Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cHfbgqSbCECupXN7H78tQMFCpUQ.roa
File: cHfbgqSbCECupXN7H78tQMFCpUQ.roa (raw, json)
Hash identifier: mPfyPDgm8ciinBgwL6NgB1DpbOHqflcJkRP7OBMWevo=
Subject key identifier: 70:77:DB:82:A4:9B:08:40:AE:A5:73:7B:1F:BF:2D:40:C1:42:A5:44
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197E3B05C24F1A3ED578BBC19AD4AB42D64
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cHfbgqSbCECupXN7H78tQMFCpUQ.roa
Signing time: Mon 07 Jul 2025 07:01:15 +0000
ROA not before: Mon 07 Jul 2025 07:01:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9232
IP address blocks: 37.202.213.0/24 maxlen: 24
37.202.221.0/24 maxlen: 24
151.242.18.0/24 maxlen: 24
151.242.19.0/24 maxlen: 24
151.242.21.0/24 maxlen: 24
151.242.68.0/24 maxlen: 24
151.242.70.0/24 maxlen: 24
151.242.71.0/24 maxlen: 24
151.244.8.0/24 maxlen: 24
151.244.12.0/24 maxlen: 24
151.244.24.0/24 maxlen: 24
151.244.30.0/24 maxlen: 24
151.244.40.0/24 maxlen: 24
151.244.65.0/24 maxlen: 24
151.244.73.0/24 maxlen: 24
151.244.86.0/24 maxlen: 24
151.244.93.0/24 maxlen: 24
151.244.97.0/24 maxlen: 24
151.244.101.0/24 maxlen: 24
151.244.105.0/24 maxlen: 24
151.244.110.0/24 maxlen: 24
151.244.114.0/24 maxlen: 24
151.244.118.0/24 maxlen: 24
151.244.124.0/24 maxlen: 24
151.245.0.0/24 maxlen: 24
151.245.32.0/24 maxlen: 24
151.245.72.0/24 maxlen: 24
151.245.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Jul 2025 04:43:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e3:b0:5c:24:f1:a3:ed:57:8b:bc:19:ad:4a:b4:2d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 7 07:01:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7077db82a49b0840aea5737b1fbf2d40c142a544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f4:db:cd:83:52:5e:8c:e8:30:a3:41:6d:b8:
0f:ca:85:ac:cc:84:c0:ef:b8:22:b2:5a:5d:1b:0b:
8a:75:d0:29:f9:5e:86:7b:5d:69:fc:cc:2d:44:09:
be:55:0a:05:3a:db:db:30:49:f0:fc:4f:91:60:06:
12:9b:1a:5c:a8:3f:55:0c:01:00:00:59:82:14:47:
03:14:d7:3e:b6:d5:ae:06:ea:bd:18:21:fd:70:8b:
38:78:bc:aa:3b:7d:47:8d:7b:a2:f3:33:46:f2:99:
56:6a:a1:cc:1e:44:57:0c:72:f7:c9:56:59:64:5b:
ba:24:9c:48:98:88:44:f1:d6:56:3c:6b:a1:9f:1b:
74:da:4f:0d:6f:87:d2:be:41:d7:f2:c1:ae:8d:40:
af:f2:30:aa:82:cf:3d:b4:21:56:cc:a4:94:59:e8:
12:f0:ae:a9:16:de:b8:d0:e9:a4:66:05:ff:35:26:
2a:0a:6e:a6:a3:42:cb:4b:16:11:b6:cd:ed:b4:00:
d6:78:a9:10:0a:8a:70:4c:08:75:81:8f:54:e6:9b:
69:2d:e4:b0:a5:c6:e7:ee:77:a3:06:dd:26:5d:89:
c5:36:9d:bc:4b:fe:18:c2:99:50:3c:6c:c5:62:28:
89:6a:72:31:80:0e:08:c2:37:ca:1d:bc:61:59:51:
25:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:77:DB:82:A4:9B:08:40:AE:A5:73:7B:1F:BF:2D:40:C1:42:A5:44
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cHfbgqSbCECupXN7H78tQMFCpUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.213.0/24
37.202.221.0/24
151.242.18.0/23
151.242.21.0/24
151.242.68.0/24
151.242.70.0/23
151.244.8.0/24
151.244.12.0/24
151.244.24.0/24
151.244.30.0/24
151.244.40.0/24
151.244.65.0/24
151.244.73.0/24
151.244.86.0/24
151.244.93.0/24
151.244.97.0/24
151.244.101.0/24
151.244.105.0/24
151.244.110.0/24
151.244.114.0/24
151.244.118.0/24
151.244.124.0/24
151.245.0.0/24
151.245.32.0/24
151.245.72.0/24
151.245.92.0/24
Signature Algorithm: sha256WithRSAEncryption
91:94:4d:0b:4e:4b:d6:07:e8:a6:33:f4:62:c1:45:49:26:53:
08:40:81:ac:51:9f:27:19:8b:8b:bc:c8:25:77:8b:33:50:fe:
93:6d:27:da:7d:ab:e0:57:30:61:19:c3:2f:1c:d3:e7:ef:a7:
93:72:8c:a8:4e:df:14:49:79:38:fe:d7:03:1f:07:95:bc:8c:
5d:1c:ad:e9:b7:0b:8f:9c:87:f5:30:44:40:25:82:09:1d:5d:
a0:0d:6c:fe:86:b0:b8:58:ac:03:41:e0:28:47:09:42:85:c6:
7f:8e:83:ab:0e:dc:6d:85:f9:1d:d4:b8:1d:d5:da:f5:5d:2d:
4e:95:bb:64:29:eb:bf:01:c0:e9:d1:e0:09:91:54:2c:e0:6b:
8d:d5:09:da:4c:4a:fa:a2:06:bd:5d:e3:fd:f5:bb:e7:39:c0:
3c:79:e4:91:2a:a0:78:05:ad:36:85:b9:ec:2f:3e:13:74:f6:
e6:a2:75:ea:82:41:b0:96:3d:8e:ff:e7:79:8d:aa:30:58:5b:
ab:fd:eb:9c:d0:7c:78:fb:8d:ea:09:cc:88:8e:8e:e6:2d:78:
45:45:36:a6:6b:5a:22:a4:62:a0:9e:fd:8d:d4:9e:8c:d5:f3:
3d:53:2c:cb:e3:e1:ef:d9:d2:b2:a4:91:93:c8:f0:fe:1b:4f:
24:fa:68:9f
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZfjsFwk8aPtV4u8Ga1KtC1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA3MDcwMTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDc3ZGI4MmE0OWIwODQwYWVhNTczN2IxZmJmMmQ0MGMxNDJhNTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPTbzYNSXozoMKNBbbgPyoWszITA
77gislpdGwuKddAp+V6Ge11p/MwtRAm+VQoFOtvbMEnw/E+RYAYSmxpcqD9VDAEA
AFmCFEcDFNc+ttWuBuq9GCH9cIs4eLyqO31HjXui8zNG8plWaqHMHkRXDHL3yVZZ
ZFu6JJxImIhE8dZWPGuhnxt02k8Nb4fSvkHX8sGujUCv8jCqgs89tCFWzKSUWegS
8K6pFt640OmkZgX/NSYqCm6mo0LLSxYRts3ttADWeKkQCopwTAh1gY9U5ptpLeSw
pcbn7nejBt0mXYnFNp28S/4YwplQPGzFYiiJanIxgA4IwjfKHbxhWVEleQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFHB324KkmwhArqVzex+/LUDBQqVEMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvY0hmYmdxU2JDRUN1cFhON0g3OHRRTUZDcFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAAl
ytUDBAAlyt0DBAGX8hIDBACX8hUDBACX8kQDBAGX8kYDBACX9AgDBACX9AwDBACX
9BgDBACX9B4DBACX9CgDBACX9EEDBACX9EkDBACX9FYDBACX9F0DBACX9GEDBACX
9GUDBACX9GkDBACX9G4DBACX9HIDBACX9HYDBACX9HwDBACX9QADBACX9SADBACX
9UgDBACX9VwwDQYJKoZIhvcNAQELBQADggEBAJGUTQtOS9YH6KYz9GLBRUkmUwhA
gaxRnycZi4u8yCV3izNQ/pNtJ9p9q+BXMGEZwy8c0+fvp5NyjKhO3xRJeTj+1wMf
B5W8jF0crem3C4+ch/UwREAlggkdXaANbP6GsLhYrANB4ChHCUKFxn+Og6sO3G2F
+R3UuB3V2vVdLU6Vu2Qp678BwOnR4AmRVCzga43VCdpMSvqiBr1d4/31u+c5wDx5
5JEqoHgFrTaFuewvPhN09uaideqCQbCWPY7/53mNqjBYW6v965zQfHj7jeoJzIiO
juYteEVFNqZrWiKkYqCe/Y3UnozV8z1TLMvj4e/Z0rKkkZPI8P4bTyT6aJ8=
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:46:30 2025 by rpki-client