Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/dictXmDQRu3xLyxOjCZo6qz-Dq8.roa
File: dictXmDQRu3xLyxOjCZo6qz-Dq8.roa (raw, json)
Hash identifier: ri7mWyMfNJ3LL2qhelRXrqa3kyvkM0j+qKDvCEhl7wQ=
Subject key identifier: 76:27:2D:5E:60:D0:46:ED:F1:2F:2C:4E:8C:26:68:EA:AC:FE:0E:AF
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7B09BCE784A12391F97684805682E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/dictXmDQRu3xLyxOjCZo6qz-Dq8.roa
Signing time: Wed 01 Jan 2025 21:48:45 +0000
ROA not before: Wed 01 Jan 2025 21:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214024
IP address blocks: 37.202.220.0/24 maxlen: 24
37.202.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Jan 2025 06:55:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:b0:9b:ce:78:4a:12:39:1f:97:68:48:05:68:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76272d5e60d046edf12f2c4e8c2668eaacfe0eaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1f:15:a8:43:eb:a2:2c:0d:8a:94:3a:e8:97:
10:6c:d0:eb:89:31:95:44:89:0a:53:00:e7:44:c1:
46:cd:eb:75:dd:f8:e5:5a:b5:d6:52:1c:5d:12:0e:
3f:5e:3b:3f:5d:63:38:41:0c:36:9e:13:55:54:ce:
4c:b8:61:c7:91:ed:30:47:00:d6:04:76:9f:34:f5:
97:1e:34:cf:55:ad:d8:65:8a:83:8d:6f:db:b0:9b:
d8:95:60:ee:e6:2c:c2:2d:9c:61:05:cd:1e:b4:8b:
ee:d9:94:72:27:76:be:70:5c:5b:85:ce:41:66:53:
88:5f:f2:dc:7e:5e:66:40:31:71:4f:2a:4c:17:ee:
3d:bf:9e:42:0f:19:64:ca:19:bd:67:05:11:3d:1c:
98:4f:63:76:b8:8f:b6:53:55:5d:78:5b:77:15:47:
79:bd:bd:0a:67:60:94:78:41:67:89:e7:a1:98:76:
a8:f1:64:13:a2:d4:d7:38:66:1e:f1:d1:37:30:c4:
78:46:55:ad:11:2f:2f:c7:26:0b:b6:7e:08:26:d2:
dc:72:bf:90:e7:93:8d:0f:69:b1:6f:8b:1d:03:cb:
93:47:a8:23:6d:b1:f3:2b:a0:8a:a7:b3:87:3b:3e:
41:79:5d:4b:06:f4:41:70:42:0f:08:10:41:0b:54:
5b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:27:2D:5E:60:D0:46:ED:F1:2F:2C:4E:8C:26:68:EA:AC:FE:0E:AF
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/dictXmDQRu3xLyxOjCZo6qz-Dq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.220.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:e6:b6:dd:79:f6:cd:31:6a:5c:56:98:c4:b6:d0:67:00:e8:
22:a4:59:6d:28:ba:3e:2e:e6:20:a1:0e:4e:34:8f:58:57:ac:
88:56:26:22:5e:4a:fe:6e:06:9c:25:63:31:f1:ad:d1:88:c4:
be:09:4d:05:af:f5:98:7b:8e:6f:b5:61:05:b1:23:db:b1:aa:
35:6c:70:a2:26:ff:ff:01:e5:a4:a4:9a:e8:b2:f7:5d:dc:f6:
3c:2a:da:91:cc:18:37:fd:3c:2e:75:08:87:ab:a2:ed:a3:bf:
15:30:b5:15:ca:4e:47:fc:53:fc:01:50:d4:68:1f:17:7a:f2:
91:6a:a4:b2:9e:10:41:a1:c4:67:10:b7:47:4e:c7:1e:8b:e2:
5e:af:7d:2a:d6:f0:20:77:2c:48:24:26:6c:81:7d:f0:da:6e:
30:9c:bf:62:38:1c:4a:11:82:a7:04:3c:44:b8:c7:0a:c8:d7:
04:4f:78:1a:b9:8d:69:5f:7f:4d:f1:71:12:54:7a:71:74:d8:
b5:4c:73:f7:d4:4b:58:b3:8d:d3:bc:e0:f9:7d:ba:20:36:d3:
81:ee:0e:60:32:ab:af:97:a9:ec:3d:50:57:55:56:e0:74:8f:
84:58:36:e1:71:80:95:3c:a6:db:de:c7:02:2b:53:8e:d3:2f:
67:7d:aa:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj17CbznhKEjkfl2hIBWguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjI3MmQ1ZTYwZDA0NmVkZjEyZjJjNGU4YzI2NjhlYWFjZmUwZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2x8VqEProiwNipQ66JcQbNDriTGV
RIkKUwDnRMFGzet13fjlWrXWUhxdEg4/Xjs/XWM4QQw2nhNVVM5MuGHHke0wRwDW
BHafNPWXHjTPVa3YZYqDjW/bsJvYlWDu5izCLZxhBc0etIvu2ZRyJ3a+cFxbhc5B
ZlOIX/Lcfl5mQDFxTypMF+49v55CDxlkyhm9ZwURPRyYT2N2uI+2U1VdeFt3FUd5
vb0KZ2CUeEFnieehmHao8WQTotTXOGYe8dE3MMR4RlWtES8vxyYLtn4IJtLccr+Q
55OND2mxb4sdA8uTR6gjbbHzK6CKp7OHOz5BeV1LBvRBcEIPCBBBC1RbKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHYnLV5g0Ebt8S8sTowmaOqs/g6vMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZGljdFhtRFFSdTN4THl4T2pDWm82cXotRHE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJcrcMA0G
CSqGSIb3DQEBCwUAA4IBAQCo5rbdefbNMWpcVpjEttBnAOgipFltKLo+LuYgoQ5O
NI9YV6yIViYiXkr+bgacJWMx8a3RiMS+CU0Fr/WYe45vtWEFsSPbsao1bHCiJv//
AeWkpJrosvdd3PY8KtqRzBg3/TwudQiHq6Lto78VMLUVyk5H/FP8AVDUaB8XevKR
aqSynhBBocRnELdHTscei+Jer30q1vAgdyxIJCZsgX3w2m4wnL9iOBxKEYKnBDxE
uMcKyNcET3gauY1pX39N8XESVHpxdNi1THP31EtYs43TvOD5fbogNtOB7g5gMquv
l6nsPVBXVVbgdI+EWDbhcYCVPKbb3scCK1OO0y9nfarO
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:10:45 2025 by rpki-client