Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8-9zSzMp3ySUqfAC_hcqZlDuZHw.roa
File: 8-9zSzMp3ySUqfAC_hcqZlDuZHw.roa (raw, json)
Hash identifier: y3Tevdf+bkfL6ySArYm/IFXAJ2sPEfB/t7oKz1NXXAw=
Subject key identifier: F3:EF:73:4B:33:29:DF:24:94:A9:F0:02:FE:17:2A:66:50:EE:64:7C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01972B2F157C586EE95946F664E2BE4CC881
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8-9zSzMp3ySUqfAC_hcqZlDuZHw.roa
Signing time: Sun 01 Jun 2025 11:09:55 +0000
ROA not before: Sun 01 Jun 2025 11:09:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
151.242.190.0/24 maxlen: 24
151.242.194.0/24 maxlen: 24
151.243.7.0/24 maxlen: 24
151.243.10.0/24 maxlen: 24
151.243.152.0/22 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.243.0/24 maxlen: 24
151.245.1.0/24 maxlen: 24
151.245.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 14:35:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2b:2f:15:7c:58:6e:e9:59:46:f6:64:e2:be:4c:c8:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 1 11:09:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3ef734b3329df2494a9f002fe172a6650ee647c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6c:8f:7f:f6:65:94:50:ef:b4:9f:23:c1:ed:
f6:ea:b7:b4:6a:d9:9a:1f:6e:26:be:49:a1:20:e3:
69:5f:8f:55:d6:26:7a:05:0d:11:25:03:8c:bd:d2:
a5:47:5d:db:74:2b:58:c4:a1:16:9a:f3:fc:67:15:
a4:6b:d7:fe:84:11:0d:69:0c:ee:9e:0d:32:68:65:
d2:98:f0:bb:50:48:bf:e5:f9:b5:1d:53:f7:a9:48:
40:4b:d1:d2:56:6e:ed:3e:b0:c6:52:79:c6:03:a1:
4d:ef:36:61:e9:14:e2:d6:69:fb:82:16:f1:a0:59:
4f:56:00:e8:bb:ab:41:12:78:cf:d2:b5:f1:8e:6b:
ce:c2:4e:af:af:5e:19:5c:61:d9:51:df:c3:98:a5:
af:57:57:f6:c7:d7:2c:7e:f8:a9:71:05:87:48:57:
f3:83:20:3e:37:d2:81:2d:6b:80:cb:a0:e7:01:58:
90:d4:06:95:23:a8:d5:b0:53:f1:e1:67:34:75:00:
e3:2a:96:db:1e:49:48:cb:22:12:f8:34:39:2c:f8:
05:e5:19:b9:35:42:30:47:e4:f2:bc:06:28:da:5a:
84:12:25:57:e1:57:1a:95:04:c4:a1:89:da:de:c3:
1f:a5:f4:f3:1b:96:ce:77:ad:e2:96:a5:36:d1:bd:
cb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EF:73:4B:33:29:DF:24:94:A9:F0:02:FE:17:2A:66:50:EE:64:7C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8-9zSzMp3ySUqfAC_hcqZlDuZHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
37.202.201.0/24
151.242.190.0/24
151.242.194.0/24
151.243.7.0/24
151.243.10.0/24
151.243.152.0/22
151.243.228.0/24
151.243.243.0/24
151.245.1.0/24
151.245.4.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:b0:59:ad:a3:e4:e1:98:f0:e9:69:c0:a9:f5:59:b0:8a:94:
76:51:82:cd:68:64:4c:8e:c2:54:b7:c2:d3:76:17:26:70:68:
17:bc:cd:6b:88:3b:1f:74:de:c5:6a:29:a9:fa:7b:67:15:8b:
d9:af:67:c4:4d:a3:bf:5f:53:58:e9:a9:57:16:24:7d:e5:ef:
dd:a9:54:9e:c6:38:cc:6c:48:9e:ce:01:8f:e2:09:4f:e0:5c:
95:cb:05:8a:4e:a1:35:d1:7c:dd:ca:78:77:4a:b2:83:ed:bc:
ae:1b:d7:f6:70:c3:b5:06:63:cb:f1:a9:fc:06:7c:a2:14:25:
1f:51:da:f6:57:cb:92:8c:6c:42:99:6d:e1:56:a8:6b:32:ad:
d2:e0:7a:b9:3d:5f:78:7a:9e:0d:36:8e:25:a9:28:4a:82:6d:
b5:d8:6e:bd:6c:8a:1a:ab:c0:15:e6:23:80:29:65:e2:50:66:
cf:08:ab:bc:35:bf:bd:b4:05:06:59:22:69:44:21:53:31:2d:
e9:84:e2:5c:67:da:7c:73:1a:af:b5:90:d9:94:a3:f2:8b:01:
b4:8c:c1:ee:34:1b:13:4c:30:59:53:76:b3:6d:85:84:60:14:
85:7b:18:3a:5f:a4:57:e1:e1:e1:9c:9e:4e:7b:7e:e8:c1:1b:
74:03:58:bd
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZcrLxV8WG7pWUb2ZOK+TMiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjAxMTEwOTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2VmNzM0YjMzMjlkZjI0OTRhOWYwMDJmZTE3MmE2NjUwZWU2NDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GyPf/ZllFDvtJ8jwe326re0atma
H24mvkmhIONpX49V1iZ6BQ0RJQOMvdKlR13bdCtYxKEWmvP8ZxWka9f+hBENaQzu
ng0yaGXSmPC7UEi/5fm1HVP3qUhAS9HSVm7tPrDGUnnGA6FN7zZh6RTi1mn7ghbx
oFlPVgDou6tBEnjP0rXxjmvOwk6vr14ZXGHZUd/DmKWvV1f2x9csfvipcQWHSFfz
gyA+N9KBLWuAy6DnAViQ1AaVI6jVsFPx4Wc0dQDjKpbbHklIyyIS+DQ5LPgF5Rm5
NUIwR+TyvAYo2lqEEiVX4VcalQTEoYna3sMfpfTzG5bOd63ilqU20b3LLwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFPPvc0szKd8klKnwAv4XKmZQ7mR8MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOC05elN6TXAzeVNVcWZBQ19oY3FabER1Wkh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAJcrCAwQA
JcrJAwQAl/K+AwQAl/LCAwQAl/MHAwQAl/MKAwQCl/OYAwQAl/PkAwQAl/PzAwQA
l/UBAwQAl/UEMA0GCSqGSIb3DQEBCwUAA4IBAQA9sFmto+ThmPDpacCp9VmwipR2
UYLNaGRMjsJUt8LTdhcmcGgXvM1riDsfdN7Faimp+ntnFYvZr2fETaO/X1NY6alX
FiR95e/dqVSexjjMbEiezgGP4glP4FyVywWKTqE10Xzdynh3SrKD7byuG9f2cMO1
BmPL8an8BnyiFCUfUdr2V8uSjGxCmW3hVqhrMq3S4Hq5PV94ep4NNo4lqShKgm21
2G69bIoaq8AV5iOAKWXiUGbPCKu8Nb+9tAUGWSJpRCFTMS3phOJcZ9p8cxqvtZDZ
lKPyiwG0jMHuNBsTTDBZU3azbYWEYBSFexg6X6RX4eHhnJ5Oe37owRt0A1i9
-----END CERTIFICATE-----
Generated at Fri Jun 6 07:07:26 2025 by rpki-client