37.202.220.0/24 maxlen: 24
151.240.28.0/24 maxlen: 24
151.240.60.0/23 maxlen: 24
151.240.72.0/24 maxlen: 24
151.240.74.0/24 maxlen: 24
151.240.118.0/23 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.13.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.27.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.134.0/24 maxlen: 24
151.242.135.0/24 maxlen: 24
151.242.236.0/22 maxlen: 24
151.243.25.0/24 maxlen: 24
151.243.170.0/24 maxlen: 24
151.243.172.0/24 maxlen: 24
151.244.48.0/24 maxlen: 24
151.244.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Jun 2025 07:27:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7e:33:91:4e:b7:3d:e2:ec:36:c4:cd:f2:0e:ac:4f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 17 14:03:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e3a4512b2d2d1f003e2a694b462b097cc6804a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a2:8e:dd:14:49:65:f0:43:06:b4:ac:cc:32:
32:bf:fb:eb:c8:6a:80:b4:76:ee:63:f6:8a:43:32:
26:70:99:4e:9a:70:f2:71:49:c5:4b:c8:fe:79:16:
7c:ce:a9:fb:1c:fd:5d:32:c1:d1:11:43:f8:b6:35:
86:cf:1f:3b:02:0a:1c:3c:e3:2f:e8:f6:3c:4a:2c:
94:6e:f0:b4:a6:52:d4:b7:71:49:5c:fc:50:b1:91:
fe:c2:5a:f5:4d:8d:a2:5e:8e:5f:52:ea:42:22:9b:
f0:e2:48:84:74:a3:f8:c5:08:f3:46:6e:e0:8e:6f:
b7:8b:fd:09:b4:0d:51:dc:09:4f:a5:29:7b:1a:43:
b3:bb:30:77:76:34:43:73:9c:86:99:f9:3b:5b:ab:
ef:f3:02:07:4e:6c:4a:9b:2a:8a:df:4c:16:a8:2d:
8b:2b:45:3f:21:6b:90:66:9d:a5:13:d1:61:33:56:
01:a9:e4:9a:d0:df:35:b1:5a:7e:20:8d:b5:e5:07:
3a:b5:c5:2e:d4:26:d2:30:6c:ee:13:60:2f:d3:b2:
46:8a:87:c7:26:b3:2d:bd:02:75:29:63:5e:1f:43:
b9:c2:3d:ae:21:8c:57:0e:38:61:cd:aa:89:dc:83:
ef:b0:a8:37:01:a2:a8:bc:27:8a:80:1d:bb:e8:04:
0c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:3A:45:12:B2:D2:D1:F0:03:E2:A6:94:B4:62:B0:97:CC:68:04:A4
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HjpFErLS0fAD4qaUtGKwl8xoBKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.220.0/24
151.240.28.0/24
151.240.60.0/23
151.240.72.0/24
151.240.74.0/24
151.240.118.0/23
151.242.4.0/24
151.242.13.0-151.242.14.255
151.242.17.0/24
151.242.27.0/24
151.242.32.0/24
151.242.134.0/23
151.242.236.0/22
151.243.25.0/24
151.243.170.0/24
151.243.172.0/24
151.244.48.0/24
151.244.102.0/24
Signature Algorithm: sha256WithRSAEncryption
77:ce:a9:5a:75:46:67:bf:ba:77:da:65:62:56:fb:44:a7:d9:
82:18:a1:cf:9f:eb:c6:77:7a:04:0d:57:08:6d:e8:82:1c:73:
52:a5:e9:f2:2a:a3:56:a8:4e:58:04:a4:ca:f4:52:8a:f6:17:
e4:bc:8b:49:00:d2:71:6c:47:1b:a3:8b:04:0c:95:e6:fb:c0:
4b:75:58:fc:83:23:f5:dd:e5:fd:ab:cf:7e:4b:c0:15:42:f6:
b5:f4:a2:b3:bc:7a:bc:4b:65:ae:d1:08:a2:64:04:0e:76:b3:
17:7a:59:1b:5a:33:e0:37:0e:fa:a7:ae:3f:51:fc:06:08:08:
72:e6:30:df:dc:12:f3:20:88:b6:6f:ad:f4:e7:30:2d:39:ac:
ee:6d:c6:95:ed:b5:18:55:61:18:e5:d9:f3:ee:af:48:c9:91:
e6:e6:f0:d4:30:59:47:ea:41:06:d5:08:ff:53:4e:52:0a:19:
52:b0:16:20:5e:a3:5b:ce:18:13:3a:eb:db:9d:7e:5d:1e:42:
c4:e0:bc:6f:7e:28:a1:c1:1e:83:eb:e5:6d:ed:ca:e2:67:9c:
c4:c1:1d:26:c2:c3:32:a1:8a:f6:14:b8:9b:4e:30:98:43:0f:
67:67:0e:8f:28:ca:8a:e0:9c:ba:ba:4b:05:8a:35:16:27:e4:
a9:06:1b:79
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZd+M5FOtz3i7DbEzfIOrE8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjE3MTQwMzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTNhNDUxMmIyZDJkMWYwMDNlMmE2OTRiNDYyYjA5N2NjNjgwNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqKO3RRJZfBDBrSszDIyv/vryGqA
tHbuY/aKQzImcJlOmnDycUnFS8j+eRZ8zqn7HP1dMsHREUP4tjWGzx87AgocPOMv
6PY8SiyUbvC0plLUt3FJXPxQsZH+wlr1TY2iXo5fUupCIpvw4kiEdKP4xQjzRm7g
jm+3i/0JtA1R3AlPpSl7GkOzuzB3djRDc5yGmfk7W6vv8wIHTmxKmyqK30wWqC2L
K0U/IWuQZp2lE9FhM1YBqeSa0N81sVp+II215Qc6tcUu1CbSMGzuE2Av07JGiofH
JrMtvQJ1KWNeH0O5wj2uIYxXDjhhzaqJ3IPvsKg3AaKovCeKgB276AQM0wIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFB46RRKy0tHwA+KmlLRisJfMaASkMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSGpwRkVyTFMwZkFENHFhVXRHS3dsOHhvQktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEACXK3AME
AJfwHAMEAZfwPAMEAJfwSAMEAJfwSgMEAZfwdgMEAJfyBDAMAwQAl/INAwQAl/IO
AwQAl/IRAwQAl/IbAwQAl/IgAwQBl/KGAwQCl/LsAwQAl/MZAwQAl/OqAwQAl/Os
AwQAl/QwAwQAl/RmMA0GCSqGSIb3DQEBCwUAA4IBAQB3zqladUZnv7p32mViVvtE
p9mCGKHPn+vGd3oEDVcIbeiCHHNSpenyKqNWqE5YBKTK9FKK9hfkvItJANJxbEcb
o4sEDJXm+8BLdVj8gyP13eX9q89+S8AVQva19KKzvHq8S2Wu0QiiZAQOdrMXelkb
WjPgNw76p64/UfwGCAhy5jDf3BLzIIi2b6305zAtOazubcaV7bUYVWEY5dnz7q9I
yZHm5vDUMFlH6kEG1Qj/U05SChlSsBYgXqNbzhgTOuvbnX5dHkLE4LxvfiihwR6D
6+Vt7criZ5zEwR0mwsMyoYr2FLibTjCYQw9nZw6PKMqK4Jy6uksFijUWJ+SpBht5
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:52:16 2025 by rpki-client