Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hRKZkEaKdI8G9_MgSGDPqw5jUj8.roa
File: hRKZkEaKdI8G9_MgSGDPqw5jUj8.roa (raw, json)
Hash identifier: d5j/NF09E6MX+e8CVFVt3NV4c8q7rg8FABlXBb4XuhQ=
Subject key identifier: 85:12:99:90:46:8A:74:8F:06:F7:F3:20:48:60:CF:AB:0E:63:52:3F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194B5EF4E53E99978893931435A646530CA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hRKZkEaKdI8G9_MgSGDPqw5jUj8.roa
Signing time: Thu 30 Jan 2025 06:39:06 +0000
ROA not before: Thu 30 Jan 2025 06:39:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.195.0/24 maxlen: 24
37.202.196.0/24 maxlen: 24
37.202.197.0/24 maxlen: 24
37.202.198.0/24 maxlen: 24
37.202.199.0/24 maxlen: 24
37.202.200.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
151.243.16.0/20 maxlen: 20
151.243.246.0/24 maxlen: 24
151.243.247.0/24 maxlen: 24
151.243.248.0/24 maxlen: 24
151.243.249.0/24 maxlen: 24
151.243.250.0/24 maxlen: 24
151.243.251.0/24 maxlen: 24
151.243.252.0/24 maxlen: 24
151.243.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 08:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b5:ef:4e:53:e9:99:78:89:39:31:43:5a:64:65:30:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 30 06:39:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85129990468a748f06f7f3204860cfab0e63523f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:03:38:65:4a:59:e5:1b:35:30:af:5e:d5:b3:
69:87:59:1d:14:ad:19:2e:1e:54:83:0e:56:9f:61:
54:93:2e:34:6e:c2:7a:d2:d6:0a:33:95:c9:62:9f:
9d:0d:aa:1d:73:d4:4c:35:23:6f:ac:3c:e8:69:30:
9a:fd:b5:27:fa:96:fc:ea:f6:53:5d:63:02:dd:b7:
7c:9e:6c:ce:64:6c:1f:bb:5c:69:05:f5:46:36:2c:
20:be:05:34:95:4c:a8:cf:b7:85:2f:26:1e:ff:82:
83:76:a8:0d:21:b8:1a:11:98:c6:c1:0d:4e:6b:00:
b0:5e:e9:74:1e:50:0e:de:1f:24:53:db:de:bd:7e:
76:05:59:e0:e1:06:cc:77:a0:1a:1c:cb:2e:61:f4:
91:3e:b2:b2:85:9f:fe:a5:2c:10:de:d3:36:45:a6:
81:d6:57:16:5c:21:b9:9c:ba:5b:b6:36:15:c7:f4:
e5:99:a8:5d:56:5c:5c:d9:40:b9:e6:b3:40:c4:38:
1f:29:74:09:81:e6:8d:6f:6f:8d:79:ca:bf:14:21:
1a:2c:62:c8:70:a7:21:bb:8a:b3:5f:a0:b3:8e:e1:
c5:f2:f1:c3:44:b7:49:6b:4f:ae:e7:f6:5f:97:0b:
0b:0b:94:ca:60:8f:a2:15:4d:d9:b9:04:e6:39:6f:
67:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:12:99:90:46:8A:74:8F:06:F7:F3:20:48:60:CF:AB:0E:63:52:3F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hRKZkEaKdI8G9_MgSGDPqw5jUj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.195.0-37.202.201.255
151.243.16.0/20
151.243.246.0-151.243.253.255
Signature Algorithm: sha256WithRSAEncryption
ac:00:94:0c:38:50:88:18:28:b0:99:da:16:dd:32:0d:94:cd:
29:85:f7:e6:0e:d7:a2:ff:d3:6e:fe:30:78:c8:2d:59:b7:4a:
09:af:81:34:c6:e6:ca:f8:b3:b3:0b:44:06:4e:ee:89:e0:1f:
48:2d:76:49:33:88:1c:ce:58:bb:72:da:79:7e:69:5d:91:5a:
55:13:76:56:ae:d2:0b:74:36:fb:0f:57:04:56:d1:cd:01:bc:
2e:59:fc:9d:30:ed:38:bb:fd:e2:14:d6:af:b0:0b:d5:f2:13:
db:a6:26:4c:bb:8b:9f:d4:ff:33:84:a7:fb:b6:f2:1e:e4:60:
42:5c:00:9b:56:ef:79:d9:5d:92:c5:23:85:6e:94:58:07:89:
53:ca:ca:bd:69:82:cb:90:f5:5f:7d:51:23:fe:6d:d9:1d:2a:
1e:6e:66:40:8a:52:92:76:5b:18:6e:00:d1:5b:08:66:26:23:
a4:0c:7c:a7:99:5f:06:9d:9c:04:9e:37:62:f9:3f:97:2f:a7:
c2:cd:f7:0d:64:99:8d:5f:8a:b4:e0:47:7c:9c:75:30:25:bd:
e2:d0:7e:70:8c:7f:1d:61:e0:c5:19:fe:5b:f3:a5:63:30:f0:
8c:cc:d7:b1:0a:5f:a2:ee:f7:5b:de:48:60:59:ab:8a:84:20:
c4:16:2c:1c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZS1705T6Zl4iTkxQ1pkZTDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTMwMDYzOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTEyOTk5MDQ2OGE3NDhmMDZmN2YzMjA0ODYwY2ZhYjBlNjM1MjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAM4ZUpZ5Rs1MK9e1bNph1kdFK0Z
Lh5Ugw5Wn2FUky40bsJ60tYKM5XJYp+dDaodc9RMNSNvrDzoaTCa/bUn+pb86vZT
XWMC3bd8nmzOZGwfu1xpBfVGNiwgvgU0lUyoz7eFLyYe/4KDdqgNIbgaEZjGwQ1O
awCwXul0HlAO3h8kU9vevX52BVng4QbMd6AaHMsuYfSRPrKyhZ/+pSwQ3tM2RaaB
1lcWXCG5nLpbtjYVx/TlmahdVlxc2UC55rNAxDgfKXQJgeaNb2+Necq/FCEaLGLI
cKchu4qzX6CzjuHF8vHDRLdJa0+u5/ZflwsLC5TKYI+iFU3ZuQTmOW9nFwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIUSmZBGinSPBvfzIEhgz6sOY1I/MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvaFJLWmtFYUtkSThHOV9NZ1NHRFBxdzVqVWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAJcrBMAwD
BAAlysMDBAElysgDBASX8xAwDAMEAZfz9gMEAZfz/DANBgkqhkiG9w0BAQsFAAOC
AQEArACUDDhQiBgosJnaFt0yDZTNKYX35g7Xov/Tbv4weMgtWbdKCa+BNMbmyviz
swtEBk7uieAfSC12STOIHM5Yu3LaeX5pXZFaVRN2Vq7SC3Q2+w9XBFbRzQG8Lln8
nTDtOLv94hTWr7AL1fIT26YmTLuLn9T/M4Sn+7byHuRgQlwAm1bvedldksUjhW6U
WAeJU8rKvWmCy5D1X31RI/5t2R0qHm5mQIpSknZbGG4A0VsIZiYjpAx8p5lfBp2c
BJ43Yvk/ly+nws33DWSZjV+KtOBHfJx1MCW94tB+cIx/HWHgxRn+W/OlYzDwjMzX
sQpfou73W95IYFmrioQgxBYsHA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:41:37 2025 by rpki-client