Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-lU_g2U_IXMOPaoEgb3cQnZCESQ.roa
File: 1-lU_g2U_IXMOPaoEgb3cQnZCESQ.roa (raw, json)
Hash identifier: yg3dt58ghre/f58/qBZ+SWTQnxCmkJqu+lPNEwFX/7w=
Subject key identifier: FA:55:3F:83:65:3F:21:73:0E:3D:AA:04:81:BD:DC:42:76:42:11:24
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196B3E153C23A72F891B4DC8FC4939C17BB
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-lU_g2U_IXMOPaoEgb3cQnZCESQ.roa
Signing time: Fri 09 May 2025 07:10:10 +0000
ROA not before: Fri 09 May 2025 07:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 37.202.203.0/24 maxlen: 24
151.240.0.0/24 maxlen: 24
151.240.1.0/24 maxlen: 24
151.240.8.0/24 maxlen: 24
151.240.9.0/24 maxlen: 24
151.240.10.0/24 maxlen: 24
151.240.77.0/24 maxlen: 24
151.241.18.0/24 maxlen: 24
151.243.206.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 11 May 2025 05:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b3:e1:53:c2:3a:72:f8:91:b4:dc:8f:c4:93:9c:17:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 9 07:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa553f83653f21730e3daa0481bddc4276421124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:45:25:65:fb:98:b8:8d:2c:3e:13:af:15:d3:
a8:49:d6:3d:0b:16:c9:21:0c:6e:4d:d2:2a:d5:6b:
a0:aa:01:77:65:f6:ae:bc:93:ef:89:10:f0:0a:5a:
2c:0b:28:40:dd:4c:ef:a7:a8:6e:d1:22:6c:9b:fe:
70:f1:9f:c0:ad:f1:af:74:d6:d4:f3:0a:f3:1c:52:
67:ce:21:46:10:47:a7:ec:db:c8:60:72:ae:90:ae:
48:03:cb:37:c8:81:f0:c2:ab:ae:e5:b7:f1:86:4e:
99:1a:d4:3c:ba:fe:ac:4d:03:0b:a3:27:94:b4:b8:
7b:4c:12:2e:b4:c7:51:0e:a7:af:52:db:42:0b:6c:
49:19:ae:7d:04:ad:88:c5:da:13:68:8c:fc:de:ef:
60:e5:9c:2a:e0:fd:ac:b9:f7:87:e1:3b:ad:d8:5e:
20:18:bb:6e:03:11:fe:f8:60:d9:7d:6d:53:86:db:
76:68:9b:75:9d:94:19:2d:d3:61:3f:9f:5f:af:5a:
06:31:15:18:e4:d1:e2:17:29:c3:87:bc:39:a0:b8:
a7:2d:c3:17:6f:c5:10:f5:ae:8c:fd:18:e6:3c:e2:
9d:09:9b:a8:26:29:7c:e8:ca:28:d3:ae:9d:10:7d:
67:4a:98:21:d1:4d:f0:bf:db:71:cd:d3:9f:96:f4:
e6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:55:3F:83:65:3F:21:73:0E:3D:AA:04:81:BD:DC:42:76:42:11:24
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-lU_g2U_IXMOPaoEgb3cQnZCESQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.203.0/24
151.240.0.0/23
151.240.8.0-151.240.10.255
151.240.77.0/24
151.241.18.0/24
151.243.206.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:1c:a1:91:b5:7e:e2:97:d3:a6:51:d5:dd:d2:67:d7:03:cc:
cd:82:e2:10:e6:47:12:ec:9d:83:a2:89:28:f2:06:aa:fa:05:
13:56:b4:ad:cb:d8:d6:3b:53:53:3c:83:a5:06:d7:a1:20:58:
54:01:2d:f3:cb:ac:24:d6:f2:26:5e:39:44:4e:32:e5:79:0a:
28:dd:d0:41:b9:40:80:68:d7:6a:1b:a5:cb:75:08:e1:55:36:
cd:64:a0:c4:96:b8:23:77:06:7f:2a:f0:10:9a:bc:80:7e:c4:
0d:3e:4c:d5:40:13:d1:2a:c2:a4:67:58:7f:d4:55:bf:fa:d2:
9e:87:3a:29:a8:0d:d8:55:10:ec:77:55:b4:76:04:a4:78:f0:
56:8a:6f:77:73:64:b5:b3:c1:9f:0a:b1:7a:dc:84:29:bf:e1:
15:c6:d5:4c:81:4d:8a:bb:0c:58:df:81:3a:50:5a:6c:2c:60:
bb:d8:8c:bb:0b:b0:dd:e6:b5:1a:f4:74:be:29:9e:4e:d9:64:
24:26:d0:ef:df:42:80:d6:0d:14:aa:c4:6e:e1:c3:00:8d:ce:
4f:34:9b:44:da:c1:37:db:c0:4f:8e:80:2b:2e:28:77:a8:ef:
f4:58:da:35:f9:62:d0:fb:89:d3:b3:45:d4:06:51:20:41:b8:
73:54:31:49
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZaz4VPCOnL4kbTcj8STnBe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA5MDcxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTU1M2Y4MzY1M2YyMTczMGUzZGFhMDQ4MWJkZGM0Mjc2NDIxMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkUlZfuYuI0sPhOvFdOoSdY9CxbJ
IQxuTdIq1WugqgF3ZfauvJPviRDwClosCyhA3Uzvp6hu0SJsm/5w8Z/ArfGvdNbU
8wrzHFJnziFGEEen7NvIYHKukK5IA8s3yIHwwquu5bfxhk6ZGtQ8uv6sTQMLoyeU
tLh7TBIutMdRDqevUttCC2xJGa59BK2IxdoTaIz83u9g5Zwq4P2sufeH4Tut2F4g
GLtuAxH++GDZfW1Thtt2aJt1nZQZLdNhP59fr1oGMRUY5NHiFynDh7w5oLinLcMX
b8UQ9a6M/RjmPOKdCZuoJil86Moo066dEH1nSpgh0U3wv9txzdOflvTmMwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPpVP4NlPyFzDj2qBIG93EJ2QhEkMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMS1sVV9nMlVfSVhNT1Bhb0VnYjNjUW5aQ0VTUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvZjQzYjFkLTllNTAtNDU1MS1hZTZhLTE3YjlkZTE0MTI1
Mi8xL3htSm05R2I3SkppamxGbXpOUzJpVVZHbHBNQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEACXKywME
AZfwADAMAwQDl/AIAwQAl/AKAwQAl/BNAwQAl/ESAwQBl/POMA0GCSqGSIb3DQEB
CwUAA4IBAQAOHKGRtX7il9OmUdXd0mfXA8zNguIQ5kcS7J2Dooko8gaq+gUTVrSt
y9jWO1NTPIOlBtehIFhUAS3zy6wk1vImXjlETjLleQoo3dBBuUCAaNdqG6XLdQjh
VTbNZKDElrgjdwZ/KvAQmryAfsQNPkzVQBPRKsKkZ1h/1FW/+tKehzopqA3YVRDs
d1W0dgSkePBWim93c2S1s8GfCrF63IQpv+EVxtVMgU2KuwxY34E6UFpsLGC72Iy7
C7Dd5rUa9HS+KZ5O2WQkJtDv30KA1g0UqsRu4cMAjc5PNJtE2sE328BPjoArLih3
qO/0WNo1+WLQ+4nTs0XUBlEgQbhzVDFJ
-----END CERTIFICATE-----
Generated at Fri Jun 6 20:40:24 2025 by rpki-client