Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8t7gQxLIGO70HLXi2O3n7eygWgo.roa
File: 8t7gQxLIGO70HLXi2O3n7eygWgo.roa (raw, json)
Hash identifier: 9sSawCOgSIfNoEC4KeIexomua5bkv7K8sWRITJDRicM=
Subject key identifier: F2:DE:E0:43:12:C8:18:EE:F4:1C:B5:E2:D8:ED:E7:ED:EC:A0:5A:0A
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019676AA3E994F7664BB2AB34AF578FFE653
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8t7gQxLIGO70HLXi2O3n7eygWgo.roa
Signing time: Sun 27 Apr 2025 09:53:10 +0000
ROA not before: Sun 27 Apr 2025 09:53:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 37.202.222.0/24 maxlen: 24
151.240.3.0/24 maxlen: 24
151.240.79.0/24 maxlen: 24
151.240.110.0/24 maxlen: 24
151.242.33.0/24 maxlen: 24
151.242.87.0/24 maxlen: 24
151.242.174.0/23 maxlen: 23
151.242.192.0/23 maxlen: 23
151.243.101.0/24 maxlen: 24
151.244.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Apr 2025 05:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:76:aa:3e:99:4f:76:64:bb:2a:b3:4a:f5:78:ff:e6:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 27 09:53:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2dee04312c818eef41cb5e2d8ede7edeca05a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8b:cb:5c:f2:fb:58:89:0d:87:17:a3:e5:17:
45:a2:a3:e3:e7:b2:5a:36:3b:5e:54:a1:8a:c6:65:
cf:db:a7:dc:5e:35:12:15:58:17:23:a5:ff:5e:5e:
af:e7:4f:8b:d3:72:34:53:89:a6:1c:97:1a:5a:32:
6c:e8:6b:04:be:86:43:5f:44:45:e6:76:bd:7f:3b:
fb:d1:95:6a:98:00:fe:34:38:43:8d:77:56:e5:51:
92:8c:1c:e0:c5:18:cb:0a:b2:c4:a8:97:73:e0:20:
ef:a1:4f:4c:e1:5b:38:39:1f:37:f8:c4:63:3b:35:
02:2a:3a:b5:d8:92:21:82:f6:bf:cd:d1:8c:18:87:
0d:94:69:e8:4f:eb:f8:b1:24:6d:b8:68:f0:ed:21:
0b:ef:e8:ed:e8:5f:80:66:5f:e3:68:94:23:41:e6:
79:c2:15:6b:0d:de:2f:cc:f8:b0:d2:1a:1f:82:ed:
04:0d:0d:de:9b:5d:d9:47:6e:0a:29:ad:2d:b3:0e:
28:e8:e0:67:d5:03:3a:11:f9:69:51:e0:04:2c:b8:
24:ff:69:b0:6c:94:e1:55:79:5c:ae:d5:95:7e:4e:
c1:7d:81:ff:6f:53:7b:4e:b6:60:2d:a3:6d:c0:8c:
7b:56:5b:b6:7b:67:61:48:e0:92:8d:5f:26:32:ad:
08:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DE:E0:43:12:C8:18:EE:F4:1C:B5:E2:D8:ED:E7:ED:EC:A0:5A:0A
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8t7gQxLIGO70HLXi2O3n7eygWgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.222.0/24
151.240.3.0/24
151.240.79.0/24
151.240.110.0/24
151.242.33.0/24
151.242.87.0/24
151.242.174.0/23
151.242.192.0/23
151.243.101.0/24
151.244.126.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:8e:23:14:75:21:db:f3:c0:f9:83:2f:b9:c5:38:2c:41:13:
a4:7b:d0:42:94:ff:ce:53:c7:38:f1:1e:d2:02:ae:51:75:fd:
1e:f5:7c:74:26:57:cb:bb:e7:b9:6b:8a:0f:47:16:43:fa:0c:
68:a7:89:e2:fb:64:18:34:d7:b3:ac:e1:2d:e9:89:0a:bc:86:
f7:85:fc:b2:e1:42:c6:e3:9b:1d:32:a6:48:1d:89:d1:b0:f4:
56:29:a6:b3:8f:26:71:bc:00:db:c4:52:67:33:21:36:93:ce:
53:9b:15:d6:1e:20:39:de:40:9d:78:04:56:2f:a5:87:f4:5e:
8a:00:c2:cd:4c:ef:58:17:e1:c6:0e:37:8a:ac:1f:49:b5:f3:
aa:7b:e4:1c:55:42:e9:9e:dc:00:ec:0e:71:b6:88:b6:20:22:
4e:50:c9:57:61:17:1c:9b:33:e1:a2:3b:ad:32:38:1b:e1:7e:
f4:23:d0:0a:b4:a0:90:22:e1:59:b2:35:41:b1:81:89:b9:17:
a8:14:f4:71:3e:ba:dc:20:5d:f8:ce:90:07:6c:b4:71:27:72:
28:04:fa:3e:b5:b2:8d:6d:f3:70:79:01:0a:53:4b:d4:a5:07:
56:df:47:b7:69:aa:8f:ee:e9:5e:35:5b:d6:42:33:b2:1b:db:
1a:c3:95:d1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZZ2qj6ZT3ZkuyqzSvV4/+ZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI3MDk1MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRlZTA0MzEyYzgxOGVlZjQxY2I1ZTJkOGVkZTdlZGVjYTA1YTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnovLXPL7WIkNhxej5RdFoqPj57Ja
NjteVKGKxmXP26fcXjUSFVgXI6X/Xl6v50+L03I0U4mmHJcaWjJs6GsEvoZDX0RF
5na9fzv70ZVqmAD+NDhDjXdW5VGSjBzgxRjLCrLEqJdz4CDvoU9M4Vs4OR83+MRj
OzUCKjq12JIhgva/zdGMGIcNlGnoT+v4sSRtuGjw7SEL7+jt6F+AZl/jaJQjQeZ5
whVrDd4vzPiw0hofgu0EDQ3em13ZR24KKa0tsw4o6OBn1QM6EflpUeAELLgk/2mw
bJThVXlcrtWVfk7BfYH/b1N7TrZgLaNtwIx7Vlu2e2dhSOCSjV8mMq0IvwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPLe4EMSyBju9By14tjt5+3soFoKMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOHQ3Z1F4TElHTzcwSExYaTJPM243ZXlnV2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAJcreAwQA
l/ADAwQAl/BPAwQAl/BuAwQAl/IhAwQAl/JXAwQBl/KuAwQBl/LAAwQAl/NlAwQA
l/R+MA0GCSqGSIb3DQEBCwUAA4IBAQANjiMUdSHb88D5gy+5xTgsQROke9BClP/O
U8c48R7SAq5Rdf0e9Xx0JlfLu+e5a4oPRxZD+gxop4ni+2QYNNezrOEt6YkKvIb3
hfyy4ULG45sdMqZIHYnRsPRWKaazjyZxvADbxFJnMyE2k85TmxXWHiA53kCdeARW
L6WH9F6KAMLNTO9YF+HGDjeKrB9JtfOqe+QcVULpntwA7A5xtoi2ICJOUMlXYRcc
mzPhojutMjgb4X70I9AKtKCQIuFZsjVBsYGJuReoFPRxPrrcIF34zpAHbLRxJ3Io
BPo+tbKNbfNweQEKU0vUpQdW30e3aaqP7uleNVvWQjOyG9saw5XR
-----END CERTIFICATE-----
Generated at Sat Jun 14 14:00:16 2025 by rpki-client