Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-mlR3YcD8oXHof10dbSw3DO7Ilg.roa
File: 1-mlR3YcD8oXHof10dbSw3DO7Ilg.roa (raw, json)
Hash identifier: RM/ur772pcgtA0MBIm/YGfrzo2uZR44wFG9uQlZVk7A=
Subject key identifier: FA:69:51:DD:87:03:F2:85:C7:A1:FD:74:75:B4:B0:DC:33:BB:22:58
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195175776DBDE1A8BC2643A26C5312C1158
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-mlR3YcD8oXHof10dbSw3DO7Ilg.roa
Signing time: Tue 18 Feb 2025 04:36:02 +0000
ROA not before: Tue 18 Feb 2025 04:36:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.202.205.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.209.0/24 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.240.105.0/24 maxlen: 24
151.240.140.0/24 maxlen: 24
151.241.110.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.20.0/24 maxlen: 24
151.242.110.0/24 maxlen: 24
151.243.104.0/24 maxlen: 24
151.243.118.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
151.243.212.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Feb 2025 09:39:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:17:57:76:db:de:1a:8b:c2:64:3a:26:c5:31:2c:11:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 18 04:36:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa6951dd8703f285c7a1fd7475b4b0dc33bb2258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0a:36:2e:12:97:9d:c3:a3:df:aa:b1:20:e1:
e8:bc:5d:d4:aa:88:a6:2f:0e:a6:b0:6c:19:4d:4c:
c1:93:26:96:e0:b4:19:27:a2:6e:5c:af:19:4d:65:
cd:cc:67:ce:a3:f3:9c:33:0e:c2:1a:a8:70:a5:11:
b2:3b:f1:23:8f:19:4d:d9:e5:a5:a0:39:72:8b:19:
31:2e:21:8d:c0:dd:03:c2:66:9b:10:44:f0:0e:41:
dd:0b:da:1f:34:c8:85:d0:c1:99:fb:20:35:10:bb:
7d:6e:a3:77:b7:5f:11:b3:96:6d:33:f6:1b:a3:bc:
6f:08:97:67:57:ab:3f:99:36:4d:bb:c9:2b:1f:f9:
be:44:db:4b:3f:71:cd:33:ed:99:8d:05:45:25:27:
1a:92:d7:0d:60:b3:84:97:34:ae:c3:5a:d4:04:72:
90:9d:04:65:16:9f:df:8f:51:2c:04:86:fb:cc:b8:
d4:72:af:66:dd:75:66:40:da:5e:94:6c:ab:99:ef:
0a:0a:a1:2c:0f:20:eb:1d:a4:39:1a:65:9d:ac:9b:
f5:03:07:83:b2:26:e5:0d:ff:a4:96:94:8b:67:de:
f5:33:84:74:ac:d9:f2:17:ed:ce:94:bb:df:52:65:
f7:1a:3d:09:6d:ba:97:d4:f2:cc:b6:28:6a:c6:03:
37:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:69:51:DD:87:03:F2:85:C7:A1:FD:74:75:B4:B0:DC:33:BB:22:58
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-mlR3YcD8oXHof10dbSw3DO7Ilg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.205.0/24
37.202.208.0-37.202.210.255
37.202.212.0/23
151.240.105.0/24
151.240.140.0/24
151.241.110.0/24
151.242.14.0/24
151.242.20.0/24
151.242.110.0/24
151.243.104.0/24
151.243.118.0/24
151.243.162.0/24
151.243.212.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:83:c2:d8:e3:f7:06:64:84:3b:0d:27:80:62:2d:71:a6:22:
b2:0b:39:85:14:c5:2f:9d:19:9c:da:e9:5d:cc:31:1f:65:df:
2e:41:08:0d:9a:58:11:09:0d:ae:13:b1:99:8c:9b:cb:fd:78:
e8:a2:23:a5:77:0d:8c:af:6d:ec:91:7e:35:c5:59:8a:88:28:
65:2b:ab:45:d0:55:5a:14:ef:33:ee:00:85:b4:52:83:13:99:
61:04:a6:d7:2a:62:73:c1:24:6b:96:20:25:0e:f2:1d:ff:cc:
72:9d:0a:1a:58:e7:c1:35:02:b6:75:36:b5:fd:15:f0:28:58:
04:f2:d3:fb:05:99:26:e0:18:c9:57:57:e2:f2:05:0c:97:0f:
fc:40:d3:4c:32:30:64:4a:29:b4:42:23:2d:3c:e7:f2:01:85:
a2:c2:93:84:5f:96:87:88:87:8f:16:5b:ae:0a:9f:be:99:8f:
72:a2:3c:00:d4:5a:d6:7c:8d:53:10:24:10:be:4d:2c:ec:b8:
6c:d0:b8:84:0a:cf:b1:3b:36:f1:8f:c2:71:fb:12:60:58:ec:
51:87:15:77:63:05:20:66:b9:6c:6c:cc:0e:82:54:7a:25:90:
49:04:fe:50:95:c4:d8:54:ac:81:99:44:5b:42:ee:79:d0:77:
7d:47:20:9c
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZUXV3bb3hqLwmQ6JsUxLBFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjE4MDQzNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTY5NTFkZDg3MDNmMjg1YzdhMWZkNzQ3NWI0YjBkYzMzYmIyMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgo2LhKXncOj36qxIOHovF3Uqoim
Lw6msGwZTUzBkyaW4LQZJ6JuXK8ZTWXNzGfOo/OcMw7CGqhwpRGyO/EjjxlN2eWl
oDlyixkxLiGNwN0DwmabEETwDkHdC9ofNMiF0MGZ+yA1ELt9bqN3t18Rs5ZtM/Yb
o7xvCJdnV6s/mTZNu8krH/m+RNtLP3HNM+2ZjQVFJScaktcNYLOElzSuw1rUBHKQ
nQRlFp/fj1EsBIb7zLjUcq9m3XVmQNpelGyrme8KCqEsDyDrHaQ5GmWdrJv1AweD
siblDf+klpSLZ971M4R0rNnyF+3OlLvfUmX3Gj0JbbqX1PLMtihqxgM3JQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFPppUd2HA/KFx6H9dHW0sNwzuyJYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMS1tbFIzWWNEOG9YSG9mMTBkYlN3M0RPN0lsZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvZjQzYjFkLTllNTAtNDU1MS1hZTZhLTE3YjlkZTE0MTI1
Mi8xL3htSm05R2I3SkppamxGbXpOUzJpVVZHbHBNQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBvBggrBgEFBQcBBwEB/wRgMF4wXAQCAAEwVgMEACXKzTAM
AwQEJcrQAwQAJcrSAwQBJcrUAwQAl/BpAwQAl/CMAwQAl/FuAwQAl/IOAwQAl/IU
AwQAl/JuAwQAl/NoAwQAl/N2AwQAl/OiAwQBl/PUMA0GCSqGSIb3DQEBCwUAA4IB
AQCLg8LY4/cGZIQ7DSeAYi1xpiKyCzmFFMUvnRmc2uldzDEfZd8uQQgNmlgRCQ2u
E7GZjJvL/XjooiOldw2Mr23skX41xVmKiChlK6tF0FVaFO8z7gCFtFKDE5lhBKbX
KmJzwSRrliAlDvId/8xynQoaWOfBNQK2dTa1/RXwKFgE8tP7BZkm4BjJV1fi8gUM
lw/8QNNMMjBkSim0QiMtPOfyAYWiwpOEX5aHiIePFluuCp++mY9yojwA1FrWfI1T
ECQQvk0s7Lhs0LiECs+xOzbxj8Jx+xJgWOxRhxV3YwUgZrlsbMwOglR6JZBJBP5Q
lcTYVKyBmURbQu550Hd9RyCc
-----END CERTIFICATE-----
Generated at Fri Jun 6 20:49:32 2025 by rpki-client