Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9BbneM_hgSgFh3gMD9l_h2G-sXA.roa
File: 9BbneM_hgSgFh3gMD9l_h2G-sXA.roa (raw, json)
Hash identifier: 0PVpCfKrK9II3yHGTQ93vWm4A+8Yy1+u+g1be5AesqY=
Subject key identifier: F4:16:E7:78:CF:E1:81:28:05:87:78:0C:0F:D9:7F:87:61:BE:B1:70
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7A7A19A7FC14518A30F42FF8E6E52
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9BbneM_hgSgFh3gMD9l_h2G-sXA.roa
Signing time: Wed 01 Jan 2025 21:48:43 +0000
ROA not before: Wed 01 Jan 2025 21:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.202.205.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.20.0/24 maxlen: 24
151.243.137.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 18:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:a7:a1:9a:7f:c1:45:18:a3:0f:42:ff:8e:6e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f416e778cfe181280587780c0fd97f8761beb170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c6:ed:d2:5a:eb:ca:e5:75:bd:d3:e1:3d:c6:
84:53:cc:02:5a:0c:75:fc:d8:09:a0:3b:30:ad:13:
06:85:9a:e4:40:8a:ab:30:83:87:62:ec:04:93:20:
88:7e:72:6a:a8:96:87:d7:09:98:39:93:42:3c:4d:
c2:bd:9e:05:8e:a4:20:4a:60:ca:f9:f3:f6:a4:0d:
dc:98:59:c0:0f:b8:56:75:aa:f8:52:92:74:7b:22:
b1:30:77:a4:fc:87:89:52:c3:41:63:ea:ac:39:01:
90:ce:3d:5e:ae:f8:8e:34:aa:e9:b3:72:94:c0:a5:
a7:8e:23:c5:91:0a:9f:19:3c:c9:bf:f8:b3:25:d2:
a7:16:a8:57:4e:a8:ad:c8:55:30:a7:a3:de:d4:96:
07:e8:e1:b7:6e:fe:e1:c3:f0:0d:c4:f6:8d:51:87:
0a:88:ea:39:ad:7b:9c:3f:71:ac:fc:a3:dd:b1:02:
26:51:3c:a5:f0:f8:e9:84:ac:d5:97:3c:b6:cf:70:
7d:e6:25:ef:1f:a4:1e:ac:ca:e5:cc:d9:69:c1:84:
a8:7c:0b:78:24:26:bd:a5:fc:ae:19:7b:64:04:79:
72:64:fe:a0:1e:dd:ea:1e:00:94:86:e8:12:c2:4d:
87:5e:10:48:62:3f:22:d3:93:93:87:b9:1d:74:6e:
4e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:16:E7:78:CF:E1:81:28:05:87:78:0C:0F:D9:7F:87:61:BE:B1:70
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9BbneM_hgSgFh3gMD9l_h2G-sXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.205.0/24
37.202.208.0-37.202.210.255
37.202.212.0/23
151.242.14.0/24
151.242.20.0/24
151.243.137.0/24
151.243.162.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:6c:3e:4e:85:f5:c8:1c:46:bb:b5:d3:f5:10:47:3a:7f:f2:
2c:2b:03:ed:91:49:66:60:9f:ca:1d:59:26:e2:05:5e:47:a6:
8d:e2:4c:ce:32:37:62:84:f1:61:36:44:b6:45:de:ec:ca:4e:
db:7e:18:56:c8:23:2d:f9:8a:41:2a:f2:b1:ff:7a:0f:f0:af:
39:b3:ef:38:c9:91:2b:92:b3:a8:6b:36:6a:e8:56:d5:4d:f6:
84:69:48:f2:91:98:ff:57:55:e1:d9:86:e1:d6:47:7a:c1:0d:
f8:76:f9:c0:11:37:94:2d:cf:a7:03:ae:13:1b:9a:26:b8:ec:
16:ff:36:48:38:87:08:e0:28:0b:23:f0:06:6b:66:f4:62:13:
d9:f1:b4:2a:28:14:65:ba:76:4b:68:c1:39:7c:38:52:c0:45:
9b:6f:84:10:b0:28:ae:cd:53:6f:3b:a7:e6:3f:d5:4f:8d:2d:
30:22:cd:32:84:d3:a8:ff:70:f1:b9:38:70:96:4a:f9:88:d7:
59:0a:49:c9:72:23:af:d5:d6:e6:69:9b:84:91:98:72:15:b8:
3d:ab:91:46:88:9a:dd:68:e2:be:e5:f5:50:e2:ca:8a:37:9f:
c7:f5:25:f8:1f:3e:0c:a4:d3:50:f7:70:16:bc:36:a7:3e:92:
d5:2b:2e:89
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQj16ehmn/BRRijD0L/jm5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDE2ZTc3OGNmZTE4MTI4MDU4Nzc4MGMwZmQ5N2Y4NzYxYmViMTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucbt0lrryuV1vdPhPcaEU8wCWgx1
/NgJoDswrRMGhZrkQIqrMIOHYuwEkyCIfnJqqJaH1wmYOZNCPE3CvZ4FjqQgSmDK
+fP2pA3cmFnAD7hWdar4UpJ0eyKxMHek/IeJUsNBY+qsOQGQzj1erviONKrps3KU
wKWnjiPFkQqfGTzJv/izJdKnFqhXTqityFUwp6Pe1JYH6OG3bv7hw/ANxPaNUYcK
iOo5rXucP3Gs/KPdsQImUTyl8PjphKzVlzy2z3B95iXvH6QerMrlzNlpwYSofAt4
JCa9pfyuGXtkBHlyZP6gHt3qHgCUhugSwk2HXhBIYj8i05OTh7kddG5OGwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFPQW53jP4YEoBYd4DA/Zf4dhvrFwMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOUJibmVNX2hnU2dGaDNnTUQ5bF9oMkctc1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAJcrNMAwD
BAQlytADBAAlytIDBAElytQDBACX8g4DBACX8hQDBACX84kDBACX86IwDQYJKoZI
hvcNAQELBQADggEBAI5sPk6F9cgcRru10/UQRzp/8iwrA+2RSWZgn8odWSbiBV5H
po3iTM4yN2KE8WE2RLZF3uzKTtt+GFbIIy35ikEq8rH/eg/wrzmz7zjJkSuSs6hr
NmroVtVN9oRpSPKRmP9XVeHZhuHWR3rBDfh2+cARN5Qtz6cDrhMbmia47Bb/Nkg4
hwjgKAsj8AZrZvRiE9nxtCooFGW6dktowTl8OFLARZtvhBCwKK7NU287p+Y/1U+N
LTAizTKE06j/cPG5OHCWSvmI11kKSclyI6/V1uZpm4SRmHIVuD2rkUaImt1o4r7l
9VDiyoo3n8f1JfgfPgyk01D3cBa8Nqc+ktUrLok=
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:03:24 2025 by rpki-client