Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NHyhPP-Uqi1gGtIYqGQjCXHzJmY.roa
File: NHyhPP-Uqi1gGtIYqGQjCXHzJmY.roa (raw, json)
Hash identifier: vlD4sqJhRrqTyrCamB8Ik+DVdRcpnnWEiAFojMSvrAY=
Subject key identifier: 34:7C:A1:3C:FF:94:AA:2D:60:1A:D2:18:A8:64:23:09:71:F3:26:66
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196F92B6E2224A8C8E09394D32C8506980F
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NHyhPP-Uqi1gGtIYqGQjCXHzJmY.roa
Signing time: Thu 22 May 2025 18:04:55 +0000
ROA not before: Thu 22 May 2025 18:04:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20326
IP address blocks: 37.202.193.0/24 maxlen: 24
151.243.52.0/23 maxlen: 24
151.245.8.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 May 2025 19:20:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f9:2b:6e:22:24:a8:c8:e0:93:94:d3:2c:85:06:98:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 22 18:04:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=347ca13cff94aa2d601ad218a864230971f32666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1c:9b:2e:77:1e:b7:64:f1:c9:04:6f:71:df:
b3:8c:52:d9:c7:83:8d:31:9b:ef:04:9f:2b:f5:1a:
42:37:e7:54:84:bf:01:e7:c1:92:f8:0e:f3:66:e7:
54:8c:1a:9b:ca:7d:42:fe:3d:14:c3:5f:c2:20:5e:
ee:3a:8a:db:91:b1:ef:0d:1c:d7:5e:8c:37:0f:f2:
6c:62:92:ac:4b:c2:6f:50:81:f0:cc:ba:95:94:89:
aa:f7:93:a4:de:3a:06:05:70:56:40:bc:ab:55:cd:
0c:79:9a:8e:93:b6:11:a1:a3:37:1c:92:7d:32:88:
b3:44:4e:24:fb:83:9f:5a:fa:6f:0c:ea:52:a2:c4:
e6:b0:d3:e9:c8:fe:d4:3c:f7:fe:4d:24:75:73:1f:
aa:e9:e9:8c:8f:98:23:6e:e2:0e:f1:28:1a:43:bf:
63:4f:f1:50:37:06:71:3a:c7:ba:03:62:a5:a9:08:
7f:b7:b9:3f:3a:42:8f:f1:8b:20:0a:8a:41:a6:6d:
80:fc:fe:a5:c9:07:d3:1c:9f:d3:14:56:3a:52:86:
dc:3c:05:27:a4:90:fe:91:a1:7d:0a:11:09:72:7b:
ab:82:0d:cf:1f:c2:96:b0:ba:90:12:d6:ec:9d:d5:
94:d8:c2:4a:43:a7:9c:fa:b2:d3:58:46:fa:fe:77:
0a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7C:A1:3C:FF:94:AA:2D:60:1A:D2:18:A8:64:23:09:71:F3:26:66
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NHyhPP-Uqi1gGtIYqGQjCXHzJmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
151.243.52.0/23
151.245.8.0/21
Signature Algorithm: sha256WithRSAEncryption
72:56:2b:93:18:d0:27:3d:3b:5b:43:ca:3a:81:1f:82:3f:a6:
e4:fb:de:cd:7b:fc:78:e6:4d:37:a8:d1:3d:eb:ae:0d:ed:a9:
63:5a:03:bf:29:9d:b5:55:a3:d1:3a:e4:02:f0:e7:2a:58:27:
22:d2:81:6c:25:50:37:69:df:dd:a2:f7:29:40:c1:fe:76:e0:
a8:4b:dc:73:bf:0d:c1:26:5a:8b:35:36:36:f6:6c:eb:86:1f:
48:9d:dd:24:c9:69:26:52:18:80:23:66:66:c1:82:89:14:3d:
41:93:f9:be:be:20:4b:ff:5c:e2:cd:1e:34:f6:02:7d:cf:5b:
b2:4c:85:84:71:96:78:59:04:c6:a8:9e:d5:a5:37:c6:12:e7:
5b:54:11:1e:c7:bc:b7:ad:58:2a:e4:6d:f8:4a:8b:d8:1a:35:
e5:a1:54:80:10:6e:11:4d:2e:e6:81:33:5a:c6:76:f8:05:cb:
95:0c:a4:66:40:7b:7d:bc:4f:c8:57:c3:ce:33:2e:52:80:5a:
b3:99:ed:d4:40:40:ff:78:88:8f:47:ee:b3:7e:cb:b5:3f:57:
be:43:64:c9:2d:e0:bc:7f:df:f0:0c:11:d9:3f:d2:86:6f:a9:
66:67:e5:35:0a:f0:3d:29:d3:9e:ce:86:55:9d:15:01:2b:1c:
1f:12:be:61
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZb5K24iJKjI4JOU0yyFBpgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTIyMTgwNDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdjYTEzY2ZmOTRhYTJkNjAxYWQyMThhODY0MjMwOTcxZjMyNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxybLncet2TxyQRvcd+zjFLZx4ON
MZvvBJ8r9RpCN+dUhL8B58GS+A7zZudUjBqbyn1C/j0Uw1/CIF7uOorbkbHvDRzX
Xow3D/JsYpKsS8JvUIHwzLqVlImq95Ok3joGBXBWQLyrVc0MeZqOk7YRoaM3HJJ9
MoizRE4k+4OfWvpvDOpSosTmsNPpyP7UPPf+TSR1cx+q6emMj5gjbuIO8SgaQ79j
T/FQNwZxOse6A2KlqQh/t7k/OkKP8YsgCopBpm2A/P6lyQfTHJ/TFFY6UobcPAUn
pJD+kaF9ChEJcnurgg3PH8KWsLqQEtbsndWU2MJKQ6ec+rLTWEb6/ncK2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDR8oTz/lKotYBrSGKhkIwlx8yZmMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTkh5aFBQLVVxaTFnR3RJWXFHUWpDWEh6Sm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJcrBAwQB
l/M0AwQDl/UIMA0GCSqGSIb3DQEBCwUAA4IBAQByViuTGNAnPTtbQ8o6gR+CP6bk
+97Ne/x45k03qNE9664N7aljWgO/KZ21VaPROuQC8OcqWCci0oFsJVA3ad/dovcp
QMH+duCoS9xzvw3BJlqLNTY29mzrhh9Ind0kyWkmUhiAI2ZmwYKJFD1Bk/m+viBL
/1zizR409gJ9z1uyTIWEcZZ4WQTGqJ7VpTfGEudbVBEex7y3rVgq5G34SovYGjXl
oVSAEG4RTS7mgTNaxnb4BcuVDKRmQHt9vE/IV8POMy5SgFqzme3UQED/eIiPR+6z
fsu1P1e+Q2TJLeC8f9/wDBHZP9KGb6lmZ+U1CvA9KdOezoZVnRUBKxwfEr5h
-----END CERTIFICATE-----
Generated at Sat Jun 7 06:56:10 2025 by rpki-client