Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/it7jPXDuRHY674-lnZp5IeyOnv4.roa
File: it7jPXDuRHY674-lnZp5IeyOnv4.roa (raw, json)
Hash identifier: hJHu1tmVv7X3QYs5sxNY7x22fO2nsWdPdppBGNeSHCo=
Subject key identifier: 8A:DE:E3:3D:70:EE:44:76:3A:EF:8F:A5:9D:9A:79:21:EC:8E:9E:FE
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196FE766AA7EF4057AF5128057843D19DF5
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/it7jPXDuRHY674-lnZp5IeyOnv4.roa
Signing time: Fri 23 May 2025 18:44:55 +0000
ROA not before: Fri 23 May 2025 18:44:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 37.202.203.0/24 maxlen: 24
151.240.1.0/24 maxlen: 24
151.240.9.0/24 maxlen: 24
151.240.10.0/24 maxlen: 24
151.240.77.0/24 maxlen: 24
151.241.18.0/24 maxlen: 24
151.242.202.0/23 maxlen: 23
151.243.206.0/23 maxlen: 23
151.243.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 May 2025 05:59:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fe:76:6a:a7:ef:40:57:af:51:28:05:78:43:d1:9d:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 23 18:44:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8adee33d70ee44763aef8fa59d9a7921ec8e9efe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:48:1b:92:7b:6e:12:19:7d:e0:7e:3c:65:b4:
ea:28:cc:f5:f1:d1:54:bf:ab:7b:7b:5f:68:59:cc:
2a:69:8e:35:ba:2b:82:fe:c0:b1:60:f5:8f:99:b2:
bd:28:08:be:34:27:75:bc:47:b6:c1:04:52:10:f6:
8a:10:79:bf:93:66:2f:7b:b9:ec:90:13:9b:4c:79:
b9:4b:00:48:b7:d4:71:a4:25:46:ed:05:ed:07:fa:
a2:a2:29:17:ff:b7:86:a4:a7:47:35:2c:51:a1:80:
e5:a2:5a:db:5a:f1:fd:51:cc:5c:7b:b6:ac:6b:83:
68:2d:5c:ea:54:1f:df:60:e5:89:02:0b:de:77:15:
4d:73:81:a6:10:36:de:07:11:2e:a1:d3:eb:4a:8c:
62:d1:d1:c8:4a:e8:14:09:0b:89:cd:ce:6c:cd:0e:
81:c2:f6:03:f2:e8:e8:ab:c7:57:1a:8d:20:37:1d:
fe:f1:ef:76:83:a2:43:93:5b:7d:e4:40:a9:10:c4:
51:a9:04:19:da:a9:16:74:23:79:a1:3d:a3:ac:3f:
4a:6b:b7:9c:8b:c8:84:60:36:78:11:ea:dd:6e:fe:
f0:84:71:41:5f:56:1b:db:5c:6b:7a:99:99:0d:60:
37:f4:83:7a:f4:5d:bc:90:3b:24:3f:67:b7:a2:bf:
09:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:DE:E3:3D:70:EE:44:76:3A:EF:8F:A5:9D:9A:79:21:EC:8E:9E:FE
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/it7jPXDuRHY674-lnZp5IeyOnv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.203.0/24
151.240.1.0/24
151.240.9.0-151.240.10.255
151.240.77.0/24
151.241.18.0/24
151.242.202.0/23
151.243.206.0/23
151.243.217.0/24
Signature Algorithm: sha256WithRSAEncryption
12:4e:f3:34:f8:d3:86:fe:42:a7:b6:1f:8d:87:b0:fd:49:95:
60:aa:5c:70:12:05:90:49:dd:17:ee:06:ac:a6:f9:21:41:26:
72:21:9c:8c:7e:06:40:58:bd:55:0d:0a:56:8c:24:61:50:94:
15:46:10:00:3a:08:1e:b9:c4:c0:f8:e4:6b:65:84:b9:62:e5:
f0:be:b3:ef:fa:53:91:3d:31:7c:be:86:fa:32:50:2c:32:bb:
63:38:1b:98:12:02:58:78:1f:6a:b0:d0:fe:44:a3:7d:f5:1e:
1a:91:e8:ca:14:06:46:f0:00:dc:c5:21:eb:95:09:17:d0:25:
4f:49:d8:66:08:33:94:3b:2c:9a:78:fc:52:75:53:86:9b:91:
fb:94:da:9a:b6:89:c0:0b:04:a5:44:d0:2c:41:4c:d6:d8:57:
c0:91:c2:6e:05:9e:03:05:ad:68:26:3c:ac:9d:0f:6f:a5:f5:
a5:53:ef:19:b0:41:07:70:30:16:7c:2f:1a:85:8d:18:7d:0a:
e8:fe:25:96:8a:43:e8:a8:a7:31:e5:ab:6d:bd:fd:36:b1:fa:
cb:97:17:32:82:c2:28:49:2f:b2:ee:74:8b:a1:e8:55:5d:6f:
31:31:69:e3:4c:8d:aa:0c:8b:e9:1a:d5:21:87:45:f3:87:c9:
16:1f:85:f4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZb+dmqn70BXr1EoBXhD0Z31MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTIzMTg0NDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWRlZTMzZDcwZWU0NDc2M2FlZjhmYTU5ZDlhNzkyMWVjOGU5ZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkgbkntuEhl94H48ZbTqKMz18dFU
v6t7e19oWcwqaY41uiuC/sCxYPWPmbK9KAi+NCd1vEe2wQRSEPaKEHm/k2Yve7ns
kBObTHm5SwBIt9RxpCVG7QXtB/qioikX/7eGpKdHNSxRoYDlolrbWvH9Ucxce7as
a4NoLVzqVB/fYOWJAgvedxVNc4GmEDbeBxEuodPrSoxi0dHISugUCQuJzc5szQ6B
wvYD8ujoq8dXGo0gNx3+8e92g6JDk1t95ECpEMRRqQQZ2qkWdCN5oT2jrD9Ka7ec
i8iEYDZ4Eerdbv7whHFBX1Yb21xrepmZDWA39IN69F28kDskP2e3or8JCQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIre4z1w7kR2Ou+PpZ2aeSHsjp7+MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvaXQ3alBYRHVSSFk2NzQtbG5acDVJZXlPbnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAJcrLAwQA
l/ABMAwDBACX8AkDBACX8AoDBACX8E0DBACX8RIDBAGX8soDBAGX884DBACX89kw
DQYJKoZIhvcNAQELBQADggEBABJO8zT404b+Qqe2H42HsP1JlWCqXHASBZBJ3Rfu
Bqym+SFBJnIhnIx+BkBYvVUNClaMJGFQlBVGEAA6CB65xMD45GtlhLli5fC+s+/6
U5E9MXy+hvoyUCwyu2M4G5gSAlh4H2qw0P5Eo331HhqR6MoUBkbwANzFIeuVCRfQ
JU9J2GYIM5Q7LJp4/FJ1U4abkfuU2pq2icALBKVE0CxBTNbYV8CRwm4FngMFrWgm
PKydD2+l9aVT7xmwQQdwMBZ8LxqFjRh9Cuj+JZaKQ+iopzHlq229/Tax+suXFzKC
wihJL7LudIuh6FVdbzExaeNMjaoMi+ka1SGHRfOHyRYfhfQ=
-----END CERTIFICATE-----
Generated at Fri Jun 6 20:54:31 2025 by rpki-client