Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IjjeUOzfOvd2Tlqx8o55ENanTZY.roa
File: IjjeUOzfOvd2Tlqx8o55ENanTZY.roa (raw, json)
Hash identifier: OfI/4c8jGASUp5qBueW9roKCKJ3qhXLrhOSpjDit/AI=
Subject key identifier: 22:38:DE:50:EC:DF:3A:F7:76:4E:5A:B1:F2:8E:79:10:D6:A7:4D:96
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195653EAA915BA9E429FA25CB5E0FA16C93
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IjjeUOzfOvd2Tlqx8o55ENanTZY.roa
Signing time: Wed 05 Mar 2025 07:39:20 +0000
ROA not before: Wed 05 Mar 2025 07:39:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.195.0/24 maxlen: 24
37.202.196.0/24 maxlen: 24
37.202.197.0/24 maxlen: 24
37.202.198.0/24 maxlen: 24
37.202.199.0/24 maxlen: 24
37.202.200.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
37.202.219.0/24 maxlen: 24
151.242.99.0/24 maxlen: 24
151.242.104.0/24 maxlen: 24
151.242.106.0/24 maxlen: 24
151.242.108.0/24 maxlen: 24
151.242.111.0/24 maxlen: 24
151.242.118.0/24 maxlen: 24
151.242.121.0/24 maxlen: 24
151.242.122.0/24 maxlen: 24
151.242.127.0/24 maxlen: 24
151.243.93.0/24 maxlen: 24
151.243.96.0/24 maxlen: 24
151.243.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 06:42:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:3e:aa:91:5b:a9:e4:29:fa:25:cb:5e:0f:a1:6c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 5 07:39:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2238de50ecdf3af7764e5ab1f28e7910d6a74d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1e:f8:16:85:fc:dc:79:42:d9:08:e2:f4:c7:
8a:4e:96:9a:c8:52:d7:c7:b8:53:4e:74:2b:d7:57:
0e:cd:81:e8:36:33:fb:ce:92:27:4b:8e:57:12:f6:
71:2b:03:80:52:e2:d6:bc:13:ac:aa:0b:68:74:13:
de:29:21:08:33:c5:80:1e:21:cd:e5:5b:90:d5:8a:
98:cf:37:07:6d:e1:1d:4e:49:96:ee:d3:93:10:83:
24:34:24:73:a2:bc:20:d7:77:dd:57:db:5b:e1:8f:
41:56:dc:26:f8:ac:ea:d8:b3:23:da:52:84:05:52:
d2:48:f2:4c:cd:73:e2:c0:c7:a1:70:89:1b:6d:be:
07:e2:6f:d5:d5:01:10:47:79:4d:13:86:6b:84:bc:
50:e4:42:9f:2c:4b:54:b8:d7:bb:b4:d2:4f:38:76:
9e:b0:42:d5:bd:43:f0:53:dc:8a:f0:ac:fe:23:a7:
33:bd:1f:2b:18:3b:30:77:39:b4:2a:4d:0c:a8:6b:
4f:59:61:9f:26:52:3a:fd:ef:43:7d:6a:ae:71:fb:
e9:23:d4:6d:61:02:ea:64:1a:1d:1c:65:8d:47:c8:
9b:de:c6:37:fb:07:b5:10:d3:64:7a:b7:61:ea:fe:
d6:17:f2:5b:1e:3a:ff:f5:db:77:25:3e:e5:57:87:
4d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:38:DE:50:EC:DF:3A:F7:76:4E:5A:B1:F2:8E:79:10:D6:A7:4D:96
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IjjeUOzfOvd2Tlqx8o55ENanTZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.195.0-37.202.201.255
37.202.219.0/24
151.242.99.0/24
151.242.104.0/24
151.242.106.0/24
151.242.108.0/24
151.242.111.0/24
151.242.118.0/24
151.242.121.0-151.242.122.255
151.242.127.0/24
151.243.93.0/24
151.243.96.0/24
151.243.99.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:db:86:df:fc:dd:d5:1f:90:38:5d:0e:36:bc:0f:94:2a:76:
91:34:c6:13:42:c4:b8:da:88:da:b0:aa:30:25:7c:e1:ed:fa:
8e:67:fa:a4:ec:3f:21:98:b7:f9:41:29:8b:57:07:05:ff:01:
2c:1e:d6:7d:e2:65:ab:a0:4d:26:99:5d:a0:ad:40:7d:90:b6:
9a:d3:21:b4:1c:fd:87:6f:aa:1e:85:12:19:d8:2d:c7:73:09:
7d:52:d9:c9:f1:1a:ea:e2:d2:86:bc:8a:b9:d2:bd:1d:9c:a5:
7d:af:95:8c:80:6e:a2:ec:02:47:44:6d:8e:ca:d9:10:86:6a:
99:69:db:8a:4d:79:9f:2c:fd:5b:27:88:2a:95:be:6e:92:f4:
f6:51:01:04:f4:e6:b0:a6:19:f5:d4:bc:4d:53:3e:1a:6f:ba:
6a:a6:3a:fa:4c:78:f4:ba:80:18:88:f3:46:aa:86:11:67:91:
e8:fb:2d:75:00:a3:e0:b5:0e:8b:e4:6d:13:e9:f5:55:47:12:
3f:4d:a6:19:bf:68:da:16:88:ed:03:9a:a6:52:9c:87:21:95:
51:11:a4:34:b5:fe:b1:9d:ff:18:57:64:3d:0b:d4:1d:39:c5:
6f:25:63:57:ec:4f:c0:cb:c5:97:06:c1:ad:91:98:bf:7b:bc:
fc:23:6a:95
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZVlPqqRW6nkKfoly14PoWyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzA1MDczOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjM4ZGU1MGVjZGYzYWY3NzY0ZTVhYjFmMjhlNzkxMGQ2YTc0ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwx74FoX83HlC2Qji9MeKTpaayFLX
x7hTTnQr11cOzYHoNjP7zpInS45XEvZxKwOAUuLWvBOsqgtodBPeKSEIM8WAHiHN
5VuQ1YqYzzcHbeEdTkmW7tOTEIMkNCRzorwg13fdV9tb4Y9BVtwm+Kzq2LMj2lKE
BVLSSPJMzXPiwMehcIkbbb4H4m/V1QEQR3lNE4ZrhLxQ5EKfLEtUuNe7tNJPOHae
sELVvUPwU9yK8Kz+I6czvR8rGDswdzm0Kk0MqGtPWWGfJlI6/e9DfWqucfvpI9Rt
YQLqZBodHGWNR8ib3sY3+we1ENNkerdh6v7WF/JbHjr/9dt3JT7lV4dNNwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFCI43lDs3zr3dk5asfKOeRDWp02WMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSWpqZVVPemZPdmQyVGxxeDhvNTVFTmFuVFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAJcrBMAwD
BAAlysMDBAElysgDBAAlytsDBACX8mMDBACX8mgDBACX8moDBACX8mwDBACX8m8D
BACX8nYwDAMEAJfyeQMEAJfyegMEAJfyfwMEAJfzXQMEAJfzYAMEAJfzYzANBgkq
hkiG9w0BAQsFAAOCAQEAn9uG3/zd1R+QOF0ONrwPlCp2kTTGE0LEuNqI2rCqMCV8
4e36jmf6pOw/IZi3+UEpi1cHBf8BLB7WfeJlq6BNJpldoK1AfZC2mtMhtBz9h2+q
HoUSGdgtx3MJfVLZyfEa6uLShryKudK9HZylfa+VjIBuouwCR0RtjsrZEIZqmWnb
ik15nyz9WyeIKpW+bpL09lEBBPTmsKYZ9dS8TVM+Gm+6aqY6+kx49LqAGIjzRqqG
EWeR6PstdQCj4LUOi+RtE+n1VUcSP02mGb9o2haI7QOaplKchyGVURGkNLX+sZ3/
GFdkPQvUHTnFbyVjV+xPwMvFlwbBrZGYv3u8/CNqlQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:44:33 2025 by rpki-client