Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hP9ZCDC9Q0k9T4JSYCyHe-SokWI.roa
File: hP9ZCDC9Q0k9T4JSYCyHe-SokWI.roa (raw, json)
Hash identifier: zv7obNg9CUiHGJMebDw4b82eSG70vCVtpmcGKDABNlI=
Subject key identifier: 84:FF:59:08:30:BD:43:49:3D:4F:82:52:60:2C:87:7B:E4:A8:91:62
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7B3D61057F6D1CD533DD6D60217E7
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hP9ZCDC9Q0k9T4JSYCyHe-SokWI.roa
Signing time: Wed 01 Jan 2025 21:48:46 +0000
ROA not before: Wed 01 Jan 2025 21:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 37.202.220.0/24 maxlen: 24
37.202.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Jan 2025 06:55:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:b3:d6:10:57:f6:d1:cd:53:3d:d6:d6:02:17:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84ff590830bd43493d4f8252602c877be4a89162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3b:c6:69:bd:93:aa:bc:fd:9e:69:83:27:cc:
5f:d3:ca:60:ab:0e:fa:39:20:20:52:c2:a2:5d:06:
87:f5:e4:6d:dd:b2:4f:34:33:09:f5:42:5f:6f:d7:
fb:0b:41:86:9f:37:24:99:0b:fb:d4:a7:81:f1:50:
8a:2c:09:f2:57:bc:96:2d:f6:fd:55:b3:63:27:f4:
07:96:0c:df:6e:bd:7d:29:a8:fb:28:ce:07:e8:da:
33:92:f1:d8:2d:2a:27:6d:9c:bc:e1:c3:59:1b:2a:
98:4f:1f:e1:9d:ae:2e:ac:ce:88:ed:32:ce:c0:a1:
63:27:43:d1:a1:74:7c:41:eb:b9:a0:30:01:ed:7a:
7b:75:3f:40:6d:02:52:0f:2d:1e:fc:81:7c:9e:57:
6f:b8:b9:26:0a:2e:92:7c:e7:13:38:e7:f1:b2:09:
d7:32:e3:b6:97:e7:bd:6a:a5:b5:f8:d0:9e:b5:4b:
ed:10:db:e5:b0:50:79:9c:65:bb:3b:b4:5f:46:db:
55:68:a4:18:75:40:36:e5:31:55:99:26:8e:6d:3c:
de:d9:7b:c6:7b:b7:35:33:cd:1c:e5:ad:1f:25:e8:
6b:11:b8:20:dc:50:67:8b:36:97:4f:94:bf:4c:a9:
ce:d5:9f:21:5b:26:e8:21:56:50:06:b4:ac:26:0e:
cd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:FF:59:08:30:BD:43:49:3D:4F:82:52:60:2C:87:7B:E4:A8:91:62
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hP9ZCDC9Q0k9T4JSYCyHe-SokWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.220.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:8e:fc:1f:df:ae:73:f1:f6:58:67:3f:42:2e:fe:98:9d:98:
8c:8c:4e:b1:1d:09:14:4d:61:c7:9b:46:f5:85:7d:2e:48:e8:
48:4d:f7:a6:94:55:5c:42:b6:34:a2:13:99:ed:67:4d:41:03:
1a:1a:52:3e:7a:9c:17:24:78:9d:f1:2d:7d:bc:89:ad:b1:76:
fa:ab:fb:de:2f:19:a6:75:bb:8b:4f:b3:09:b1:18:ca:49:e9:
b5:00:e3:0e:3b:6a:6e:4e:bf:16:5f:d2:22:2a:04:38:fa:e6:
48:53:54:5b:02:8e:ff:ec:cd:3e:4e:e1:0a:a6:95:18:5c:79:
0e:42:2f:87:84:7c:24:fd:9b:36:eb:a9:80:5a:6f:77:43:d3:
84:86:c0:22:4c:2c:d6:22:ab:c7:3b:2a:58:da:8c:e9:e9:b9:
08:cd:e2:e2:d1:bd:cd:00:2c:4e:91:aa:86:31:e3:83:a1:46:
b5:cd:0d:f5:1a:59:52:48:0c:42:9a:b9:de:40:3a:90:5c:fd:
53:69:69:93:89:20:ce:a8:ae:72:b0:9e:11:14:1a:e1:9b:32:
17:e8:ac:e1:c5:d8:ac:41:9d:3a:96:c6:b9:8c:b2:a6:50:42:
a5:ae:db:02:e6:07:54:3d:3b:a0:ae:28:a5:b5:a8:25:22:9a:
1f:7e:2a:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj17PWEFf20c1TPdbWAhfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGZmNTkwODMwYmQ0MzQ5M2Q0ZjgyNTI2MDJjODc3YmU0YTg5MTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTvGab2Tqrz9nmmDJ8xf08pgqw76
OSAgUsKiXQaH9eRt3bJPNDMJ9UJfb9f7C0GGnzckmQv71KeB8VCKLAnyV7yWLfb9
VbNjJ/QHlgzfbr19Kaj7KM4H6NozkvHYLSonbZy84cNZGyqYTx/hna4urM6I7TLO
wKFjJ0PRoXR8Qeu5oDAB7Xp7dT9AbQJSDy0e/IF8nldvuLkmCi6SfOcTOOfxsgnX
MuO2l+e9aqW1+NCetUvtENvlsFB5nGW7O7RfRttVaKQYdUA25TFVmSaObTze2XvG
e7c1M80c5a0fJehrEbgg3FBnizaXT5S/TKnO1Z8hWyboIVZQBrSsJg7NOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIT/WQgwvUNJPU+CUmAsh3vkqJFiMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvaFA5WkNEQzlRMGs5VDRKU1lDeUhlLVNva1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJcrcMA0G
CSqGSIb3DQEBCwUAA4IBAQA9jvwf365z8fZYZz9CLv6YnZiMjE6xHQkUTWHHm0b1
hX0uSOhITfemlFVcQrY0ohOZ7WdNQQMaGlI+epwXJHid8S19vImtsXb6q/veLxmm
dbuLT7MJsRjKSem1AOMOO2puTr8WX9IiKgQ4+uZIU1RbAo7/7M0+TuEKppUYXHkO
Qi+HhHwk/Zs266mAWm93Q9OEhsAiTCzWIqvHOypY2ozp6bkIzeLi0b3NACxOkaqG
MeODoUa1zQ31GllSSAxCmrneQDqQXP1TaWmTiSDOqK5ysJ4RFBrhmzIX6Kzhxdis
QZ06lsa5jLKmUEKlrtsC5gdUPTugriiltaglIpoffir9
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:04:56 2025 by rpki-client