Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/RdAcBpdncXfe2RzOi5xbSs6ls1I.roa
File: RdAcBpdncXfe2RzOi5xbSs6ls1I.roa (raw, json)
Hash identifier: BxgYc0XXUasj+uvX+tnIIhdyyHoG/Gf0vx8Pje1aY68=
Subject key identifier: 45:D0:1C:06:97:67:71:77:DE:D9:1C:CE:8B:9C:5B:4A:CE:A5:B3:52
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196B3DCBF80FF8E8F918A45E1CD8C4B5A39
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/RdAcBpdncXfe2RzOi5xbSs6ls1I.roa
Signing time: Fri 09 May 2025 07:05:10 +0000
ROA not before: Fri 09 May 2025 07:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 37.202.219.0/24 maxlen: 24
151.240.31.0/24 maxlen: 24
151.240.229.0/24 maxlen: 24
151.240.233.0/24 maxlen: 24
151.240.234.0/24 maxlen: 24
151.240.235.0/24 maxlen: 24
151.240.236.0/24 maxlen: 24
151.240.237.0/24 maxlen: 24
151.240.238.0/24 maxlen: 24
151.240.240.0/24 maxlen: 24
151.240.241.0/24 maxlen: 24
151.240.242.0/24 maxlen: 24
151.240.243.0/24 maxlen: 24
151.240.244.0/24 maxlen: 24
151.240.245.0/24 maxlen: 24
151.240.246.0/24 maxlen: 24
151.240.247.0/24 maxlen: 24
151.240.249.0/24 maxlen: 24
151.240.250.0/24 maxlen: 24
151.240.251.0/24 maxlen: 24
151.240.252.0/24 maxlen: 24
151.240.253.0/24 maxlen: 24
151.242.9.0/24 maxlen: 24
151.242.13.0/24 maxlen: 24
151.242.46.0/24 maxlen: 24
151.242.47.0/24 maxlen: 24
151.242.48.0/24 maxlen: 24
151.242.60.0/24 maxlen: 24
151.242.62.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.121.0/24 maxlen: 24
151.242.166.0/23 maxlen: 24
151.242.195.0/24 maxlen: 24
151.243.140.0/24 maxlen: 24
151.244.59.0/24 maxlen: 24
151.244.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 May 2025 09:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b3:dc:bf:80:ff:8e:8f:91:8a:45:e1:cd:8c:4b:5a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 9 07:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45d01c0697677177ded91cce8b9c5b4acea5b352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f1:8d:1e:4c:aa:09:ba:e0:e5:a3:f7:03:14:
f2:a8:eb:ee:b2:b3:aa:10:89:2d:ce:d6:2d:18:42:
4b:86:70:7f:ae:07:78:24:ec:d9:78:93:4e:10:8b:
ad:da:eb:60:63:15:ca:30:4a:7d:e3:0e:6e:e2:05:
9f:6d:bb:62:f2:12:83:0a:43:0b:88:25:b3:3a:1a:
f7:5a:d5:74:a4:8f:2f:7c:cd:de:db:15:6a:1c:d4:
d2:63:b8:b5:77:9e:76:08:95:0c:1d:1f:3d:c6:3f:
27:64:81:5d:1c:8f:eb:7c:39:28:eb:26:f7:ca:21:
6b:8e:c1:c5:81:c4:88:7a:3b:36:e6:a6:44:6d:7f:
eb:18:9c:d1:63:7b:36:47:4b:50:3f:da:bc:28:63:
fd:87:c9:13:94:6b:68:4c:da:8b:11:01:2d:15:90:
4b:f5:85:cd:d0:98:23:33:41:07:b2:1f:fe:bf:38:
96:10:3e:13:3f:91:c9:75:29:55:99:00:bf:f9:a0:
f5:38:0c:ff:b1:c5:22:fd:e7:ea:da:0f:fb:b8:42:
cf:08:f6:ad:32:f5:ce:36:73:f1:36:d4:2b:4f:b0:
cb:52:6c:cd:0f:d1:f9:5f:a9:5f:19:46:75:14:50:
9a:26:bb:1d:0b:06:62:40:ab:91:79:b2:10:0d:5a:
00:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D0:1C:06:97:67:71:77:DE:D9:1C:CE:8B:9C:5B:4A:CE:A5:B3:52
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/RdAcBpdncXfe2RzOi5xbSs6ls1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.219.0/24
151.240.31.0/24
151.240.229.0/24
151.240.233.0-151.240.238.255
151.240.240.0/21
151.240.249.0-151.240.253.255
151.242.9.0/24
151.242.13.0/24
151.242.46.0-151.242.48.255
151.242.60.0/24
151.242.62.0/24
151.242.64.0/24
151.242.121.0/24
151.242.166.0/23
151.242.195.0/24
151.243.140.0/24
151.244.59.0/24
151.244.117.0/24
Signature Algorithm: sha256WithRSAEncryption
28:be:5a:bb:3e:96:60:e0:6f:dd:e1:91:20:60:df:57:c9:bb:
74:d4:1c:40:df:7d:ee:fb:dc:70:c5:e4:cf:ca:91:3c:9d:69:
0c:67:93:2c:f3:a3:63:4f:7a:f0:63:f9:09:65:ee:22:86:9f:
1b:9b:03:35:90:96:5c:28:cc:bf:04:76:b5:ad:63:46:31:b9:
1a:6d:46:49:3a:9d:94:66:fd:d4:2c:07:42:2d:f3:85:8f:15:
9d:a4:8c:c7:17:6e:96:db:ba:a2:f4:d7:57:84:1c:4c:91:cd:
45:1d:e2:d7:e1:89:67:e8:a0:2e:56:e9:3c:e8:ba:4d:93:47:
0a:0d:c4:b6:79:d9:68:63:31:e9:a3:3d:6d:a3:0d:94:fa:3c:
76:9f:76:ff:e7:ae:ee:41:ec:84:23:98:1c:2e:c8:d8:fa:f3:
df:db:56:0a:1c:03:a9:6f:2a:30:9f:f3:fe:dd:8b:93:b0:cb:
5a:66:00:7f:3c:fe:25:27:52:01:9c:7b:22:3a:6c:e3:fd:fd:
97:d0:7e:f8:9e:d7:e7:6c:2d:e8:33:75:3a:27:eb:7a:95:9e:
9e:c1:79:d4:c8:51:f8:44:04:78:08:d6:f7:c1:44:e2:c2:1c:
50:77:d0:56:4e:7c:67:82:98:a7:2f:e2:11:c2:bd:df:4c:dd:
8b:0b:89:5d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZaz3L+A/46PkYpF4c2MS1o5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA5MDcwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQwMWMwNjk3Njc3MTc3ZGVkOTFjY2U4YjljNWI0YWNlYTViMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvGNHkyqCbrg5aP3AxTyqOvusrOq
EIktztYtGEJLhnB/rgd4JOzZeJNOEIut2utgYxXKMEp94w5u4gWfbbti8hKDCkML
iCWzOhr3WtV0pI8vfM3e2xVqHNTSY7i1d552CJUMHR89xj8nZIFdHI/rfDko6yb3
yiFrjsHFgcSIejs25qZEbX/rGJzRY3s2R0tQP9q8KGP9h8kTlGtoTNqLEQEtFZBL
9YXN0JgjM0EHsh/+vziWED4TP5HJdSlVmQC/+aD1OAz/scUi/efq2g/7uELPCPat
MvXONnPxNtQrT7DLUmzND9H5X6lfGUZ1FFCaJrsdCwZiQKuRebIQDVoAZwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFEXQHAaXZ3F33tkczoucW0rOpbNSMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUmRBY0JwZG5jWGZlMlJ6T2k1eGJTczZsczFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAl
ytsDBACX8B8DBACX8OUwDAMEAJfw6QMEAJfw7gMEA5fw8DAMAwQAl/D5AwQBl/D8
AwQAl/IJAwQAl/INMAwDBAGX8i4DBACX8jADBACX8jwDBACX8j4DBACX8kADBACX
8nkDBAGX8qYDBACX8sMDBACX84wDBACX9DsDBACX9HUwDQYJKoZIhvcNAQELBQAD
ggEBACi+Wrs+lmDgb93hkSBg31fJu3TUHEDffe773HDF5M/KkTydaQxnkyzzo2NP
evBj+Qll7iKGnxubAzWQllwozL8EdrWtY0YxuRptRkk6nZRm/dQsB0It84WPFZ2k
jMcXbpbbuqL011eEHEyRzUUd4tfhiWfooC5W6Tzouk2TRwoNxLZ52WhjMemjPW2j
DZT6PHafdv/nru5B7IQjmBwuyNj689/bVgocA6lvKjCf8/7di5Owy1pmAH88/iUn
UgGceyI6bOP9/ZfQfvie1+dsLegzdTon63qVnp7BedTIUfhEBHgI1vfBROLCHFB3
0FZOfGeCmKcv4hHCvd9M3YsLiV0=
-----END CERTIFICATE-----
Generated at Sat Jun 7 06:39:05 2025 by rpki-client