Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/U1m7p36CDZq4IW85x0ug8QIUkvY.roa
File: U1m7p36CDZq4IW85x0ug8QIUkvY.roa (raw, json)
Hash identifier: 1rrTuv29IhfCq7g6+Z1S4Td3rqU4eF1PQplVMYF0Ls0=
Subject key identifier: 53:59:BB:A7:7E:82:0D:9A:B8:21:6F:39:C7:4B:A0:F1:02:14:92:F6
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194CBC0EFE51B33934D78E86A99662FEDEC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/U1m7p36CDZq4IW85x0ug8QIUkvY.roa
Signing time: Mon 03 Feb 2025 12:20:06 +0000
ROA not before: Mon 03 Feb 2025 12:20:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.202.194.0/24 maxlen: 24
37.202.205.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.20.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 04:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:c0:ef:e5:1b:33:93:4d:78:e8:6a:99:66:2f:ed:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 3 12:20:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5359bba77e820d9ab8216f39c74ba0f1021492f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:df:de:97:c5:58:4a:fc:4f:66:52:42:16:24:
b7:72:11:43:a8:ff:0f:d4:78:d5:be:e3:da:60:d7:
6c:43:d5:1a:12:5d:f8:e1:aa:ac:00:9f:7a:9d:5e:
4b:6e:0f:52:78:bd:49:1c:4a:16:85:cd:c3:42:15:
6b:1b:11:8a:b8:31:84:23:12:67:2a:5f:92:4d:25:
94:d9:fb:15:48:54:a2:75:d9:3d:c3:51:b9:ba:01:
67:eb:fd:ed:51:83:bd:b3:62:b6:51:d6:57:5c:42:
f0:d1:4e:b0:dd:05:4b:9b:b5:52:8c:21:1d:77:d6:
16:4f:a3:a3:96:35:e7:b0:10:78:6b:b1:0f:88:94:
b9:e0:3f:ee:b2:94:77:a3:22:4f:c0:2c:e6:58:3b:
23:28:cd:33:46:8b:79:38:ce:be:7e:ee:13:a9:8e:
56:b3:dc:c1:73:fb:7d:4d:fa:a9:98:44:06:dc:79:
f1:76:a8:73:77:3d:f5:8d:22:dc:1b:6e:71:ec:bb:
f8:fe:15:45:ee:1f:eb:84:85:39:7f:d1:9a:91:e9:
ec:a4:9e:4c:ff:90:e0:b3:4a:0b:ae:a9:d7:7d:72:
34:0c:d1:be:99:33:3c:1d:30:36:f8:d5:cd:36:01:
48:7f:3b:2e:4d:a3:3c:53:c3:66:16:c2:a7:68:a7:
65:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:59:BB:A7:7E:82:0D:9A:B8:21:6F:39:C7:4B:A0:F1:02:14:92:F6
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/U1m7p36CDZq4IW85x0ug8QIUkvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
37.202.205.0/24
37.202.208.0-37.202.210.255
37.202.212.0/23
151.242.14.0/24
151.242.20.0/24
151.243.162.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ea:82:74:c4:44:9a:0e:63:6c:ca:e3:a2:fb:8a:d0:6d:ce:
bc:67:4a:a6:40:ed:61:49:48:8e:4e:d7:5b:99:b3:d9:1b:b5:
df:40:6e:93:bd:e4:c6:a1:d7:6e:a5:1e:cc:46:c2:7c:5b:81:
fc:c8:9f:6e:f3:70:b7:bf:2e:21:ce:84:97:7c:8c:dc:7e:30:
11:6f:04:0d:1f:0c:ea:cc:d0:f9:37:1a:7c:c0:fe:3d:02:a8:
15:d5:c6:22:65:dc:5e:fb:9b:0f:36:1f:44:eb:dc:3b:6a:07:
f3:d1:82:0d:49:08:b9:f9:77:4e:1d:08:c8:22:e4:de:ec:2d:
f8:d9:b5:83:34:10:6f:48:23:53:23:7d:ff:1f:64:88:85:f6:
62:69:e7:91:ab:94:6f:ca:72:e6:22:02:b8:38:e2:74:43:11:
a2:09:53:14:bf:02:20:3b:72:bb:57:49:6d:fb:5a:1a:b0:b5:
a4:32:a0:b4:7c:0d:d7:ec:e6:d8:80:14:72:dc:51:50:8d:5d:
f1:80:6f:6c:f9:6f:51:c0:ef:81:34:3c:09:47:f9:d1:53:bd:
6f:6c:dc:6f:0e:e6:75:57:e7:26:ae:7c:e1:7e:41:1c:83:11:
49:0e:6c:66:4e:fb:ab:85:90:26:92:26:02:77:8e:85:86:54:
42:e3:0e:8c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZTLwO/lGzOTTXjoaplmL+3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjAzMTIyMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzU5YmJhNzdlODIwZDlhYjgyMTZmMzljNzRiYTBmMTAyMTQ5MmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9/el8VYSvxPZlJCFiS3chFDqP8P
1HjVvuPaYNdsQ9UaEl344aqsAJ96nV5Lbg9SeL1JHEoWhc3DQhVrGxGKuDGEIxJn
Kl+STSWU2fsVSFSiddk9w1G5ugFn6/3tUYO9s2K2UdZXXELw0U6w3QVLm7VSjCEd
d9YWT6OjljXnsBB4a7EPiJS54D/uspR3oyJPwCzmWDsjKM0zRot5OM6+fu4TqY5W
s9zBc/t9TfqpmEQG3Hnxdqhzdz31jSLcG25x7Lv4/hVF7h/rhIU5f9GakenspJ5M
/5Dgs0oLrqnXfXI0DNG+mTM8HTA2+NXNNgFIfzsuTaM8U8NmFsKnaKdlmQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFNZu6d+gg2auCFvOcdLoPECFJL2MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVTFtN3AzNkNEWnE0SVc4NXgwdWc4UUlVa3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAJcrCAwQA
JcrNMAwDBAQlytADBAAlytIDBAElytQDBACX8g4DBACX8hQDBACX86IwDQYJKoZI
hvcNAQELBQADggEBAHHqgnTERJoOY2zK46L7itBtzrxnSqZA7WFJSI5O11uZs9kb
td9AbpO95Mah126lHsxGwnxbgfzIn27zcLe/LiHOhJd8jNx+MBFvBA0fDOrM0Pk3
GnzA/j0CqBXVxiJl3F77mw82H0Tr3DtqB/PRgg1JCLn5d04dCMgi5N7sLfjZtYM0
EG9II1Mjff8fZIiF9mJp55GrlG/KcuYiArg44nRDEaIJUxS/AiA7crtXSW37Whqw
taQyoLR8Ddfs5tiAFHLcUVCNXfGAb2z5b1HA74E0PAlH+dFTvW9s3G8O5nVX5yau
fOF+QRyDEUkObGZO+6uFkCaSJgJ3joWGVELjDow=
-----END CERTIFICATE-----
Generated at Fri Apr 11 12:28:57 2025 by rpki-client