Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/L_7hajfCnV1J6Iua8sGcnqZhah4.roa
File: L_7hajfCnV1J6Iua8sGcnqZhah4.roa (raw, json)
Hash identifier: GvJDlOS49SCo0HK4dhzNo7QiBJyktyB4xKY8H4rQ74Q=
Subject key identifier: 2F:FE:E1:6A:37:C2:9D:5D:49:E8:8B:9A:F2:C1:9C:9E:A6:61:6A:1E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194283C78DB203D8FCF0B00F75B2ADE78D6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/L_7hajfCnV1J6Iua8sGcnqZhah4.roa
Signing time: Thu 02 Jan 2025 18:17:19 +0000
ROA not before: Thu 02 Jan 2025 18:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.202.205.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.20.0/24 maxlen: 24
151.243.137.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
151.243.222.0/24 maxlen: 24
151.243.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 17:55:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:3c:78:db:20:3d:8f:cf:0b:00:f7:5b:2a:de:78:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 2 18:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ffee16a37c29d5d49e88b9af2c19c9ea6616a1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:46:8f:00:1f:c3:14:a4:7f:f7:85:1e:e2:6f:
9b:97:5d:39:53:9c:ca:e4:31:d4:41:63:6b:68:21:
6d:0f:e0:76:0b:6a:d7:41:e9:40:b1:ce:48:5a:f0:
c7:3c:34:18:12:f3:36:24:21:8b:ee:22:51:46:c4:
cf:02:21:14:39:8d:0b:55:c0:3c:84:4b:68:6e:05:
a7:b4:86:e1:5c:7f:da:be:79:e5:0b:b1:bd:32:16:
e1:8b:0f:3f:83:32:7e:b5:13:ea:cb:e5:a3:e6:a2:
86:22:c0:5d:e2:26:de:02:58:0a:06:47:24:c6:27:
c4:52:aa:2c:2d:b0:93:ed:b3:bf:28:07:1a:5c:09:
54:6c:95:16:ff:df:21:bb:71:2d:de:7d:8c:e5:30:
55:e6:8c:16:22:a2:88:34:b5:74:9d:a8:6e:d6:77:
4c:7f:9c:c2:17:7f:1f:e1:08:ac:2c:a2:3c:d7:f7:
3f:35:e5:82:70:18:1a:1c:c6:9a:7e:c6:b1:5f:5d:
01:90:b6:ba:06:61:90:7b:29:7e:77:07:44:5f:69:
cd:86:51:9c:7e:b2:61:72:b2:d7:88:fb:bd:95:b3:
38:bc:04:37:af:14:88:cc:53:28:33:b4:84:54:93:
f1:7f:23:a8:84:24:62:60:ec:80:23:75:59:7f:4f:
d6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:FE:E1:6A:37:C2:9D:5D:49:E8:8B:9A:F2:C1:9C:9E:A6:61:6A:1E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/L_7hajfCnV1J6Iua8sGcnqZhah4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.205.0/24
37.202.208.0-37.202.210.255
37.202.212.0/23
151.242.14.0/24
151.242.20.0/24
151.243.137.0/24
151.243.162.0/24
151.243.222.0/24
151.243.254.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:65:fe:15:05:e0:b0:13:d2:3c:ce:92:c8:55:72:59:f5:93:
13:53:85:53:79:8e:7f:e8:6d:97:be:93:10:49:d2:7f:2f:57:
e7:76:bc:1c:c7:54:a9:f0:59:91:90:5d:16:b8:cc:89:87:29:
d0:1c:68:06:4c:9a:7c:cc:27:5e:05:c6:68:b9:bc:16:d3:7e:
e8:21:83:ee:9a:f1:41:dc:a0:76:4e:b7:29:e8:3a:c3:81:fb:
de:b5:83:50:82:56:36:b3:04:3c:07:24:0d:3d:91:2e:04:bc:
ac:63:69:18:b1:aa:6d:45:c5:44:1b:3d:a5:a0:42:ba:23:f7:
65:1a:48:4b:b7:6d:1e:22:da:d0:01:41:a7:68:47:5b:e4:c7:
4b:cf:c2:1b:9a:07:8b:12:06:5c:65:33:db:1c:87:85:48:5a:
95:d1:39:71:01:eb:df:97:62:05:7c:a1:62:a4:0e:aa:79:73:
5c:0a:9b:a2:93:6e:f1:cc:bb:87:fc:ec:92:38:1a:68:4b:a4:
55:52:4c:ef:83:c6:0a:5e:87:fe:2f:99:55:22:16:79:a7:8d:
88:cd:28:dd:ce:87:0e:80:33:a1:a0:d4:6f:f8:85:fd:12:97:
56:ee:66:a5:13:d1:79:50:94:36:db:86:d7:96:79:b9:c8:db:
37:e8:f8:ba
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZQoPHjbID2PzwsA91sq3njWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAyMTgxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmZlZTE2YTM3YzI5ZDVkNDllODhiOWFmMmMxOWM5ZWE2NjE2YTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0aPAB/DFKR/94Ue4m+bl105U5zK
5DHUQWNraCFtD+B2C2rXQelAsc5IWvDHPDQYEvM2JCGL7iJRRsTPAiEUOY0LVcA8
hEtobgWntIbhXH/avnnlC7G9Mhbhiw8/gzJ+tRPqy+Wj5qKGIsBd4ibeAlgKBkck
xifEUqosLbCT7bO/KAcaXAlUbJUW/98hu3Et3n2M5TBV5owWIqKINLV0nahu1ndM
f5zCF38f4QisLKI81/c/NeWCcBgaHMaafsaxX10BkLa6BmGQeyl+dwdEX2nNhlGc
frJhcrLXiPu9lbM4vAQ3rxSIzFMoM7SEVJPxfyOohCRiYOyAI3VZf0/WQQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFC/+4Wo3wp1dSeiLmvLBnJ6mYWoeMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTF83aGFqZkNuVjFKNkl1YThzR2NucVpoYWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAJcrNMAwD
BAQlytADBAAlytIDBAElytQDBACX8g4DBACX8hQDBACX84kDBACX86IDBACX894D
BACX8/4wDQYJKoZIhvcNAQELBQADggEBAK5l/hUF4LAT0jzOkshVcln1kxNThVN5
jn/obZe+kxBJ0n8vV+d2vBzHVKnwWZGQXRa4zImHKdAcaAZMmnzMJ14Fxmi5vBbT
fughg+6a8UHcoHZOtynoOsOB+961g1CCVjazBDwHJA09kS4EvKxjaRixqm1FxUQb
PaWgQroj92UaSEu3bR4i2tABQadoR1vkx0vPwhuaB4sSBlxlM9sch4VIWpXROXEB
69+XYgV8oWKkDqp5c1wKm6KTbvHMu4f87JI4GmhLpFVSTO+Dxgpeh/4vmVUiFnmn
jYjNKN3Ohw6AM6Gg1G/4hf0Sl1buZqUT0XlQlDbbhteWebnI2zfo+Lo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:43:10 2025 by rpki-client