Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Nl6WQ30I0rlUQIORiUyV6SK5tO8.roa
File: Nl6WQ30I0rlUQIORiUyV6SK5tO8.roa (raw, json)
Hash identifier: L0RsS7llvAOdpKHDAEwW73nbz88/H4M09+V2nSqfZaE=
Subject key identifier: 36:5E:96:43:7D:08:D2:B9:54:40:83:91:89:4C:95:E9:22:B9:B4:EF
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194B5EF4F07E16DB1195EF90BEE729CD6A1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Nl6WQ30I0rlUQIORiUyV6SK5tO8.roa
Signing time: Thu 30 Jan 2025 06:39:06 +0000
ROA not before: Thu 30 Jan 2025 06:39:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13347
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.195.0/24 maxlen: 24
37.202.196.0/24 maxlen: 24
37.202.197.0/24 maxlen: 24
37.202.198.0/24 maxlen: 24
37.202.199.0/24 maxlen: 24
37.202.200.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
151.243.16.0/20 maxlen: 20
151.243.246.0/24 maxlen: 24
151.243.247.0/24 maxlen: 24
151.243.248.0/24 maxlen: 24
151.243.249.0/24 maxlen: 24
151.243.250.0/24 maxlen: 24
151.243.251.0/24 maxlen: 24
151.243.252.0/24 maxlen: 24
151.243.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 16:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b5:ef:4f:07:e1:6d:b1:19:5e:f9:0b:ee:72:9c:d6:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 30 06:39:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=365e96437d08d2b954408391894c95e922b9b4ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e1:81:b8:99:f5:8c:00:17:aa:38:03:f0:c3:
0b:b7:c2:d9:6a:40:8f:a8:bc:20:bd:d5:bc:4d:3f:
b1:2f:15:91:b5:2b:92:53:03:8d:36:6d:ed:e4:9e:
b9:3d:2c:e6:8d:67:b1:d0:97:bf:f8:53:e2:e2:cb:
16:c0:5e:4a:0a:a5:d8:8f:2d:5a:6f:0c:83:92:4d:
e0:25:fb:26:95:7f:89:aa:3d:28:4d:9d:41:f8:3e:
67:49:11:d2:32:f4:85:2c:1f:40:8d:e7:58:9e:0a:
e3:3b:24:9c:7e:b9:22:42:60:00:05:ad:58:74:43:
f1:9c:49:7c:c5:c2:f9:a6:f8:60:48:54:43:59:12:
23:7a:ea:9b:65:e8:0d:0c:24:90:18:31:2c:15:7a:
8d:0f:90:11:b5:e1:90:f6:f9:bc:9b:55:8d:61:d9:
ce:0f:f8:a4:40:4e:7e:e1:1d:f5:ba:62:3b:3f:7c:
24:a9:a9:84:35:76:92:30:27:9c:b5:81:fd:d4:a4:
36:2d:53:76:60:84:62:3d:e6:83:fd:13:d2:78:24:
3d:7e:e2:1f:cd:83:43:20:93:a2:9b:b5:31:64:a1:
22:9b:19:c9:41:ba:e7:b1:dc:39:5b:75:0b:c6:fb:
25:3f:b0:7e:4e:84:a5:b5:5e:f2:a4:57:c2:96:f1:
c6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5E:96:43:7D:08:D2:B9:54:40:83:91:89:4C:95:E9:22:B9:B4:EF
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Nl6WQ30I0rlUQIORiUyV6SK5tO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.195.0-37.202.201.255
151.243.16.0/20
151.243.246.0-151.243.253.255
Signature Algorithm: sha256WithRSAEncryption
aa:10:95:0d:70:20:97:46:0a:5f:a9:55:00:2a:5c:b8:cf:a8:
f1:f5:0e:da:2f:88:bd:08:99:86:df:1a:f5:e0:cd:b8:43:4d:
4b:d0:a7:02:db:34:91:5e:ad:89:44:08:f9:74:ba:7e:5a:94:
cb:15:2b:91:97:9a:15:61:26:03:02:5a:a2:16:1d:8e:50:43:
52:31:46:03:5a:09:c3:91:92:93:69:0e:f2:48:c5:3d:fa:70:
27:a2:a7:fb:54:10:71:ee:9c:fc:c8:33:dd:42:e9:92:2c:18:
d8:c3:95:15:29:d1:ef:46:ca:17:83:87:91:e9:90:6b:e9:73:
fe:5c:bd:3d:16:d9:69:15:8d:d1:c4:26:2c:0f:c2:1a:05:ee:
45:e2:98:73:25:92:3b:23:70:38:92:2f:00:3a:67:8b:12:3a:
f8:d9:04:c8:3a:d8:98:0c:d3:73:05:5a:97:aa:00:12:64:4c:
d6:1b:df:a1:82:e3:30:ed:c1:9c:dd:a9:d3:e6:e0:de:b4:b7:
32:94:29:c9:3f:df:44:fa:e1:7d:65:32:45:3f:16:ce:06:76:
73:05:49:01:e0:df:ac:78:f0:16:51:47:91:1e:ba:0b:2a:d7:
4f:23:25:36:fa:05:a0:ec:37:e6:bc:7c:75:87:0c:ac:e3:7a:
9a:32:b0:a8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZS1708H4W2xGV75C+5ynNahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTMwMDYzOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjVlOTY0MzdkMDhkMmI5NTQ0MDgzOTE4OTRjOTVlOTIyYjliNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuGBuJn1jAAXqjgD8MMLt8LZakCP
qLwgvdW8TT+xLxWRtSuSUwONNm3t5J65PSzmjWex0Je/+FPi4ssWwF5KCqXYjy1a
bwyDkk3gJfsmlX+Jqj0oTZ1B+D5nSRHSMvSFLB9AjedYngrjOyScfrkiQmAABa1Y
dEPxnEl8xcL5pvhgSFRDWRIjeuqbZegNDCSQGDEsFXqND5ARteGQ9vm8m1WNYdnO
D/ikQE5+4R31umI7P3wkqamENXaSMCectYH91KQ2LVN2YIRiPeaD/RPSeCQ9fuIf
zYNDIJOim7UxZKEimxnJQbrnsdw5W3ULxvslP7B+ToSltV7ypFfClvHGuQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDZelkN9CNK5VECDkYlMlekiubTvMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTmw2V1EzMEkwcmxVUUlPUmlVeVY2U0s1dE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAJcrBMAwD
BAAlysMDBAElysgDBASX8xAwDAMEAZfz9gMEAZfz/DANBgkqhkiG9w0BAQsFAAOC
AQEAqhCVDXAgl0YKX6lVACpcuM+o8fUO2i+IvQiZht8a9eDNuENNS9CnAts0kV6t
iUQI+XS6flqUyxUrkZeaFWEmAwJaohYdjlBDUjFGA1oJw5GSk2kO8kjFPfpwJ6Kn
+1QQce6c/Mgz3ULpkiwY2MOVFSnR70bKF4OHkemQa+lz/ly9PRbZaRWN0cQmLA/C
GgXuReKYcyWSOyNwOJIvADpnixI6+NkEyDrYmAzTcwVal6oAEmRM1hvfoYLjMO3B
nN2p0+bg3rS3MpQpyT/fRPrhfWUyRT8WzgZ2cwVJAeDfrHjwFlFHkR66CyrXTyMl
NvoFoOw35rx8dYcMrON6mjKwqA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:29:58 2025 by rpki-client