Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IANvLU716vdqL19n3bnIOipqLg8.roa
File: IANvLU716vdqL19n3bnIOipqLg8.roa (raw, json)
Hash identifier: bsxPY7uNwtkZbxW8nA1wEkAyhC7qW3RWLiZ2ADHGYv4=
Subject key identifier: 20:03:6F:2D:4E:F5:EA:F7:6A:2F:5F:67:DD:B9:C8:3A:2A:6A:2E:0F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019496C391FAD97508EEE420674982C4552D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IANvLU716vdqL19n3bnIOipqLg8.roa
Signing time: Fri 24 Jan 2025 05:23:06 +0000
ROA not before: Fri 24 Jan 2025 05:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.202.204.0/24 maxlen: 24
37.202.205.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.20.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
151.243.222.0/24 maxlen: 24
151.243.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Jan 2025 04:15:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:96:c3:91:fa:d9:75:08:ee:e4:20:67:49:82:c4:55:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 24 05:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20036f2d4ef5eaf76a2f5f67ddb9c83a2a6a2e0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:54:a6:09:8d:62:74:86:be:54:52:c4:d0:b7:
46:eb:14:a4:86:8a:2b:2e:9e:4e:97:9a:c3:76:6c:
42:e8:8d:2f:24:d9:50:5e:4a:c0:26:14:f9:b7:50:
71:64:48:cb:bf:2c:05:b5:8b:cc:48:cf:d6:19:54:
cd:aa:36:d8:f4:06:a7:4f:ba:5f:ed:df:c5:d8:60:
a5:52:10:c4:66:67:0f:b3:70:68:1d:8f:18:f9:75:
16:9c:26:8b:73:32:88:07:5f:96:db:dc:e5:5d:37:
8f:3e:30:16:3a:7f:79:f7:24:9f:22:2f:71:d8:1f:
b7:21:f9:75:5c:e3:91:20:c1:dd:f1:77:51:2a:8c:
71:b8:74:81:ed:ce:31:d8:09:08:de:8c:84:65:f6:
70:9f:60:cc:0c:aa:cf:3d:c8:6e:c9:76:9e:6e:a9:
d5:3f:e1:dd:b9:f4:dc:5c:ff:48:fd:81:61:0a:64:
6a:05:b5:20:b3:a8:ff:5e:8f:01:b5:23:43:d1:6a:
43:00:37:7c:b3:cf:94:5f:dd:76:70:0c:68:5f:e9:
b4:d3:39:5c:5e:8a:f9:b9:d8:80:4d:d3:14:6b:7a:
f6:40:b7:f4:91:4e:b1:eb:a3:0e:05:f7:a6:c9:aa:
c5:e5:d1:ea:d1:a6:35:23:56:46:fb:d1:dc:01:38:
e4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:03:6F:2D:4E:F5:EA:F7:6A:2F:5F:67:DD:B9:C8:3A:2A:6A:2E:0F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IANvLU716vdqL19n3bnIOipqLg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.204.0/23
37.202.208.0-37.202.210.255
37.202.212.0/23
151.242.14.0/24
151.242.20.0/24
151.242.242.0/24
151.243.162.0/24
151.243.222.0/24
151.243.234.0/24
Signature Algorithm: sha256WithRSAEncryption
40:23:64:26:3e:13:97:ac:12:71:4e:ca:d3:c6:0f:c1:74:12:
84:9a:cb:6c:4c:2a:22:28:06:67:f3:f4:18:fa:b0:d6:cb:85:
a3:dc:35:64:80:ef:51:30:e6:c0:fd:fb:10:28:34:28:33:02:
61:3c:70:57:78:54:76:61:0c:6c:70:82:61:99:b6:1d:cc:a1:
7b:1d:22:0e:1b:5c:b8:c6:ed:8e:0b:61:ba:6f:98:89:25:43:
37:9d:63:ef:0f:78:c4:d1:63:2e:4b:5a:2c:8e:e9:00:f3:75:
2b:d5:11:f2:d2:3e:1e:bb:0c:bd:c9:97:aa:8a:b7:79:c9:82:
a1:6d:9b:41:be:01:cd:24:52:68:12:c4:c7:86:61:b5:9f:37:
32:10:14:f1:9f:d0:93:8d:a0:3c:f5:1f:9f:10:f9:d0:b4:0d:
7e:50:82:1b:cb:c6:6c:3d:19:01:b5:0a:5b:97:a4:f8:c9:15:
cb:10:30:69:b2:25:83:0a:cb:9d:8c:18:2d:90:65:ae:60:42:
eb:d0:bb:4d:2e:e7:44:bc:3b:fd:a8:29:b2:3b:0b:e2:21:9e:
35:0a:98:86:74:f3:79:e6:01:5f:9b:87:f7:ce:2e:8c:5f:32:
aa:8a:28:99:80:17:cc:44:eb:cc:7d:b7:0c:da:e8:50:99:a9:
db:5a:ba:6e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZSWw5H62XUI7uQgZ0mCxFUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTI0MDUyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDAzNmYyZDRlZjVlYWY3NmEyZjVmNjdkZGI5YzgzYTJhNmEyZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlSmCY1idIa+VFLE0LdG6xSkhoor
Lp5Ol5rDdmxC6I0vJNlQXkrAJhT5t1BxZEjLvywFtYvMSM/WGVTNqjbY9AanT7pf
7d/F2GClUhDEZmcPs3BoHY8Y+XUWnCaLczKIB1+W29zlXTePPjAWOn959ySfIi9x
2B+3Ifl1XOORIMHd8XdRKoxxuHSB7c4x2AkI3oyEZfZwn2DMDKrPPchuyXaebqnV
P+HdufTcXP9I/YFhCmRqBbUgs6j/Xo8BtSND0WpDADd8s8+UX912cAxoX+m00zlc
Xor5udiATdMUa3r2QLf0kU6x66MOBfemyarF5dHq0aY1I1ZG+9HcATjkowIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCADby1O9er3ai9fZ925yDoqai4PMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSUFOdkxVNzE2dmRxTDE5bjNibklPaXBxTGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQBJcrMMAwD
BAQlytADBAAlytIDBAElytQDBACX8g4DBACX8hQDBACX8vIDBACX86IDBACX894D
BACX8+owDQYJKoZIhvcNAQELBQADggEBAEAjZCY+E5esEnFOytPGD8F0EoSay2xM
KiIoBmfz9Bj6sNbLhaPcNWSA71Ew5sD9+xAoNCgzAmE8cFd4VHZhDGxwgmGZth3M
oXsdIg4bXLjG7Y4LYbpvmIklQzedY+8PeMTRYy5LWiyO6QDzdSvVEfLSPh67DL3J
l6qKt3nJgqFtm0G+Ac0kUmgSxMeGYbWfNzIQFPGf0JONoDz1H58Q+dC0DX5QghvL
xmw9GQG1CluXpPjJFcsQMGmyJYMKy52MGC2QZa5gQuvQu00u50S8O/2oKbI7C+Ih
njUKmIZ083nmAV+bh/fOLoxfMqqKKJmAF8xE68x9twza6FCZqdtaum4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:30:44 2025 by rpki-client