Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-SppiQ2Qt2Ym6bX0hNsJBc6KPnk.roa
File: 1-SppiQ2Qt2Ym6bX0hNsJBc6KPnk.roa (raw, json)
Hash identifier: LzI2crlGBXAAHYXCtR+iU1VXc2Vl/7hSchwIAmsgA9o=
Subject key identifier: F9:2A:69:89:0D:90:B7:66:26:E9:B5:F4:84:DB:09:05:CE:8A:3E:79
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196757D095A6AE424102BC47B3D5575FFEF
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-SppiQ2Qt2Ym6bX0hNsJBc6KPnk.roa
Signing time: Sun 27 Apr 2025 04:24:10 +0000
ROA not before: Sun 27 Apr 2025 04:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 37.202.219.0/24 maxlen: 24
151.240.31.0/24 maxlen: 24
151.242.9.0/24 maxlen: 24
151.242.13.0/24 maxlen: 24
151.242.46.0/24 maxlen: 24
151.242.47.0/24 maxlen: 24
151.242.48.0/24 maxlen: 24
151.242.60.0/24 maxlen: 24
151.242.62.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.121.0/24 maxlen: 24
151.242.166.0/23 maxlen: 24
151.242.195.0/24 maxlen: 24
151.243.57.0/24 maxlen: 24
151.243.80.0/24 maxlen: 24
151.243.140.0/24 maxlen: 24
151.243.164.0/24 maxlen: 24
151.244.59.0/24 maxlen: 24
151.244.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Apr 2025 06:08:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:75:7d:09:5a:6a:e4:24:10:2b:c4:7b:3d:55:75:ff:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 27 04:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f92a69890d90b76626e9b5f484db0905ce8a3e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:86:40:aa:be:3c:95:88:45:20:d8:39:c2:f8:
de:31:83:de:e5:d1:78:34:b4:ef:87:21:59:c3:e4:
05:21:f8:99:cb:a6:fe:2f:d7:2a:a0:3f:26:c8:37:
e0:9f:1c:e0:4f:ff:e0:89:2d:40:a9:cb:7b:ad:fb:
6f:c2:db:47:34:41:02:24:b3:33:82:54:46:8b:c5:
8b:9b:e0:59:93:07:16:13:14:da:0b:08:fc:1d:21:
e1:e4:ab:2e:9d:a8:be:bd:a8:1e:05:9d:37:2f:10:
1d:e6:6f:df:34:10:99:ce:50:19:cf:3f:3f:34:ff:
04:13:92:5f:6d:e9:9a:cd:76:7a:da:50:23:ae:97:
d0:74:7b:75:fa:26:90:be:44:7a:f3:c0:83:65:a1:
cc:64:53:59:a0:b9:9c:8b:f1:78:2b:65:2a:f1:d1:
37:b7:95:43:bc:49:e2:37:11:02:eb:c1:7b:12:a4:
13:0d:80:d5:84:ba:0e:e4:3a:72:ac:81:0d:3c:4f:
e9:e9:8e:59:94:64:52:e3:cb:78:66:b9:8f:a6:29:
4b:7f:a7:65:01:6f:f4:04:53:31:85:6f:ab:92:eb:
3a:ed:e5:e3:1f:67:e1:72:31:1f:60:76:70:c5:a0:
f7:3f:74:b0:6f:68:50:a5:2b:cd:6b:23:a0:36:e8:
d9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2A:69:89:0D:90:B7:66:26:E9:B5:F4:84:DB:09:05:CE:8A:3E:79
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-SppiQ2Qt2Ym6bX0hNsJBc6KPnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.219.0/24
151.240.31.0/24
151.242.9.0/24
151.242.13.0/24
151.242.46.0-151.242.48.255
151.242.60.0/24
151.242.62.0/24
151.242.64.0/24
151.242.121.0/24
151.242.166.0/23
151.242.195.0/24
151.243.57.0/24
151.243.80.0/24
151.243.140.0/24
151.243.164.0/24
151.244.59.0/24
151.244.117.0/24
Signature Algorithm: sha256WithRSAEncryption
51:98:34:1d:47:57:ce:1f:8e:6f:21:9a:61:ad:88:8d:8c:18:
63:8e:5c:ec:89:c2:05:ea:21:ac:42:f9:bd:cb:33:df:87:ed:
8e:64:a3:65:fc:f1:9d:b0:96:a5:0d:6e:e4:63:cd:fd:a0:75:
f9:7e:b7:f0:69:77:0a:da:a4:ff:d5:36:d9:4e:b7:c5:35:57:
cb:b3:8b:85:48:ac:ee:c9:a5:7f:d4:3d:2a:ff:fd:d0:f4:bb:
c0:e8:88:cb:af:7e:8f:8b:1e:d0:4b:96:49:dd:db:18:e4:bd:
3b:b4:d4:5f:40:cc:fa:86:91:aa:18:b3:51:23:ed:03:e7:be:
98:f4:c7:51:2f:92:86:05:bc:4f:09:99:61:ba:10:3c:48:73:
d3:e5:29:47:66:5a:dd:53:89:a0:60:ed:56:38:a0:ca:b8:be:
8b:e3:29:53:fd:ca:18:d1:b9:a5:97:ca:74:b4:d4:9b:89:d3:
b5:26:17:e3:ea:03:31:c6:a5:ec:83:c8:13:d9:15:fb:de:1d:
49:f2:54:1c:80:e4:b2:e2:26:ab:a1:11:42:10:77:5f:66:6b:
23:60:85:da:1f:10:c9:bc:94:5e:bb:c9:55:35:f9:5d:27:f0:
d6:d1:73:74:3c:8f:80:af:07:29:25:c6:6f:ee:05:12:0f:5d:
5d:36:0a:d8
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZZ1fQlaauQkECvEez1Vdf/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI3MDQyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTJhNjk4OTBkOTBiNzY2MjZlOWI1ZjQ4NGRiMDkwNWNlOGEzZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYZAqr48lYhFINg5wvjeMYPe5dF4
NLTvhyFZw+QFIfiZy6b+L9cqoD8myDfgnxzgT//giS1Aqct7rftvwttHNEECJLMz
glRGi8WLm+BZkwcWExTaCwj8HSHh5Ksunai+vageBZ03LxAd5m/fNBCZzlAZzz8/
NP8EE5JfbemazXZ62lAjrpfQdHt1+iaQvkR688CDZaHMZFNZoLmci/F4K2Uq8dE3
t5VDvEniNxEC68F7EqQTDYDVhLoO5DpyrIENPE/p6Y5ZlGRS48t4ZrmPpilLf6dl
AW/0BFMxhW+rkus67eXjH2fhcjEfYHZwxaD3P3Swb2hQpSvNayOgNujZgwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFPkqaYkNkLdmJum19ITbCQXOij55MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMS1TcHBpUTJRdDJZbTZiWDBoTnNKQmM2S1Buay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvZjQzYjFkLTllNTAtNDU1MS1hZTZhLTE3YjlkZTE0MTI1
Mi8xL3htSm05R2I3SkppamxGbXpOUzJpVVZHbHBNQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBhwYIKwYBBQUHAQcBAf8EeDB2MHQEAgABMG4DBAAlytsD
BACX8B8DBACX8gkDBACX8g0wDAMEAZfyLgMEAJfyMAMEAJfyPAMEAJfyPgMEAJfy
QAMEAJfyeQMEAZfypgMEAJfywwMEAJfzOQMEAJfzUAMEAJfzjAMEAJfzpAMEAJf0
OwMEAJf0dTANBgkqhkiG9w0BAQsFAAOCAQEAUZg0HUdXzh+ObyGaYa2IjYwYY45c
7InCBeohrEL5vcsz34ftjmSjZfzxnbCWpQ1u5GPN/aB1+X638Gl3Ctqk/9U22U63
xTVXy7OLhUis7smlf9Q9Kv/90PS7wOiIy69+j4se0EuWSd3bGOS9O7TUX0DM+oaR
qhizUSPtA+e+mPTHUS+ShgW8TwmZYboQPEhz0+UpR2Za3VOJoGDtVjigyri+i+Mp
U/3KGNG5pZfKdLTUm4nTtSYX4+oDMcal7IPIE9kV+94dSfJUHIDksuImq6ERQhB3
X2ZrI2CF2h8QybyUXrvJVTX5XSfw1tFzdDyPgK8HKSXGb+4FEg9dXTYK2A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:56:39 2025 by rpki-client