Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lZcDDKxXjJrI_Ezjf2r92YRK4X8.roa
File: lZcDDKxXjJrI_Ezjf2r92YRK4X8.roa (raw, json)
Hash identifier: VFVwLQLuO9YiYk95HA9qb7SX4S9Cv2QXA5/3lHJeMPM=
Subject key identifier: 95:97:03:0C:AC:57:8C:9A:C8:FC:4C:E3:7F:6A:FD:D9:84:4A:E1:7F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01968028F7A5F52B313786DBEFE147B45A87
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lZcDDKxXjJrI_Ezjf2r92YRK4X8.roa
Signing time: Tue 29 Apr 2025 06:08:10 +0000
ROA not before: Tue 29 Apr 2025 06:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 37.202.219.0/24 maxlen: 24
151.240.31.0/24 maxlen: 24
151.240.226.0/24 maxlen: 24
151.240.227.0/24 maxlen: 24
151.240.228.0/24 maxlen: 24
151.240.229.0/24 maxlen: 24
151.240.230.0/24 maxlen: 24
151.240.231.0/24 maxlen: 24
151.240.232.0/24 maxlen: 24
151.240.233.0/24 maxlen: 24
151.240.234.0/24 maxlen: 24
151.240.235.0/24 maxlen: 24
151.240.236.0/24 maxlen: 24
151.240.237.0/24 maxlen: 24
151.240.238.0/24 maxlen: 24
151.240.239.0/24 maxlen: 24
151.240.240.0/24 maxlen: 24
151.240.241.0/24 maxlen: 24
151.240.242.0/24 maxlen: 24
151.240.243.0/24 maxlen: 24
151.240.244.0/24 maxlen: 24
151.240.245.0/24 maxlen: 24
151.240.246.0/24 maxlen: 24
151.240.247.0/24 maxlen: 24
151.240.249.0/24 maxlen: 24
151.240.250.0/24 maxlen: 24
151.240.251.0/24 maxlen: 24
151.240.252.0/24 maxlen: 24
151.240.253.0/24 maxlen: 24
151.242.9.0/24 maxlen: 24
151.242.13.0/24 maxlen: 24
151.242.46.0/24 maxlen: 24
151.242.47.0/24 maxlen: 24
151.242.48.0/24 maxlen: 24
151.242.60.0/24 maxlen: 24
151.242.62.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.121.0/24 maxlen: 24
151.242.166.0/23 maxlen: 24
151.242.195.0/24 maxlen: 24
151.243.57.0/24 maxlen: 24
151.243.80.0/24 maxlen: 24
151.243.140.0/24 maxlen: 24
151.243.164.0/24 maxlen: 24
151.244.59.0/24 maxlen: 24
151.244.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Apr 2025 06:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:28:f7:a5:f5:2b:31:37:86:db:ef:e1:47:b4:5a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 29 06:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9597030cac578c9ac8fc4ce37f6afdd9844ae17f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b1:99:45:d9:09:99:d1:96:6d:bc:1c:02:b4:
b2:c8:04:0f:78:f8:e4:94:cf:f1:25:67:38:ee:49:
f1:2c:c9:a6:1e:89:fb:54:69:09:44:ec:10:b3:81:
49:49:c2:98:fe:d8:ac:ce:50:52:be:34:45:fc:91:
e8:91:b1:02:e5:3f:c0:f0:41:5e:02:f1:13:0c:e1:
fa:b5:88:4d:64:7e:9f:18:63:bc:05:d6:c2:10:3b:
0d:15:62:2e:51:36:c5:76:08:81:06:9c:5f:31:77:
6e:38:3a:b6:3e:d1:cb:01:ca:6f:52:1b:44:0e:71:
ea:e5:1b:f7:c4:b7:53:ff:f8:c6:db:ad:2b:29:68:
ef:c0:bf:38:63:36:e8:85:2c:1d:e4:57:06:06:bd:
06:97:5e:3e:46:0a:4f:84:dd:7b:65:ac:ab:74:dc:
c0:50:e7:b0:a6:ed:b8:df:91:07:b2:f0:a6:6f:5b:
9d:b2:54:dd:31:64:01:eb:59:7e:0d:26:a1:c3:da:
21:38:77:d8:21:9c:7b:82:65:a8:3c:46:b7:b4:35:
8a:89:96:fe:92:78:67:bf:12:67:cd:7c:b0:6c:f0:
72:a1:e0:dc:2a:ce:c2:c3:73:46:4d:b0:69:c3:88:
08:da:ef:33:1c:9f:32:1a:5d:af:bb:9b:3a:4f:b9:
b1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:97:03:0C:AC:57:8C:9A:C8:FC:4C:E3:7F:6A:FD:D9:84:4A:E1:7F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lZcDDKxXjJrI_Ezjf2r92YRK4X8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.219.0/24
151.240.31.0/24
151.240.226.0-151.240.247.255
151.240.249.0-151.240.253.255
151.242.9.0/24
151.242.13.0/24
151.242.46.0-151.242.48.255
151.242.60.0/24
151.242.62.0/24
151.242.64.0/24
151.242.121.0/24
151.242.166.0/23
151.242.195.0/24
151.243.57.0/24
151.243.80.0/24
151.243.140.0/24
151.243.164.0/24
151.244.59.0/24
151.244.117.0/24
Signature Algorithm: sha256WithRSAEncryption
73:ee:27:a7:4e:b5:e7:2f:40:bf:c7:6c:36:bf:ac:da:2e:46:
6b:ac:11:6e:aa:ad:1b:3f:58:a1:41:3c:35:05:48:3d:2c:8c:
58:ab:47:9a:aa:53:72:a6:d9:1d:8a:57:2e:de:89:9a:bb:b5:
01:2a:82:55:53:d5:d7:d7:ba:68:17:66:09:96:8b:5f:16:7e:
cd:fc:af:19:68:00:4c:f5:9f:e1:26:06:60:95:e2:da:3d:44:
9d:0f:49:3d:2d:11:af:e8:45:fe:e9:d1:4c:8d:6c:2f:32:64:
5d:1c:42:01:c5:2d:4f:67:ca:ad:ba:35:82:23:88:bb:36:72:
b3:ff:74:31:6b:0e:1b:c3:f1:02:b9:f8:6b:68:6e:45:23:c4:
58:06:e6:5b:ac:f0:63:7e:d0:fe:96:bb:e7:ee:05:f1:94:83:
af:9a:c8:83:1d:91:23:03:62:af:ec:6b:c6:04:89:a0:58:ab:
60:0e:51:01:b5:f9:65:c8:3f:44:ce:ec:b5:52:11:b5:96:8a:
62:f1:d6:31:df:e4:4d:7e:0f:13:da:0f:66:a2:6c:a2:a6:4c:
a7:80:a6:b7:fe:9e:8b:f6:f6:51:46:e1:74:e3:ef:11:a3:8d:
d9:3f:61:b2:19:60:62:b5:de:d2:ca:c7:66:aa:8c:60:ed:36:
37:7f:c2:ec
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZaAKPel9SsxN4bb7+FHtFqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI5MDYwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTk3MDMwY2FjNTc4YzlhYzhmYzRjZTM3ZjZhZmRkOTg0NGFlMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bGZRdkJmdGWbbwcArSyyAQPePjk
lM/xJWc47knxLMmmHon7VGkJROwQs4FJScKY/tiszlBSvjRF/JHokbEC5T/A8EFe
AvETDOH6tYhNZH6fGGO8BdbCEDsNFWIuUTbFdgiBBpxfMXduODq2PtHLAcpvUhtE
DnHq5Rv3xLdT//jG260rKWjvwL84YzbohSwd5FcGBr0Gl14+RgpPhN17ZayrdNzA
UOewpu2435EHsvCmb1udslTdMWQB61l+DSahw9ohOHfYIZx7gmWoPEa3tDWKiZb+
knhnvxJnzXywbPByoeDcKs7Cw3NGTbBpw4gI2u8zHJ8yGl2vu5s6T7mxyQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFJWXAwysV4yayPxM439q/dmESuF/MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbFpjRERLeFhqSnJJX0V6amYycjkyWVJLNFg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAl
ytsDBACX8B8wDAMEAZfw4gMEA5fw8DAMAwQAl/D5AwQBl/D8AwQAl/IJAwQAl/IN
MAwDBAGX8i4DBACX8jADBACX8jwDBACX8j4DBACX8kADBACX8nkDBAGX8qYDBACX
8sMDBACX8zkDBACX81ADBACX84wDBACX86QDBACX9DsDBACX9HUwDQYJKoZIhvcN
AQELBQADggEBAHPuJ6dOtecvQL/HbDa/rNouRmusEW6qrRs/WKFBPDUFSD0sjFir
R5qqU3Km2R2KVy7eiZq7tQEqglVT1dfXumgXZgmWi18Wfs38rxloAEz1n+EmBmCV
4to9RJ0PST0tEa/oRf7p0UyNbC8yZF0cQgHFLU9nyq26NYIjiLs2crP/dDFrDhvD
8QK5+GtobkUjxFgG5lus8GN+0P6Wu+fuBfGUg6+ayIMdkSMDYq/sa8YEiaBYq2AO
UQG1+WXIP0TO7LVSEbWWimLx1jHf5E1+DxPaD2aibKKmTKeAprf+nov29lFG4XTj
7xGjjdk/YbIZYGK13tLKx2aqjGDtNjd/wuw=
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:01:23 2025 by rpki-client