Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_4JLl5uOuGb7RdIlWRvl_0DXiDQ.roa
File: _4JLl5uOuGb7RdIlWRvl_0DXiDQ.roa (raw, json)
Hash identifier: wsYW3OU4IQ4zREQrDHtCPQY/aiIIIowEueqwkDiAxhk=
Subject key identifier: FF:82:4B:97:9B:8E:B8:66:FB:45:D2:25:59:1B:E5:FF:40:D7:88:34
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196E7D9C56683338DC01C5236B792E00EBD
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_4JLl5uOuGb7RdIlWRvl_0DXiDQ.roa
Signing time: Mon 19 May 2025 09:22:10 +0000
ROA not before: Mon 19 May 2025 09:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 37.202.219.0/24 maxlen: 24
151.240.31.0/24 maxlen: 24
151.240.229.0/24 maxlen: 24
151.240.233.0/24 maxlen: 24
151.240.234.0/24 maxlen: 24
151.240.235.0/24 maxlen: 24
151.240.236.0/24 maxlen: 24
151.240.237.0/24 maxlen: 24
151.240.238.0/24 maxlen: 24
151.240.240.0/24 maxlen: 24
151.240.246.0/24 maxlen: 24
151.240.247.0/24 maxlen: 24
151.240.249.0/24 maxlen: 24
151.240.250.0/24 maxlen: 24
151.240.251.0/24 maxlen: 24
151.240.252.0/24 maxlen: 24
151.240.253.0/24 maxlen: 24
151.242.9.0/24 maxlen: 24
151.242.13.0/24 maxlen: 24
151.242.46.0/24 maxlen: 24
151.242.47.0/24 maxlen: 24
151.242.48.0/24 maxlen: 24
151.242.60.0/24 maxlen: 24
151.242.62.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.121.0/24 maxlen: 24
151.242.166.0/23 maxlen: 24
151.242.195.0/24 maxlen: 24
151.243.140.0/24 maxlen: 24
151.244.59.0/24 maxlen: 24
151.244.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 May 2025 18:11:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:d9:c5:66:83:33:8d:c0:1c:52:36:b7:92:e0:0e:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 19 09:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff824b979b8eb866fb45d225591be5ff40d78834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:dd:59:c5:88:18:af:82:8c:8d:ab:92:e8:02:
b9:33:d5:ad:06:bc:95:59:0b:eb:6c:df:57:dd:8f:
6a:57:88:61:5a:d4:e1:96:64:81:4a:94:a2:7e:ab:
90:a9:83:c0:68:f3:cc:84:0d:83:78:03:1c:ba:40:
be:37:20:ab:55:7a:1f:e2:a9:8b:62:7b:b4:53:fc:
1e:29:15:29:1d:a1:95:1f:e1:5a:b7:4b:13:b2:78:
95:56:55:b9:f6:82:d9:23:ba:3c:34:3e:10:1f:d9:
f0:76:4e:36:14:ef:69:c9:ad:6f:7a:e8:65:82:00:
7d:49:54:0b:2f:73:81:2b:3a:11:39:c7:c8:13:ff:
99:b7:f0:b1:41:4b:55:6c:08:33:d2:cc:99:40:e5:
e8:09:2e:35:dc:87:0f:45:36:70:00:6d:1f:a0:68:
fb:40:cd:84:e2:b6:3a:97:1e:90:98:19:67:c7:53:
e2:fc:5d:8b:49:23:a9:c9:aa:a0:e1:04:8a:b3:d2:
77:e7:d0:57:5a:db:3a:2e:ff:ce:8d:1e:b9:aa:50:
29:18:b8:72:f0:28:7d:17:3d:08:43:66:c0:3b:d0:
de:ad:d7:0d:92:3e:f1:f0:d5:82:23:2b:5f:f8:54:
02:2b:00:c3:39:10:6a:64:f1:56:1e:a7:fd:18:65:
11:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:82:4B:97:9B:8E:B8:66:FB:45:D2:25:59:1B:E5:FF:40:D7:88:34
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_4JLl5uOuGb7RdIlWRvl_0DXiDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.219.0/24
151.240.31.0/24
151.240.229.0/24
151.240.233.0-151.240.238.255
151.240.240.0/24
151.240.246.0/23
151.240.249.0-151.240.253.255
151.242.9.0/24
151.242.13.0/24
151.242.46.0-151.242.48.255
151.242.60.0/24
151.242.62.0/24
151.242.64.0/24
151.242.121.0/24
151.242.166.0/23
151.242.195.0/24
151.243.140.0/24
151.244.59.0/24
151.244.117.0/24
Signature Algorithm: sha256WithRSAEncryption
30:02:b1:5d:0e:af:64:e7:15:ba:76:10:71:a4:29:5b:a8:ba:
4c:be:40:bd:c4:8b:6d:fd:de:28:b0:dc:45:7c:da:99:5d:66:
dc:57:42:96:a4:39:e2:a2:43:ac:82:3f:c7:ec:f7:e4:47:90:
94:1b:5f:9c:82:12:8a:43:3d:18:6b:75:57:d4:28:cf:03:d5:
9f:6c:51:92:ce:38:96:cb:81:77:df:88:02:f8:b6:bc:3d:44:
0c:bb:ed:2f:ed:1f:a8:37:93:83:c4:38:5b:f6:af:a8:6c:20:
b5:b2:f1:82:b3:69:ea:5b:dd:f9:f8:e3:31:35:65:e5:67:bf:
f5:38:e6:fd:f0:df:93:70:a1:9a:d8:e7:cf:39:ee:47:83:2d:
98:dd:be:04:d4:cb:14:df:14:a3:02:15:61:f7:ca:5f:6d:40:
bc:60:63:b2:4d:c4:1c:ec:0a:b1:98:7d:bc:01:91:7a:f7:38:
bd:3b:46:4a:da:10:40:e4:c1:e1:df:34:7c:c2:bf:d3:57:cd:
be:0d:13:bc:b8:ad:cd:2e:36:ca:bd:0b:58:21:cb:55:c9:59:
47:20:b8:c0:7a:fd:2a:46:50:4a:6d:71:a2:78:45:29:ca:25:
9f:dc:24:38:a4:e4:29:bb:f1:9f:7d:c1:32:be:b7:71:a0:d3:
c0:95:db:ab
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZbn2cVmgzONwBxSNreS4A69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTE5MDkyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjgyNGI5NzliOGViODY2ZmI0NWQyMjU1OTFiZTVmZjQwZDc4ODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv91ZxYgYr4KMjauS6AK5M9WtBryV
WQvrbN9X3Y9qV4hhWtThlmSBSpSifquQqYPAaPPMhA2DeAMcukC+NyCrVXof4qmL
Ynu0U/weKRUpHaGVH+Fat0sTsniVVlW59oLZI7o8ND4QH9nwdk42FO9pya1veuhl
ggB9SVQLL3OBKzoROcfIE/+Zt/CxQUtVbAgz0syZQOXoCS413IcPRTZwAG0foGj7
QM2E4rY6lx6QmBlnx1Pi/F2LSSOpyaqg4QSKs9J359BXWts6Lv/OjR65qlApGLhy
8Ch9Fz0IQ2bAO9DerdcNkj7x8NWCIytf+FQCKwDDORBqZPFWHqf9GGUR0wIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFP+CS5ebjrhm+0XSJVkb5f9A14g0MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvXzRKTGw1dU91R2I3UmRJbFdSdmxfMERYaURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAl
ytsDBACX8B8DBACX8OUwDAMEAJfw6QMEAJfw7gMEAJfw8AMEAZfw9jAMAwQAl/D5
AwQBl/D8AwQAl/IJAwQAl/INMAwDBAGX8i4DBACX8jADBACX8jwDBACX8j4DBACX
8kADBACX8nkDBAGX8qYDBACX8sMDBACX84wDBACX9DsDBACX9HUwDQYJKoZIhvcN
AQELBQADggEBADACsV0Or2TnFbp2EHGkKVuouky+QL3Ei2393iiw3EV82pldZtxX
QpakOeKiQ6yCP8fs9+RHkJQbX5yCEopDPRhrdVfUKM8D1Z9sUZLOOJbLgXffiAL4
trw9RAy77S/tH6g3k4PEOFv2r6hsILWy8YKzaepb3fn44zE1ZeVnv/U45v3w35Nw
oZrY58857keDLZjdvgTUyxTfFKMCFWH3yl9tQLxgY7JNxBzsCrGYfbwBkXr3OL07
RkraEEDkweHfNHzCv9NXzb4NE7y4rc0uNsq9C1ghy1XJWUcguMB6/SpGUEptcaJ4
RSnKJZ/cJDik5Cm78Z99wTK+t3Gg08CV26s=
-----END CERTIFICATE-----
Generated at Tue Jun 10 15:58:20 2025 by rpki-client