Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nfkJ-MgPOXAL1BSZzYx2NUa2JDA.roa
File: nfkJ-MgPOXAL1BSZzYx2NUa2JDA.roa (raw, json)
Hash identifier: S8QR37og1TPs2SaUIITU3jfJFJgO2CqhKqPF8S/j1Vk=
Subject key identifier: 9D:F9:09:F8:C8:0F:39:70:0B:D4:14:99:CD:8C:76:35:46:B6:24:30
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019681C2364546F856B523CE136470EACE4C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nfkJ-MgPOXAL1BSZzYx2NUa2JDA.roa
Signing time: Tue 29 Apr 2025 13:35:10 +0000
ROA not before: Tue 29 Apr 2025 13:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 37.202.219.0/24 maxlen: 24
151.240.31.0/24 maxlen: 24
151.240.226.0/24 maxlen: 24
151.240.227.0/24 maxlen: 24
151.240.228.0/24 maxlen: 24
151.240.229.0/24 maxlen: 24
151.240.230.0/24 maxlen: 24
151.240.231.0/24 maxlen: 24
151.240.232.0/24 maxlen: 24
151.240.233.0/24 maxlen: 24
151.240.234.0/24 maxlen: 24
151.240.235.0/24 maxlen: 24
151.240.236.0/24 maxlen: 24
151.240.237.0/24 maxlen: 24
151.240.238.0/24 maxlen: 24
151.240.239.0/24 maxlen: 24
151.240.240.0/24 maxlen: 24
151.240.241.0/24 maxlen: 24
151.240.242.0/24 maxlen: 24
151.240.243.0/24 maxlen: 24
151.240.244.0/24 maxlen: 24
151.240.245.0/24 maxlen: 24
151.240.246.0/24 maxlen: 24
151.240.247.0/24 maxlen: 24
151.240.249.0/24 maxlen: 24
151.240.250.0/24 maxlen: 24
151.240.251.0/24 maxlen: 24
151.240.252.0/24 maxlen: 24
151.240.253.0/24 maxlen: 24
151.242.9.0/24 maxlen: 24
151.242.13.0/24 maxlen: 24
151.242.46.0/24 maxlen: 24
151.242.47.0/24 maxlen: 24
151.242.48.0/24 maxlen: 24
151.242.60.0/24 maxlen: 24
151.242.62.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.121.0/24 maxlen: 24
151.242.166.0/23 maxlen: 24
151.242.195.0/24 maxlen: 24
151.243.140.0/24 maxlen: 24
151.244.59.0/24 maxlen: 24
151.244.116.0/24 maxlen: 24
151.244.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 04:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:c2:36:45:46:f8:56:b5:23:ce:13:64:70:ea:ce:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 29 13:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9df909f8c80f39700bd41499cd8c763546b62430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:15:f5:8d:ba:70:20:d8:66:ef:ff:20:45:f1:
9d:49:aa:9d:ef:6d:ff:aa:97:99:19:54:fa:65:66:
3f:4e:f0:9a:ac:1a:91:c8:fc:b9:03:69:0c:fb:c0:
25:8f:be:ab:d8:c2:89:4a:08:7a:42:ae:44:ac:83:
91:81:71:03:eb:31:6c:20:02:1d:04:85:45:89:6e:
72:c0:98:4b:81:1f:65:ab:61:04:2b:aa:e3:4f:7b:
3b:c4:51:9e:ec:99:61:e8:7f:1b:df:8a:8f:29:2d:
30:b7:de:4b:a2:4a:5e:30:5e:51:27:a6:2c:69:84:
2e:5d:3b:c1:34:5e:af:e5:8b:30:bc:06:79:35:22:
9a:3c:20:f5:67:53:a1:03:88:a3:33:7d:d8:9a:58:
46:c5:74:f7:9b:a7:59:c1:60:7b:15:80:09:ee:80:
42:34:8c:8a:b2:40:85:2c:82:f4:ed:d6:4e:3c:55:
af:14:97:8a:6a:64:19:f6:41:a3:91:49:e2:ab:4a:
66:0d:82:49:b2:87:6e:05:1f:31:92:5c:ed:bc:7c:
81:2a:66:27:d7:b5:ca:af:10:ed:0f:5a:b3:a8:8e:
4d:76:1f:22:48:f9:dd:fc:e5:93:b8:af:b0:59:71:
cc:bb:ec:5a:91:6c:23:ed:c2:c0:16:bb:d2:16:83:
ff:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F9:09:F8:C8:0F:39:70:0B:D4:14:99:CD:8C:76:35:46:B6:24:30
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nfkJ-MgPOXAL1BSZzYx2NUa2JDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.219.0/24
151.240.31.0/24
151.240.226.0-151.240.247.255
151.240.249.0-151.240.253.255
151.242.9.0/24
151.242.13.0/24
151.242.46.0-151.242.48.255
151.242.60.0/24
151.242.62.0/24
151.242.64.0/24
151.242.121.0/24
151.242.166.0/23
151.242.195.0/24
151.243.140.0/24
151.244.59.0/24
151.244.116.0/23
Signature Algorithm: sha256WithRSAEncryption
43:e6:c2:ec:3a:23:53:47:85:73:ca:34:2b:2d:fb:af:c2:78:
2d:d8:2f:43:42:9c:02:58:53:93:6f:81:3e:5a:35:bf:92:a4:
42:c4:11:37:ad:67:22:35:ba:f8:22:e8:f8:25:71:72:c7:a0:
4e:0e:66:6e:2c:05:3b:96:45:dc:58:36:16:69:51:4d:b3:69:
fe:58:03:d5:85:3e:4d:7f:45:83:0d:f9:30:6c:e9:c4:bd:4a:
61:c8:6a:94:5a:d9:57:fd:74:7c:3c:98:0e:23:f1:cf:36:f1:
28:77:6c:8f:6c:52:b4:fd:3c:05:d6:4a:a0:13:4e:6e:32:a0:
4a:0f:bb:9c:2e:e0:8a:4a:8c:82:5f:8a:a6:f9:b6:39:9e:bd:
a7:11:e7:97:67:df:2d:86:9e:e4:bc:0d:7a:67:01:9e:f2:9f:
f3:20:8c:74:b4:b1:26:74:40:88:ff:c5:0c:c7:06:0a:37:b1:
87:87:4b:3e:52:7b:47:85:4b:18:e3:39:9e:db:ff:91:ce:52:
c2:cc:0f:81:3b:48:37:ce:15:ce:7e:ca:7e:62:4d:70:97:38:
a1:b2:39:ec:18:ae:9d:e8:0a:04:cc:24:a2:7a:81:d0:81:93:
a1:d6:38:3f:13:b4:75:2c:59:bd:28:1e:34:ed:0b:17:bc:ac:
6a:9b:ac:38
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZaBwjZFRvhWtSPOE2Rw6s5MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI5MTMzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGY5MDlmOGM4MGYzOTcwMGJkNDE0OTljZDhjNzYzNTQ2YjYyNDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRX1jbpwINhm7/8gRfGdSaqd723/
qpeZGVT6ZWY/TvCarBqRyPy5A2kM+8Alj76r2MKJSgh6Qq5ErIORgXED6zFsIAId
BIVFiW5ywJhLgR9lq2EEK6rjT3s7xFGe7Jlh6H8b34qPKS0wt95LokpeMF5RJ6Ys
aYQuXTvBNF6v5YswvAZ5NSKaPCD1Z1OhA4ijM33YmlhGxXT3m6dZwWB7FYAJ7oBC
NIyKskCFLIL07dZOPFWvFJeKamQZ9kGjkUniq0pmDYJJsoduBR8xklztvHyBKmYn
17XKrxDtD1qzqI5Ndh8iSPnd/OWTuK+wWXHMu+xakWwj7cLAFrvSFoP/ywIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFJ35CfjIDzlwC9QUmc2MdjVGtiQwMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbmZrSi1NZ1BPWEFMMUJTWnpZeDJOVWEySkRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAJcrb
AwQAl/AfMAwDBAGX8OIDBAOX8PAwDAMEAJfw+QMEAZfw/AMEAJfyCQMEAJfyDTAM
AwQBl/IuAwQAl/IwAwQAl/I8AwQAl/I+AwQAl/JAAwQAl/J5AwQBl/KmAwQAl/LD
AwQAl/OMAwQAl/Q7AwQBl/R0MA0GCSqGSIb3DQEBCwUAA4IBAQBD5sLsOiNTR4Vz
yjQrLfuvwngt2C9DQpwCWFOTb4E+WjW/kqRCxBE3rWciNbr4Iuj4JXFyx6BODmZu
LAU7lkXcWDYWaVFNs2n+WAPVhT5Nf0WDDfkwbOnEvUphyGqUWtlX/XR8PJgOI/HP
NvEod2yPbFK0/TwF1kqgE05uMqBKD7ucLuCKSoyCX4qm+bY5nr2nEeeXZ98thp7k
vA16ZwGe8p/zIIx0tLEmdECI/8UMxwYKN7GHh0s+UntHhUsY4zme2/+RzlLCzA+B
O0g3zhXOfsp+Yk1wlzihsjnsGK6d6AoEzCSieoHQgZOh1jg/E7R1LFm9KB407QsX
vKxqm6w4
-----END CERTIFICATE-----
Generated at Sat Jun 7 06:16:02 2025 by rpki-client