Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HkeWzDp6qG9V0DVgOb3HnZSGwzI.roa
File: HkeWzDp6qG9V0DVgOb3HnZSGwzI.roa (raw, json)
Hash identifier: pk0LkVqrxgsXwcFPM6erAu7DUEDmC6FOATM/3Plxty8=
Subject key identifier: 1E:47:96:CC:3A:7A:A8:6F:55:D0:35:60:39:BD:C7:9D:94:86:C3:32
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01952BD744BFBAA163421323DB0ED9FB55FB
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HkeWzDp6qG9V0DVgOb3HnZSGwzI.roa
Signing time: Sat 22 Feb 2025 04:08:02 +0000
ROA not before: Sat 22 Feb 2025 04:08:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 37.202.202.0/24 maxlen: 24
151.242.67.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
151.243.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 08:43:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2b:d7:44:bf:ba:a1:63:42:13:23:db:0e:d9:fb:55:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 22 04:08:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e4796cc3a7aa86f55d0356039bdc79d9486c332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:47:3b:ec:e1:bb:74:8c:17:62:16:06:f0:2e:
e3:36:97:e0:21:39:a3:81:38:5c:4f:01:f0:6b:8f:
68:1a:8d:e8:59:a4:21:69:aa:69:4f:f9:c9:1a:23:
5b:36:0e:ca:c7:91:88:8a:4b:dd:3e:26:95:2f:f3:
62:3a:67:36:89:37:c7:42:b7:5a:6f:3a:1f:fb:c0:
c6:be:72:ef:b9:95:7a:b7:b2:4d:e4:36:0d:22:b9:
3a:37:8e:4f:f9:8e:e2:38:e8:41:e5:c4:8a:79:26:
41:2c:2d:ce:07:78:36:26:fb:6c:1d:d7:c6:6b:45:
91:1f:b1:54:f6:37:31:3a:2a:3e:68:91:e5:78:52:
74:74:b0:b2:e8:56:b5:3a:61:3f:0f:50:b3:93:f4:
c6:8e:4d:5a:5a:8e:63:5f:89:3c:f0:c9:92:b5:04:
35:53:34:c9:af:eb:c8:6a:ac:cc:4d:ef:a1:64:0d:
5e:1a:8c:1c:09:12:62:8e:45:8a:5b:b7:eb:aa:c3:
e1:58:a2:1d:a6:7c:f8:f5:0c:d0:cb:01:a9:e2:a0:
1f:2e:b8:21:1e:9d:09:d5:e8:82:19:0a:df:4b:6f:
44:92:86:e5:99:d5:17:27:33:5e:2f:a5:1e:39:a5:
84:bd:de:ae:1d:cb:10:81:db:6f:af:56:d8:1f:d8:
21:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:47:96:CC:3A:7A:A8:6F:55:D0:35:60:39:BD:C7:9D:94:86:C3:32
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HkeWzDp6qG9V0DVgOb3HnZSGwzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.202.0/24
151.242.67.0/24
151.242.117.0/24
151.243.6.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:73:a5:f1:c1:c4:fc:3d:7f:af:56:e9:46:1f:0b:0e:c9:87:
06:cd:6c:f0:66:f7:46:fc:91:b6:05:59:3d:fd:9d:9d:00:e5:
a0:2f:02:c4:31:ba:78:9d:98:db:84:8f:89:83:9c:b8:25:0e:
96:d3:3c:1f:8a:2c:4f:48:e3:1f:1f:c8:02:8a:b0:02:43:64:
cc:fe:d2:2e:83:94:a5:f1:43:1a:6d:c4:6a:9c:29:24:5b:03:
bd:f4:5f:39:80:3c:d8:73:ff:dc:42:8f:80:b3:07:5e:58:65:
a5:d2:8b:08:b5:c3:b0:cd:62:19:d5:a2:0e:de:6f:e5:62:0c:
fe:81:48:a0:de:c6:3b:8d:1f:8a:c3:95:23:b6:3f:64:4a:b5:
45:51:6f:b8:13:10:2a:92:8b:92:41:65:d1:37:54:9e:05:89:
5d:45:ae:32:a0:1a:d2:42:eb:95:81:80:aa:0f:d5:20:be:6b:
a0:89:ba:89:c3:05:0e:8a:d3:db:be:33:45:ba:dc:81:41:88:
d2:f1:11:29:e1:55:25:e5:94:6b:db:cf:87:b8:68:45:e3:ae:
2e:9e:e6:f2:6a:9a:e9:1c:66:57:39:d9:26:f7:22:b1:7a:c0:
99:84:2f:3d:e4:fb:6f:ad:5b:1b:fd:5e:78:7e:b3:c3:0d:2b:
09:c5:22:4e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUr10S/uqFjQhMj2w7Z+1X7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjIyMDQwODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTQ3OTZjYzNhN2FhODZmNTVkMDM1NjAzOWJkYzc5ZDk0ODZjMzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kc77OG7dIwXYhYG8C7jNpfgITmj
gThcTwHwa49oGo3oWaQhaappT/nJGiNbNg7Kx5GIikvdPiaVL/NiOmc2iTfHQrda
bzof+8DGvnLvuZV6t7JN5DYNIrk6N45P+Y7iOOhB5cSKeSZBLC3OB3g2JvtsHdfG
a0WRH7FU9jcxOio+aJHleFJ0dLCy6Fa1OmE/D1Czk/TGjk1aWo5jX4k88MmStQQ1
UzTJr+vIaqzMTe+hZA1eGowcCRJijkWKW7frqsPhWKIdpnz49QzQywGp4qAfLrgh
Hp0J1eiCGQrfS29EkoblmdUXJzNeL6UeOaWEvd6uHcsQgdtvr1bYH9gheQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB5Hlsw6eqhvVdA1YDm9x52UhsMyMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSGtlV3pEcDZxRzlWMERWZ09iM0huWlNHd3pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJcrKAwQA
l/JDAwQAl/J1AwQAl/MGMA0GCSqGSIb3DQEBCwUAA4IBAQCrc6XxwcT8PX+vVulG
HwsOyYcGzWzwZvdG/JG2BVk9/Z2dAOWgLwLEMbp4nZjbhI+Jg5y4JQ6W0zwfiixP
SOMfH8gCirACQ2TM/tIug5Sl8UMabcRqnCkkWwO99F85gDzYc//cQo+AswdeWGWl
0osItcOwzWIZ1aIO3m/lYgz+gUig3sY7jR+Kw5Ujtj9kSrVFUW+4ExAqkouSQWXR
N1SeBYldRa4yoBrSQuuVgYCqD9UgvmugibqJwwUOitPbvjNFutyBQYjS8REp4VUl
5ZRr28+HuGhF464unubyaprpHGZXOdkm9yKxesCZhC895PtvrVsb/V54frPDDSsJ
xSJO
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:57:40 2025 by rpki-client