Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/eWkWw9LTdfwOs4Xo4nElYyyZQ_4.roa
File: eWkWw9LTdfwOs4Xo4nElYyyZQ_4.roa (raw, json)
Hash identifier: TpVCXgZaySWJlMKnmpIy1icnaU0ii7SfJ9Wg86ttFZY=
Subject key identifier: 79:69:16:C3:D2:D3:75:FC:0E:B3:85:E8:E2:71:25:63:2C:99:43:FE
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019475093A9BDA2352666265137AA42154B2
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/eWkWw9LTdfwOs4Xo4nElYyyZQ_4.roa
Signing time: Fri 17 Jan 2025 16:12:06 +0000
ROA not before: Fri 17 Jan 2025 16:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.202.204.0/24 maxlen: 24
37.202.205.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.20.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
151.243.222.0/24 maxlen: 24
151.243.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 04:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:75:09:3a:9b:da:23:52:66:62:65:13:7a:a4:21:54:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 17 16:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=796916c3d2d375fc0eb385e8e27125632c9943fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:95:9e:a4:fe:fb:fc:dd:62:9f:fe:0e:c2:42:
10:37:3b:9e:67:e4:9b:48:d2:4b:46:84:d0:f1:f1:
61:48:5a:65:73:31:aa:36:95:b9:02:10:fc:a7:2f:
37:50:f6:bf:a8:1c:70:d0:16:2f:cc:42:29:8c:e3:
48:52:f7:93:9e:36:20:80:ca:20:c4:0a:27:3b:6d:
73:94:c4:37:3f:64:8a:3a:cb:1f:13:3a:6d:e6:e3:
e6:5d:78:1e:e6:b2:58:29:b5:44:e0:66:37:42:a1:
ea:4f:f3:3c:2f:ee:6b:37:d1:d8:0f:49:84:c7:c2:
bf:39:be:3f:e2:98:01:41:5c:ff:af:21:1a:a4:9f:
09:8e:a4:35:75:68:3d:ba:6b:b6:ba:16:54:7e:dc:
f7:2e:7c:f6:b7:43:da:9d:37:40:73:e1:1c:89:43:
e6:75:b2:45:29:36:2f:99:83:32:c6:94:b7:30:89:
d3:83:16:f0:09:18:04:cb:82:7e:c0:4e:50:62:c2:
ae:0e:e0:d2:8f:77:fe:eb:e4:0c:8b:bf:11:3c:8f:
ae:01:aa:41:d1:41:b6:d6:56:fd:88:dc:b8:ee:ff:
4d:ba:8c:25:7a:44:bd:c7:67:69:28:9d:7d:be:10:
41:f6:9d:a2:da:3c:ba:ec:89:b5:24:3c:16:e2:bd:
04:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:69:16:C3:D2:D3:75:FC:0E:B3:85:E8:E2:71:25:63:2C:99:43:FE
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/eWkWw9LTdfwOs4Xo4nElYyyZQ_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.204.0/23
37.202.208.0-37.202.210.255
37.202.212.0/23
151.242.14.0/24
151.242.20.0/24
151.243.162.0/24
151.243.222.0/24
151.243.254.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:55:9d:db:e9:ae:e4:8b:71:ed:d1:73:18:25:2e:84:8d:8c:
4a:5f:c9:88:b4:37:96:e0:a1:98:26:c2:0b:14:be:e2:b8:4b:
c4:79:e6:ed:58:ff:22:9d:df:2f:dd:21:89:11:79:33:79:29:
2b:c7:01:7d:c9:71:bc:8c:c7:be:cc:77:06:20:01:82:b5:14:
1f:f8:28:92:4b:d1:15:5e:90:e1:86:ea:c3:d5:e5:a9:cd:8f:
b4:a2:09:0e:da:6b:04:84:50:7a:e7:63:3d:26:64:b6:a2:93:
a4:bb:31:a6:26:d5:c4:26:88:73:14:70:81:b4:da:8f:1a:90:
52:f9:92:2e:b2:e4:f9:af:03:01:d2:9a:b4:9c:f5:97:81:0b:
98:d7:31:ab:fb:00:59:eb:14:77:36:f1:55:58:5e:a6:8a:b0:
ea:69:19:96:25:27:25:02:d0:87:5c:9b:ad:59:77:ef:2e:3b:
c7:3a:6c:02:c3:49:a2:1b:4d:6e:af:67:0b:a8:0f:be:ff:c2:
b8:a1:06:99:96:5e:65:c9:6c:06:5f:ea:5b:81:7d:3d:68:8d:
9c:23:7c:ff:0d:82:78:1a:54:f8:4a:37:54:0b:6c:cb:50:0e:
4f:91:25:92:43:3b:89:db:38:9a:95:8b:c5:6e:72:b1:67:46:
dd:a8:cf:a3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZR1CTqb2iNSZmJlE3qkIVSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTE3MTYxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTY5MTZjM2QyZDM3NWZjMGViMzg1ZThlMjcxMjU2MzJjOTk0M2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5WepP77/N1in/4OwkIQNzueZ+Sb
SNJLRoTQ8fFhSFplczGqNpW5AhD8py83UPa/qBxw0BYvzEIpjONIUveTnjYggMog
xAonO21zlMQ3P2SKOssfEzpt5uPmXXge5rJYKbVE4GY3QqHqT/M8L+5rN9HYD0mE
x8K/Ob4/4pgBQVz/ryEapJ8JjqQ1dWg9umu2uhZUftz3Lnz2t0PanTdAc+EciUPm
dbJFKTYvmYMyxpS3MInTgxbwCRgEy4J+wE5QYsKuDuDSj3f+6+QMi78RPI+uAapB
0UG21lb9iNy47v9NuowlekS9x2dpKJ19vhBB9p2i2jy67Im1JDwW4r0ErQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHlpFsPS03X8DrOF6OJxJWMsmUP+MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZVdrV3c5TFRkZndPczRYbzRuRWxZeXlaUV80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBJcrMMAwD
BAQlytADBAAlytIDBAElytQDBACX8g4DBACX8hQDBACX86IDBACX894DBACX8/4w
DQYJKoZIhvcNAQELBQADggEBACtVndvpruSLce3RcxglLoSNjEpfyYi0N5bgoZgm
wgsUvuK4S8R55u1Y/yKd3y/dIYkReTN5KSvHAX3JcbyMx77MdwYgAYK1FB/4KJJL
0RVekOGG6sPV5anNj7SiCQ7aawSEUHrnYz0mZLaik6S7MaYm1cQmiHMUcIG02o8a
kFL5ki6y5PmvAwHSmrSc9ZeBC5jXMav7AFnrFHc28VVYXqaKsOppGZYlJyUC0Idc
m61Zd+8uO8c6bALDSaIbTW6vZwuoD77/wrihBpmWXmXJbAZf6luBfT1ojZwjfP8N
gngaVPhKN1QLbMtQDk+RJZJDO4nbOJqVi8VucrFnRt2oz6M=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:45:08 2025 by rpki-client