Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XXNtnilxDYMP6AoVpq6xNbJYVkU.roa
File: XXNtnilxDYMP6AoVpq6xNbJYVkU.roa (raw, json)
Hash identifier: 3zfBvlnu+Ub869wk1T7SW3BaNqB/enNaYUBsgrw++xI=
Subject key identifier: 5D:73:6D:9E:29:71:0D:83:0F:E8:0A:15:A6:AE:B1:35:B2:58:56:45
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019680505683744DFE339CDB2D9179A79774
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XXNtnilxDYMP6AoVpq6xNbJYVkU.roa
Signing time: Tue 29 Apr 2025 06:51:10 +0000
ROA not before: Tue 29 Apr 2025 06:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 37.202.219.0/24 maxlen: 24
151.240.28.0/24 maxlen: 24
151.240.29.0/24 maxlen: 24
151.240.31.0/24 maxlen: 24
151.240.226.0/24 maxlen: 24
151.240.227.0/24 maxlen: 24
151.240.228.0/24 maxlen: 24
151.240.229.0/24 maxlen: 24
151.240.230.0/24 maxlen: 24
151.240.231.0/24 maxlen: 24
151.240.232.0/24 maxlen: 24
151.240.233.0/24 maxlen: 24
151.240.234.0/24 maxlen: 24
151.240.235.0/24 maxlen: 24
151.240.236.0/24 maxlen: 24
151.240.237.0/24 maxlen: 24
151.240.238.0/24 maxlen: 24
151.240.239.0/24 maxlen: 24
151.240.240.0/24 maxlen: 24
151.240.241.0/24 maxlen: 24
151.240.242.0/24 maxlen: 24
151.240.243.0/24 maxlen: 24
151.240.244.0/24 maxlen: 24
151.240.245.0/24 maxlen: 24
151.240.246.0/24 maxlen: 24
151.240.247.0/24 maxlen: 24
151.240.249.0/24 maxlen: 24
151.240.250.0/24 maxlen: 24
151.240.251.0/24 maxlen: 24
151.240.252.0/24 maxlen: 24
151.240.253.0/24 maxlen: 24
151.242.9.0/24 maxlen: 24
151.242.13.0/24 maxlen: 24
151.242.46.0/24 maxlen: 24
151.242.47.0/24 maxlen: 24
151.242.48.0/24 maxlen: 24
151.242.60.0/24 maxlen: 24
151.242.62.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.121.0/24 maxlen: 24
151.242.166.0/23 maxlen: 24
151.242.195.0/24 maxlen: 24
151.243.51.0/24 maxlen: 24
151.243.57.0/24 maxlen: 24
151.243.80.0/24 maxlen: 24
151.243.140.0/24 maxlen: 24
151.243.150.0/24 maxlen: 24
151.243.164.0/24 maxlen: 24
151.244.59.0/24 maxlen: 24
151.244.116.0/24 maxlen: 24
151.244.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Apr 2025 13:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:50:56:83:74:4d:fe:33:9c:db:2d:91:79:a7:97:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 29 06:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d736d9e29710d830fe80a15a6aeb135b2585645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e5:aa:6b:71:c9:cb:53:72:09:cc:3e:98:15:
d2:48:c2:8f:5c:ff:b0:0d:08:34:84:44:1b:be:e4:
cb:84:dd:a9:11:1b:a1:45:5f:6b:52:67:68:1e:f5:
0a:00:0b:ff:f5:41:0b:a1:df:7b:03:d3:a7:db:af:
59:7e:96:22:87:8c:75:4b:44:f6:a3:a6:f3:bf:4f:
ad:81:09:9f:6f:61:96:c3:ee:26:b9:ce:8a:af:31:
9f:75:b7:e1:aa:47:16:f5:32:85:e5:ae:f7:a2:c7:
33:cf:69:a3:78:6e:b0:45:ac:50:e8:b5:23:21:3a:
2c:e5:cd:52:b2:85:2a:da:8a:13:7c:3f:31:bb:d7:
d0:9f:a9:30:e2:af:81:fa:d2:32:77:9b:1f:cc:c3:
32:fe:1a:30:64:b0:af:b4:18:50:96:d7:ff:6a:7d:
3c:9c:35:c5:25:bb:77:af:1f:84:89:53:9f:8e:95:
b7:f6:40:63:8a:da:9f:e8:e5:a7:8d:8b:8e:e2:11:
03:04:39:19:e8:61:b8:66:bb:50:0c:11:5e:35:9d:
01:66:9b:d1:90:6f:87:70:ca:a5:5b:1d:56:a4:3a:
ee:53:bc:4f:d6:6c:b8:ac:a2:2b:bf:c4:22:5d:19:
08:b2:f9:3e:e3:9b:11:5e:b4:e8:9b:a5:c3:74:e3:
2b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:73:6D:9E:29:71:0D:83:0F:E8:0A:15:A6:AE:B1:35:B2:58:56:45
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XXNtnilxDYMP6AoVpq6xNbJYVkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.219.0/24
151.240.28.0/23
151.240.31.0/24
151.240.226.0-151.240.247.255
151.240.249.0-151.240.253.255
151.242.9.0/24
151.242.13.0/24
151.242.46.0-151.242.48.255
151.242.60.0/24
151.242.62.0/24
151.242.64.0/24
151.242.121.0/24
151.242.166.0/23
151.242.195.0/24
151.243.51.0/24
151.243.57.0/24
151.243.80.0/24
151.243.140.0/24
151.243.150.0/24
151.243.164.0/24
151.244.59.0/24
151.244.116.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:98:14:dd:48:5e:5e:24:29:f5:b0:e5:9b:72:a7:38:d0:ef:
c1:11:81:52:d4:8f:1f:ad:ee:2d:f8:e0:6b:84:16:21:13:27:
5a:75:1f:84:81:a4:78:c8:93:7e:14:44:27:3b:3e:c7:2f:b1:
3f:1f:62:67:ff:63:0e:11:0c:4d:15:0b:af:d2:50:b0:61:c3:
10:cb:3f:51:cf:6e:c2:20:ed:0e:ca:1a:d9:03:c2:ca:b5:10:
d9:4a:1a:64:02:ca:c0:0f:02:38:69:66:35:aa:38:e8:09:ed:
6c:aa:0e:f2:f5:47:ba:86:d7:46:60:41:ba:6d:e0:4a:31:fa:
d2:25:2c:81:e0:26:7f:f1:d2:6d:9f:2b:3f:9a:00:7d:8f:79:
e5:26:75:59:10:bc:e0:3d:9a:f5:98:41:8a:0c:12:40:eb:1b:
59:a0:fd:3d:4e:3b:b8:44:4d:f4:ab:06:53:e0:2e:30:a6:f3:
6b:3e:47:13:1c:d3:79:bf:06:0e:c8:1b:d3:70:3d:c2:2f:80:
a4:47:02:1e:20:d0:6d:66:c1:93:6f:58:3e:2f:13:27:53:af:
a9:69:ae:2a:73:56:38:ce:62:e0:e3:a1:e8:a3:68:45:7b:2e:
b4:05:f3:4f:bc:83:0f:35:51:dc:3a:8f:ab:04:af:cb:1e:b3:
fc:9c:57:25
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZaAUFaDdE3+M5zbLZF5p5d0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI5MDY1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDczNmQ5ZTI5NzEwZDgzMGZlODBhMTVhNmFlYjEzNWIyNTg1NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+Wqa3HJy1NyCcw+mBXSSMKPXP+w
DQg0hEQbvuTLhN2pERuhRV9rUmdoHvUKAAv/9UELod97A9On269ZfpYih4x1S0T2
o6bzv0+tgQmfb2GWw+4muc6KrzGfdbfhqkcW9TKF5a73osczz2mjeG6wRaxQ6LUj
ITos5c1SsoUq2ooTfD8xu9fQn6kw4q+B+tIyd5sfzMMy/howZLCvtBhQltf/an08
nDXFJbt3rx+EiVOfjpW39kBjitqf6OWnjYuO4hEDBDkZ6GG4ZrtQDBFeNZ0BZpvR
kG+HcMqlWx1WpDruU7xP1my4rKIrv8QiXRkIsvk+45sRXrTom6XDdOMr8wIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFF1zbZ4pcQ2DD+gKFaausTWyWFZFMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWFhOdG5pbHhEWU1QNkFvVnBxNnhOYkpZVmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAAl
ytsDBAGX8BwDBACX8B8wDAMEAZfw4gMEA5fw8DAMAwQAl/D5AwQBl/D8AwQAl/IJ
AwQAl/INMAwDBAGX8i4DBACX8jADBACX8jwDBACX8j4DBACX8kADBACX8nkDBAGX
8qYDBACX8sMDBACX8zMDBACX8zkDBACX81ADBACX84wDBACX85YDBACX86QDBACX
9DsDBAGX9HQwDQYJKoZIhvcNAQELBQADggEBAC2YFN1IXl4kKfWw5ZtypzjQ78ER
gVLUjx+t7i344GuEFiETJ1p1H4SBpHjIk34URCc7PscvsT8fYmf/Yw4RDE0VC6/S
ULBhwxDLP1HPbsIg7Q7KGtkDwsq1ENlKGmQCysAPAjhpZjWqOOgJ7WyqDvL1R7qG
10ZgQbpt4Eox+tIlLIHgJn/x0m2fKz+aAH2PeeUmdVkQvOA9mvWYQYoMEkDrG1mg
/T1OO7hETfSrBlPgLjCm82s+RxMc03m/Bg7IG9NwPcIvgKRHAh4g0G1mwZNvWD4v
EydTr6lpripzVjjOYuDjoeijaEV7LrQF80+8gw81Udw6j6sEr8ses/ycVyU=
-----END CERTIFICATE-----
Generated at Thu Jun 12 16:38:49 2025 by rpki-client