Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/2suMXmZyNqCA3OXDOCFHCY_24_g.roa
File: 2suMXmZyNqCA3OXDOCFHCY_24_g.roa (raw, json)
Hash identifier: IaFxojaI4Qml3ICaRAYc5gqoiOFfMjamJ5bLRzB85YU=
Subject key identifier: DA:CB:8C:5E:66:72:36:A0:80:DC:E5:C3:38:21:47:09:8F:F6:E3:F8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194FA225967201258F1E6BA53083B6A5C52
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/2suMXmZyNqCA3OXDOCFHCY_24_g.roa
Signing time: Wed 12 Feb 2025 12:29:02 +0000
ROA not before: Wed 12 Feb 2025 12:29:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.202.205.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.240.105.0/24 maxlen: 24
151.240.140.0/24 maxlen: 24
151.241.110.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.20.0/24 maxlen: 24
151.242.110.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
151.243.212.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Feb 2025 13:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:22:59:67:20:12:58:f1:e6:ba:53:08:3b:6a:5c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 12 12:29:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dacb8c5e667236a080dce5c3382147098ff6e3f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8a:f0:c1:37:de:54:15:2e:80:14:cc:e1:26:
69:cf:03:e0:af:b9:22:3b:ea:28:f3:18:df:cb:e8:
3b:95:bc:ff:86:4b:83:c5:25:eb:43:e4:3a:6e:96:
0f:b5:49:0b:a2:94:ac:e2:f6:93:8c:a0:33:c8:98:
c0:66:af:a1:f6:95:c0:5b:dd:11:54:81:16:11:69:
2d:55:99:a0:50:40:04:ca:65:3a:37:7f:d9:0a:7b:
ce:4e:44:c2:58:68:c8:52:06:4c:6b:5c:46:7f:f9:
c6:da:05:f1:ef:a1:a9:01:a3:6f:04:01:60:78:9d:
80:61:93:68:e8:11:8a:ee:bf:bd:64:ba:ba:a4:9a:
11:60:1b:86:6f:9e:eb:31:ab:85:c5:49:1e:22:b1:
96:ee:7c:81:61:31:49:3e:d7:53:19:b6:e6:0a:aa:
0d:43:09:d1:0e:5e:24:fa:55:b0:7a:21:b7:30:79:
fd:bc:fe:09:8f:4e:6d:ed:7a:90:70:1f:2f:02:e1:
ff:fd:31:a5:3e:a3:dd:66:f9:f8:2d:23:ec:fa:b2:
68:26:05:8f:bf:de:24:6c:36:28:4b:14:b6:60:61:
82:3e:ac:ef:a3:0a:31:e0:ce:d2:93:23:8a:76:39:
f5:ca:91:38:9e:67:07:e2:c3:14:b1:6c:d5:b4:31:
f7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CB:8C:5E:66:72:36:A0:80:DC:E5:C3:38:21:47:09:8F:F6:E3:F8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/2suMXmZyNqCA3OXDOCFHCY_24_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.205.0/24
37.202.208.0-37.202.210.255
37.202.212.0/23
151.240.105.0/24
151.240.140.0/24
151.241.110.0/24
151.242.14.0/24
151.242.20.0/24
151.242.110.0/24
151.242.117.0/24
151.243.162.0/24
151.243.212.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:fd:65:90:c6:10:7d:b9:ae:fc:2f:81:77:2f:33:d6:36:fc:
e7:0e:62:7f:49:47:28:cb:f4:c5:5b:07:db:40:74:ba:4f:29:
1b:e6:44:5c:ee:56:3f:ed:59:30:22:60:42:b3:6a:ce:8b:92:
20:72:d5:a5:c7:5b:03:38:eb:29:33:33:fd:0b:8c:75:2c:ae:
07:d3:cf:37:3e:f1:0c:78:dd:82:9f:a8:6d:2f:fa:a7:80:a6:
a6:17:13:ba:94:64:57:46:f3:5e:b4:63:2d:99:d8:65:a5:64:
31:32:69:02:e4:0d:7b:7e:8e:f5:c6:e2:38:74:cf:ac:84:d9:
6a:8a:f4:26:80:71:34:41:cc:4f:a0:e7:7c:62:15:39:dc:76:
7f:63:37:a9:cd:c9:17:7a:cf:b0:07:de:12:c4:4c:fb:ae:68:
8d:12:34:88:41:fb:1b:96:cc:80:d3:11:ef:94:4e:a9:e2:de:
b7:9e:9c:82:b1:e4:85:50:0c:d6:98:f8:72:50:3a:a0:de:e8:
22:6e:5a:07:d4:eb:ac:82:d0:af:e5:96:00:89:03:2c:b3:fc:
45:87:e0:a7:4b:74:88:89:35:11:0b:d9:12:04:d3:f4:97:23:
06:ec:69:ef:3a:35:5f:99:6d:a3:41:49:e5:e1:63:e8:d2:c9:
56:3f:01:37
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZT6IllnIBJY8ea6Uwg7alxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjEyMTIyOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWNiOGM1ZTY2NzIzNmEwODBkY2U1YzMzODIxNDcwOThmZjZlM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IrwwTfeVBUugBTM4SZpzwPgr7ki
O+oo8xjfy+g7lbz/hkuDxSXrQ+Q6bpYPtUkLopSs4vaTjKAzyJjAZq+h9pXAW90R
VIEWEWktVZmgUEAEymU6N3/ZCnvOTkTCWGjIUgZMa1xGf/nG2gXx76GpAaNvBAFg
eJ2AYZNo6BGK7r+9ZLq6pJoRYBuGb57rMauFxUkeIrGW7nyBYTFJPtdTGbbmCqoN
QwnRDl4k+lWweiG3MHn9vP4Jj05t7XqQcB8vAuH//TGlPqPdZvn4LSPs+rJoJgWP
v94kbDYoSxS2YGGCPqzvowox4M7SkyOKdjn1ypE4nmcH4sMUsWzVtDH3ZQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFNrLjF5mcjaggNzlwzghRwmP9uP4MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMnN1TVhtWnlOcUNBM09YRE9DRkhDWV8yNF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAJcrNMAwD
BAQlytADBAAlytIDBAElytQDBACX8GkDBACX8IwDBACX8W4DBACX8g4DBACX8hQD
BACX8m4DBACX8nUDBACX86IDBAGX89QwDQYJKoZIhvcNAQELBQADggEBALX9ZZDG
EH25rvwvgXcvM9Y2/OcOYn9JRyjL9MVbB9tAdLpPKRvmRFzuVj/tWTAiYEKzas6L
kiBy1aXHWwM46ykzM/0LjHUsrgfTzzc+8Qx43YKfqG0v+qeApqYXE7qUZFdG8160
Yy2Z2GWlZDEyaQLkDXt+jvXG4jh0z6yE2WqK9CaAcTRBzE+g53xiFTncdn9jN6nN
yRd6z7AH3hLETPuuaI0SNIhB+xuWzIDTEe+UTqni3reenIKx5IVQDNaY+HJQOqDe
6CJuWgfU66yC0K/llgCJAyyz/EWH4KdLdIiJNREL2RIE0/SXIwbsae86NV+ZbaNB
SeXhY+jSyVY/ATc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:33 2025 by rpki-client