Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ripuNgUz9g7wiE2TM8gNqqnILMo.roa
File: ripuNgUz9g7wiE2TM8gNqqnILMo.roa (raw, json)
Hash identifier: hC8pfJTooUzvvrAqkJGxy8mBxfTt0WugiPB44Q9uJVs=
Subject key identifier: AE:2A:6E:36:05:33:F6:0E:F0:88:4D:93:33:C8:0D:AA:A9:C8:2C:CA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197FE4F7300AAFE7785058508E37B699AD6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ripuNgUz9g7wiE2TM8gNqqnILMo.roa
Signing time: Sat 12 Jul 2025 11:05:09 +0000
ROA not before: Sat 12 Jul 2025 11:05:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 37.202.203.0/24 maxlen: 24
151.242.202.0/23 maxlen: 23
151.242.252.0/24 maxlen: 24
151.243.206.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 16 Jul 2025 05:59:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:fe:4f:73:00:aa:fe:77:85:05:85:08:e3:7b:69:9a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 12 11:05:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae2a6e360533f60ef0884d9333c80daaa9c82cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d8:43:ab:4c:07:4a:39:5f:a4:a7:30:cc:99:
8b:7b:8d:14:ed:0a:e5:fa:95:0c:42:b9:e6:09:91:
2c:b8:ed:33:24:63:84:68:b8:1f:34:b9:4e:1c:81:
58:c0:92:9e:e1:a8:0f:33:b2:1b:08:92:5b:a5:c1:
cd:32:b5:27:8c:72:81:22:f9:75:c0:41:23:82:c7:
0e:69:d1:8b:8f:df:43:f2:5a:56:01:77:b1:5d:4b:
85:0f:61:2c:28:58:30:35:02:f8:8b:e0:04:f9:01:
72:f8:d7:46:f2:a8:fe:af:78:cb:ea:41:34:ec:ee:
30:24:3d:77:eb:74:71:b7:ee:2a:99:72:38:48:84:
d6:19:46:1a:64:83:24:a4:8a:d8:71:76:82:d5:23:
00:86:5e:79:4a:cd:88:cb:5d:e7:25:1f:c5:5c:96:
0a:70:ba:79:ea:3c:2b:fe:cb:eb:d4:21:6e:16:12:
4f:4e:6b:da:62:f5:02:3e:51:87:42:db:10:cb:de:
39:47:17:47:29:62:bd:3d:d6:99:99:67:6a:7e:53:
9c:17:14:b5:1a:42:c6:37:95:0f:56:ba:80:f9:d1:
f2:8a:6f:43:14:3a:2d:39:24:8f:4e:fa:22:3d:2f:
4d:f7:a5:8c:aa:96:b5:2d:54:65:8f:be:0c:27:6a:
f6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:2A:6E:36:05:33:F6:0E:F0:88:4D:93:33:C8:0D:AA:A9:C8:2C:CA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ripuNgUz9g7wiE2TM8gNqqnILMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.203.0/24
151.242.202.0/23
151.242.252.0/24
151.243.206.0/23
Signature Algorithm: sha256WithRSAEncryption
74:09:2b:8c:92:42:8d:b9:1d:3c:9a:41:7c:f8:ff:7f:24:af:
eb:76:1a:62:c6:78:6d:d8:78:6c:b3:d0:99:df:d8:b6:72:ed:
a2:99:25:fa:94:2e:72:70:59:b2:32:1a:de:38:07:4d:d9:33:
ab:b4:c0:2f:77:fa:df:fe:fd:3b:72:90:ac:75:2d:fd:c2:eb:
b5:92:68:c3:6b:0d:d2:99:ee:d7:25:1f:87:fe:46:20:f5:9f:
25:08:d8:69:75:3f:b9:b9:2c:18:12:1f:40:32:f4:1f:03:b7:
80:23:9f:02:ad:b8:f0:10:10:d1:eb:ca:bf:86:88:36:dc:20:
cf:7b:51:19:56:65:d3:4c:eb:ef:50:ac:76:01:ee:fc:05:fd:
2e:83:96:2a:dc:24:9f:f5:ea:2d:1e:d2:d5:2c:83:e2:ba:f6:
c9:89:cc:1c:5c:3d:df:12:9a:a8:3a:9b:77:32:c5:72:57:47:
04:6e:41:47:1a:30:c2:13:68:48:86:cf:71:eb:6a:13:92:b1:
fe:ba:39:9a:39:4b:19:ba:ed:29:9d:2e:36:86:d0:ae:6f:01:
ad:0d:d0:1d:a8:8d:e2:24:1a:85:92:81:2b:53:55:09:7d:6e:
37:4e:68:c7:d2:1a:68:f0:13:0f:26:d9:50:00:c7:ce:3a:a3:
0b:09:27:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZf+T3MAqv53hQWFCON7aZrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzEyMTEwNTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTJhNmUzNjA1MzNmNjBlZjA4ODRkOTMzM2M4MGRhYWE5YzgyY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdhDq0wHSjlfpKcwzJmLe40U7Qrl
+pUMQrnmCZEsuO0zJGOEaLgfNLlOHIFYwJKe4agPM7IbCJJbpcHNMrUnjHKBIvl1
wEEjgscOadGLj99D8lpWAXexXUuFD2EsKFgwNQL4i+AE+QFy+NdG8qj+r3jL6kE0
7O4wJD1363Rxt+4qmXI4SITWGUYaZIMkpIrYcXaC1SMAhl55Ss2Iy13nJR/FXJYK
cLp56jwr/svr1CFuFhJPTmvaYvUCPlGHQtsQy945RxdHKWK9PdaZmWdqflOcFxS1
GkLGN5UPVrqA+dHyim9DFDotOSSPTvoiPS9N96WMqpa1LVRlj74MJ2r2KQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK4qbjYFM/YO8IhNkzPIDaqpyCzKMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcmlwdU5nVXo5Zzd3aUUyVE04Z05xcW5JTE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJcrLAwQB
l/LKAwQAl/L8AwQBl/POMA0GCSqGSIb3DQEBCwUAA4IBAQB0CSuMkkKNuR08mkF8
+P9/JK/rdhpixnht2Hhss9CZ39i2cu2imSX6lC5ycFmyMhreOAdN2TOrtMAvd/rf
/v07cpCsdS39wuu1kmjDaw3Sme7XJR+H/kYg9Z8lCNhpdT+5uSwYEh9AMvQfA7eA
I58CrbjwEBDR68q/hog23CDPe1EZVmXTTOvvUKx2Ae78Bf0ug5Yq3CSf9eotHtLV
LIPiuvbJicwcXD3fEpqoOpt3MsVyV0cEbkFHGjDCE2hIhs9x62oTkrH+ujmaOUsZ
uu0pnS42htCubwGtDdAdqI3iJBqFkoErU1UJfW43TmjH0hpo8BMPJtlQAMfOOqML
CSeA
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:35:57 2025 by rpki-client