Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ldy2gHGWlcvizyt-f2F_ADJ1Lnw.roa
File: Ldy2gHGWlcvizyt-f2F_ADJ1Lnw.roa (raw, json)
Hash identifier: Qt2+QgEAp1CSBkUiMNP54hY4b9jOpotlk48oB83I4cs=
Subject key identifier: 2D:DC:B6:80:71:96:95:CB:E2:CF:2B:7E:7F:61:7F:00:32:75:2E:7C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019768BBDAF11B10D8E1F229A9DEFB20B655
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ldy2gHGWlcvizyt-f2F_ADJ1Lnw.roa
Signing time: Fri 13 Jun 2025 10:00:31 +0000
ROA not before: Fri 13 Jun 2025 10:00:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 37.202.220.0/24 maxlen: 24
151.240.28.0/24 maxlen: 24
151.240.60.0/23 maxlen: 24
151.240.72.0/24 maxlen: 24
151.240.74.0/24 maxlen: 24
151.240.118.0/23 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.13.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.27.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.134.0/24 maxlen: 24
151.242.135.0/24 maxlen: 24
151.242.236.0/22 maxlen: 24
151.243.25.0/24 maxlen: 24
151.244.48.0/24 maxlen: 24
151.244.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Jun 2025 14:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:68:bb:da:f1:1b:10:d8:e1:f2:29:a9:de:fb:20:b6:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 13 10:00:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ddcb680719695cbe2cf2b7e7f617f0032752e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8a:ac:9d:d5:02:13:21:72:a8:8a:df:e8:8a:
f3:0b:89:67:a1:c7:b5:4c:05:ad:c9:ea:d7:39:73:
1a:c8:7c:4d:7e:84:41:b7:98:00:41:4c:f5:25:59:
4a:b0:32:55:4c:e6:68:cb:42:bc:42:bb:95:f8:b9:
58:58:fb:55:4a:58:51:43:f1:3c:14:57:56:10:9b:
ac:90:60:6e:24:fd:28:7d:42:bc:3a:e3:70:93:10:
c4:1e:28:e8:0a:16:cb:82:ef:7b:67:f4:a3:94:a7:
7c:19:ee:1f:32:8f:a0:cd:94:59:a7:ff:d4:9a:da:
21:91:ba:de:5c:58:c0:d3:77:5e:29:8c:94:a1:a1:
a7:93:62:36:db:70:8b:d0:e7:2c:ff:ac:5a:36:93:
36:72:b5:6c:4d:af:2f:e6:2e:4c:9a:a4:a3:55:31:
b0:50:fc:3b:0d:a2:ba:2b:66:11:c6:c4:3d:6a:b7:
d9:74:6a:47:4c:d9:78:0a:c3:20:6e:7c:24:7d:14:
9c:c7:2f:02:fc:38:6e:3c:de:b6:cf:37:ba:04:e7:
2c:f8:49:b3:79:dc:aa:cb:76:5c:0b:d3:bf:93:6e:
91:56:6c:9b:55:e9:9f:a5:5c:9c:8e:e2:5f:de:38:
92:d7:07:22:62:3c:67:19:c2:65:8c:3d:f6:cf:b9:
61:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DC:B6:80:71:96:95:CB:E2:CF:2B:7E:7F:61:7F:00:32:75:2E:7C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ldy2gHGWlcvizyt-f2F_ADJ1Lnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.220.0/24
151.240.28.0/24
151.240.60.0/23
151.240.72.0/24
151.240.74.0/24
151.240.118.0/23
151.242.4.0/24
151.242.13.0-151.242.14.255
151.242.17.0/24
151.242.27.0/24
151.242.32.0/24
151.242.134.0/23
151.242.236.0/22
151.243.25.0/24
151.244.48.0/24
151.244.102.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:19:1d:f0:68:6f:43:75:65:14:85:c1:4a:99:e5:65:94:27:
0b:19:5e:77:17:97:b3:24:46:fe:74:b4:15:cc:af:01:bb:65:
b5:ce:38:a9:c7:71:f3:c4:a9:e1:2b:7a:b1:11:91:05:fd:6f:
e9:8e:75:9a:5b:77:62:a7:8a:c1:bd:15:b4:f7:32:43:28:3b:
df:96:00:1d:96:2f:f6:3a:8c:de:74:81:cd:65:63:3d:47:c5:
cd:1c:c9:50:a6:6d:e8:dc:e8:a7:b7:9b:f4:4b:bf:f6:e2:5d:
06:85:95:9b:a6:da:22:1f:2a:ae:7d:65:3f:70:ee:b7:45:f2:
67:6d:36:75:55:fe:74:af:8e:27:aa:a7:2c:4e:d5:8e:3a:52:
47:75:c3:7a:3f:aa:2a:fd:29:67:c3:12:75:76:9d:ab:8f:0b:
24:3e:fb:a3:4e:5d:57:87:e8:3c:91:03:ad:c0:76:f2:f9:19:
34:f7:2f:45:8c:dc:42:80:a7:be:7b:ac:87:ca:9c:07:2a:25:
b5:f9:1d:20:40:b3:80:cd:77:79:30:a9:a8:db:75:6b:99:95:
63:63:b4:3e:33:81:4a:95:f3:76:09:90:46:cc:8f:ab:a8:23:
d1:6f:06:f6:67:57:c2:3e:69:d3:91:30:1f:d1:15:10:b8:e9:
48:eb:69:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZdou9rxGxDY4fIpqd77ILZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjEzMTAwMDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGRjYjY4MDcxOTY5NWNiZTJjZjJiN2U3ZjYxN2YwMDMyNzUyZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIqsndUCEyFyqIrf6IrzC4lnoce1
TAWtyerXOXMayHxNfoRBt5gAQUz1JVlKsDJVTOZoy0K8QruV+LlYWPtVSlhRQ/E8
FFdWEJuskGBuJP0ofUK8OuNwkxDEHijoChbLgu97Z/SjlKd8Ge4fMo+gzZRZp//U
mtohkbreXFjA03deKYyUoaGnk2I223CL0Ocs/6xaNpM2crVsTa8v5i5MmqSjVTGw
UPw7DaK6K2YRxsQ9arfZdGpHTNl4CsMgbnwkfRScxy8C/DhuPN62zze6BOcs+Emz
edyqy3ZcC9O/k26RVmybVemfpVycjuJf3jiS1wciYjxnGcJljD32z7lhEwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFC3ctoBxlpXL4s8rfn9hfwAydS58MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTGR5MmdIR1dsY3Zpenl0LWYyRl9BREoxTG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEACXK3AME
AJfwHAMEAZfwPAMEAJfwSAMEAJfwSgMEAZfwdgMEAJfyBDAMAwQAl/INAwQAl/IO
AwQAl/IRAwQAl/IbAwQAl/IgAwQBl/KGAwQCl/LsAwQAl/MZAwQAl/QwAwQAl/Rm
MA0GCSqGSIb3DQEBCwUAA4IBAQC4GR3waG9DdWUUhcFKmeVllCcLGV53F5ezJEb+
dLQVzK8Bu2W1zjipx3HzxKnhK3qxEZEF/W/pjnWaW3dip4rBvRW09zJDKDvflgAd
li/2OozedIHNZWM9R8XNHMlQpm3o3Oint5v0S7/24l0GhZWbptoiHyqufWU/cO63
RfJnbTZ1Vf50r44nqqcsTtWOOlJHdcN6P6oq/SlnwxJ1dp2rjwskPvujTl1Xh+g8
kQOtwHby+Rk09y9FjNxCgKe+e6yHypwHKiW1+R0gQLOAzXd5MKmo23VrmZVjY7Q+
M4FKlfN2CZBGzI+rqCPRbwb2Z1fCPmnTkTAf0RUQuOlI62lb
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:36:23 2025 by rpki-client