Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XKyuscsDRMb8LQzmd06sJizjSQM.roa
File: XKyuscsDRMb8LQzmd06sJizjSQM.roa (raw, json)
Hash identifier: PHuUfXoEo+kBaB8yOlpGrP5j6Zxnzi2yvXEIL1u24cw=
Subject key identifier: 5C:AC:AE:B1:CB:03:44:C6:FC:2D:0C:E6:77:4E:AC:26:2C:E3:49:03
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019648A8E6F9A40C3D583057FBE39FA310FA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XKyuscsDRMb8LQzmd06sJizjSQM.roa
Signing time: Fri 18 Apr 2025 11:29:10 +0000
ROA not before: Fri 18 Apr 2025 11:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 37.202.222.0/24 maxlen: 24
151.240.3.0/24 maxlen: 24
151.240.110.0/24 maxlen: 24
151.242.33.0/24 maxlen: 24
151.242.174.0/23 maxlen: 23
151.242.192.0/23 maxlen: 23
151.243.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 26 Apr 2025 04:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:a8:e6:f9:a4:0c:3d:58:30:57:fb:e3:9f:a3:10:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 18 11:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cacaeb1cb0344c6fc2d0ce6774eac262ce34903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b4:68:15:c2:3c:65:db:c8:78:bc:5e:33:0a:
a1:36:a2:87:a4:81:a4:38:2d:9d:a2:51:19:f9:79:
63:47:21:32:2b:4a:9c:75:52:12:b0:ae:e8:85:8e:
80:e4:e2:c7:38:bd:3d:a2:ea:c8:f3:1d:c4:a8:8a:
ad:5a:8e:3a:2f:2e:b0:29:d8:ba:82:7d:ab:12:aa:
a9:1e:ab:bd:44:9a:09:a5:a7:99:05:b7:9b:99:1c:
61:a9:a6:43:0c:84:89:01:e5:2c:49:e5:93:74:95:
75:2a:0d:75:cc:72:22:89:49:62:56:d9:76:92:f4:
6a:eb:ac:0f:3a:e4:d5:1a:7f:bc:81:b2:ed:90:7d:
b2:1c:c8:58:04:24:c2:61:b4:6b:6c:90:d4:7a:92:
2c:30:80:c8:9b:4d:2f:65:79:05:b6:c2:2e:29:53:
b5:a1:3d:3d:9a:ce:32:88:92:e9:72:38:1d:77:ae:
5b:83:66:8b:79:39:6c:93:67:3f:d8:f4:4d:4b:f2:
7f:f9:3f:5b:f4:79:c9:ba:6e:a4:ed:c6:d3:18:ed:
ce:5c:ab:78:4e:5a:ec:aa:68:d3:09:be:79:a4:05:
af:5c:89:bc:20:d5:b5:e0:d0:25:44:06:90:e3:3e:
57:6a:a5:32:5c:3f:bc:bd:02:df:17:de:7e:93:41:
30:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AC:AE:B1:CB:03:44:C6:FC:2D:0C:E6:77:4E:AC:26:2C:E3:49:03
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XKyuscsDRMb8LQzmd06sJizjSQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.222.0/24
151.240.3.0/24
151.240.110.0/24
151.242.33.0/24
151.242.174.0/23
151.242.192.0/23
151.243.101.0/24
Signature Algorithm: sha256WithRSAEncryption
67:81:b2:a4:e2:03:c1:ac:48:03:9a:2d:ce:f6:91:97:dd:26:
d5:ef:8d:43:ae:49:02:b9:22:88:3c:f1:c9:e2:f3:6a:d5:22:
1b:29:aa:3d:19:92:70:31:3c:04:4a:b3:ba:ca:58:fb:bb:8c:
2b:89:fc:aa:40:af:93:de:1a:aa:6c:50:e0:21:08:6d:97:eb:
8c:ac:4d:00:aa:32:ac:f8:bb:ba:f2:5b:38:2b:15:fe:a7:15:
f2:39:9d:99:e1:a3:15:38:67:b8:ef:c5:90:4c:ff:55:ef:ec:
8f:2f:a5:63:9a:76:84:bb:42:e4:80:cf:e7:38:55:de:f9:52:
2f:ef:b8:d9:69:3e:61:41:88:af:11:89:62:32:c1:15:ee:42:
c9:4b:a2:ae:bb:85:f5:70:18:02:ad:27:61:cb:e4:67:d8:dd:
e7:8f:cc:d6:07:0d:b7:4e:8d:4c:df:79:59:8a:6e:17:c5:42:
43:e4:4e:2e:50:3f:62:95:e4:ed:39:7d:a8:10:7f:b5:a3:4d:
50:7e:61:82:5c:a3:e2:2d:b0:4d:9b:4f:62:02:23:ce:32:bd:
c3:b4:ae:db:68:dd:13:68:6b:bc:2d:bf:af:cb:41:b0:76:c0:
e8:27:93:32:00:73:5f:df:1e:11:ac:ba:67:19:2a:03:7e:ba:
05:cb:8c:d6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZZIqOb5pAw9WDBX++OfoxD6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDE4MTEyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2FjYWViMWNiMDM0NGM2ZmMyZDBjZTY3NzRlYWMyNjJjZTM0OTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLRoFcI8ZdvIeLxeMwqhNqKHpIGk
OC2dolEZ+XljRyEyK0qcdVISsK7ohY6A5OLHOL09ourI8x3EqIqtWo46Ly6wKdi6
gn2rEqqpHqu9RJoJpaeZBbebmRxhqaZDDISJAeUsSeWTdJV1Kg11zHIiiUliVtl2
kvRq66wPOuTVGn+8gbLtkH2yHMhYBCTCYbRrbJDUepIsMIDIm00vZXkFtsIuKVO1
oT09ms4yiJLpcjgdd65bg2aLeTlsk2c/2PRNS/J/+T9b9HnJum6k7cbTGO3OXKt4
TlrsqmjTCb55pAWvXIm8INW14NAlRAaQ4z5XaqUyXD+8vQLfF95+k0EwtwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFysrrHLA0TG/C0M5ndOrCYs40kDMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWEt5dXNjc0RSTWI4TFF6bWQwNnNKaXpqU1FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJcreAwQA
l/ADAwQAl/BuAwQAl/IhAwQBl/KuAwQBl/LAAwQAl/NlMA0GCSqGSIb3DQEBCwUA
A4IBAQBngbKk4gPBrEgDmi3O9pGX3SbV741DrkkCuSKIPPHJ4vNq1SIbKao9GZJw
MTwESrO6ylj7u4wrifyqQK+T3hqqbFDgIQhtl+uMrE0AqjKs+Lu68ls4KxX+pxXy
OZ2Z4aMVOGe478WQTP9V7+yPL6VjmnaEu0LkgM/nOFXe+VIv77jZaT5hQYivEYli
MsEV7kLJS6Kuu4X1cBgCrSdhy+Rn2N3nj8zWBw23To1M33lZim4XxUJD5E4uUD9i
leTtOX2oEH+1o01QfmGCXKPiLbBNm09iAiPOMr3DtK7baN0TaGu8Lb+vy0GwdsDo
J5MyAHNf3x4RrLpnGSoDfroFy4zW
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:35:53 2025 by rpki-client