Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/X3KkOLZlw_8tNCiN3srnLURLSAY.roa
File: X3KkOLZlw_8tNCiN3srnLURLSAY.roa (raw, json)
Hash identifier: cuiZkWBHuqVK2udvxqjEBEQtCW9ZtDFPM/ePAmJjMyE=
Subject key identifier: 5F:72:A4:38:B6:65:C3:FF:2D:34:28:8D:DE:CA:E7:2D:44:4B:48:06
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019675A46850EB2FF8CACA3790E62EC57D49
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/X3KkOLZlw_8tNCiN3srnLURLSAY.roa
Signing time: Sun 27 Apr 2025 05:07:10 +0000
ROA not before: Sun 27 Apr 2025 05:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.195.0/24 maxlen: 24
37.202.196.0/24 maxlen: 24
37.202.197.0/24 maxlen: 24
37.202.198.0/24 maxlen: 24
37.202.199.0/24 maxlen: 24
37.202.200.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
151.243.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 May 2025 10:13:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:75:a4:68:50:eb:2f:f8:ca:ca:37:90:e6:2e:c5:7d:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 27 05:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f72a438b665c3ff2d34288ddecae72d444b4806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:01:6d:d8:c6:77:b7:85:a0:8f:c2:ce:90:8c:
4c:f5:68:a8:79:60:2a:a4:4c:60:0c:d3:18:8c:7b:
60:85:32:e9:62:6f:b4:7d:83:8e:86:50:6b:6b:be:
ee:0f:85:fe:13:30:2d:00:1d:e4:00:5a:41:93:c2:
d3:c6:3e:c7:81:5c:72:fb:81:89:1b:ef:9b:47:d4:
df:a9:a0:c4:7d:78:b3:71:96:d1:e0:ca:d7:44:56:
9e:fb:6b:65:2b:ec:b9:19:51:59:97:34:0c:89:39:
25:3c:2e:84:0a:e7:76:f4:22:c2:e5:b1:30:82:07:
8f:1e:ae:6e:73:8e:8d:17:ef:3a:21:71:e8:9f:c3:
42:f3:c0:dd:83:3b:4f:90:b9:ca:d4:a5:59:2b:02:
83:6e:d1:b8:6f:e1:82:8f:d5:0c:95:1b:f3:2d:9a:
bf:6b:6c:be:34:c2:e5:9f:d8:f5:d5:45:cb:a4:7d:
5c:57:2d:b2:73:a3:e4:26:83:52:35:d1:c6:b6:af:
38:e7:c1:aa:c4:44:54:3c:dc:6b:49:d9:ba:29:10:
6b:b1:e4:6e:80:08:d0:a6:c4:5e:bb:e3:4a:e0:a8:
15:41:68:f1:3e:7b:6c:56:97:7e:8c:61:e5:1f:20:
37:87:17:60:56:a6:49:bd:50:11:e9:34:53:d9:74:
c4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:72:A4:38:B6:65:C3:FF:2D:34:28:8D:DE:CA:E7:2D:44:4B:48:06
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/X3KkOLZlw_8tNCiN3srnLURLSAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.195.0-37.202.201.255
151.243.54.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:40:4b:26:d6:02:9d:ac:30:18:44:b3:4b:dd:21:a9:b8:99:
de:b0:1d:67:36:82:f2:df:8e:f7:c3:03:bc:7d:05:d4:e7:dc:
f9:94:12:30:a0:cb:7c:5f:08:76:1e:a9:0f:db:35:c6:ad:5c:
47:b5:2b:b0:71:98:e4:2d:f5:60:d7:3f:77:0d:a3:81:a2:3c:
bf:a5:5e:f8:9b:57:b3:bd:42:86:d9:36:5a:0a:2a:2a:19:23:
a5:03:df:a5:98:90:50:5e:b3:d5:fa:14:19:ce:20:c8:b1:d5:
50:81:9e:6a:4f:4a:50:7b:81:c1:ce:08:e4:20:ac:b3:82:9e:
49:68:de:55:1b:89:b6:45:ca:54:60:4e:bc:1d:ff:4b:b5:0c:
ec:68:3c:6a:b4:b3:7c:c1:4e:20:f2:23:68:42:17:77:aa:fc:
e9:bc:48:fd:fb:21:c1:f9:a7:0f:c4:af:5c:c6:cc:cb:04:b2:
2d:01:3c:f0:10:24:03:41:db:60:d8:41:6f:db:92:ca:3d:66:
e4:ce:32:a5:66:a0:ea:9c:0b:3d:64:84:d6:61:98:c2:49:c7:
c2:13:49:08:1b:ff:61:8f:46:dc:d5:89:6e:40:8e:76:f6:6c:
04:0d:07:8e:98:92:a1:33:85:6a:c9:38:18:a6:2a:70:3e:e2:
70:a8:9d:a8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZZ1pGhQ6y/4yso3kOYuxX1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI3MDUwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjcyYTQzOGI2NjVjM2ZmMmQzNDI4OGRkZWNhZTcyZDQ0NGI0ODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwFt2MZ3t4Wgj8LOkIxM9WioeWAq
pExgDNMYjHtghTLpYm+0fYOOhlBra77uD4X+EzAtAB3kAFpBk8LTxj7HgVxy+4GJ
G++bR9TfqaDEfXizcZbR4MrXRFae+2tlK+y5GVFZlzQMiTklPC6ECud29CLC5bEw
ggePHq5uc46NF+86IXHon8NC88DdgztPkLnK1KVZKwKDbtG4b+GCj9UMlRvzLZq/
a2y+NMLln9j11UXLpH1cVy2yc6PkJoNSNdHGtq8458GqxERUPNxrSdm6KRBrseRu
gAjQpsReu+NK4KgVQWjxPntsVpd+jGHlHyA3hxdgVqZJvVAR6TRT2XTEzwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF9ypDi2ZcP/LTQojd7K5y1ES0gGMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWDNLa09MWmx3Xzh0TkNpTjNzcm5MVVJMU0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAJcrBMAwD
BAAlysMDBAElysgDBACX8zYwDQYJKoZIhvcNAQELBQADggEBAFtASybWAp2sMBhE
s0vdIam4md6wHWc2gvLfjvfDA7x9BdTn3PmUEjCgy3xfCHYeqQ/bNcatXEe1K7Bx
mOQt9WDXP3cNo4GiPL+lXvibV7O9QobZNloKKioZI6UD36WYkFBes9X6FBnOIMix
1VCBnmpPSlB7gcHOCOQgrLOCnklo3lUbibZFylRgTrwd/0u1DOxoPGq0s3zBTiDy
I2hCF3eq/Om8SP37IcH5pw/Er1zGzMsEsi0BPPAQJANB22DYQW/bkso9ZuTOMqVm
oOqcCz1khNZhmMJJx8ITSQgb/2GPRtzViW5Ajnb2bAQNB46YkqEzhWrJOBimKnA+
4nConag=
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:54:20 2025 by rpki-client