Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oLHWgV9FK0m1wRSVL56eLJ4dSJE.roa
File: oLHWgV9FK0m1wRSVL56eLJ4dSJE.roa (raw, json)
Hash identifier: MT7dhmvEOZ/pbluzXEaXeqI8KsgH5ZMgzr4+uS9EsvE=
Subject key identifier: A0:B1:D6:81:5F:45:2B:49:B5:C1:14:95:2F:9E:9E:2C:9E:1D:48:91
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019531B5C3E705AEE8F9DECC7AD524E2F29C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oLHWgV9FK0m1wRSVL56eLJ4dSJE.roa
Signing time: Sun 23 Feb 2025 07:29:10 +0000
ROA not before: Sun 23 Feb 2025 07:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.202.205.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.209.0/24 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.240.105.0/24 maxlen: 24
151.240.140.0/24 maxlen: 24
151.241.110.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.20.0/24 maxlen: 24
151.242.110.0/24 maxlen: 24
151.243.83.0/24 maxlen: 24
151.243.104.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
151.243.212.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Mar 2025 04:16:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:31:b5:c3:e7:05:ae:e8:f9:de:cc:7a:d5:24:e2:f2:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 23 07:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0b1d6815f452b49b5c114952f9e9e2c9e1d4891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c1:21:97:bb:84:94:3b:14:c2:8b:a7:22:94:
27:40:bb:d5:10:4b:dc:3b:59:14:e4:bc:7f:27:3f:
db:7e:b6:de:56:98:60:bf:80:eb:88:77:50:7b:a7:
55:49:60:c0:ba:3c:c6:bf:a1:7b:92:98:78:bc:bb:
52:6b:f1:46:bb:d0:28:2b:95:c4:9b:c6:35:59:0c:
28:60:06:bc:a1:da:3b:d0:bd:97:db:96:79:d9:7c:
18:57:fd:5c:4a:de:3d:65:13:d2:6a:c0:80:fc:72:
ec:70:33:6a:cf:bd:87:af:ef:ba:81:25:bc:bd:12:
ee:ff:3a:3e:22:2d:b1:17:d8:b0:4c:57:b2:b0:10:
a1:d3:73:25:4a:39:cc:1f:b0:2e:e1:bc:b1:99:0f:
e3:43:2f:b5:f8:87:be:59:c6:4c:22:8b:97:42:1b:
e4:d3:7f:03:c7:93:6c:e3:78:4d:f6:9e:0d:46:a8:
2a:a0:07:f3:d9:2c:d3:9a:11:0f:7a:1e:6c:3a:cc:
86:b2:28:46:fe:9d:26:e0:e8:9f:86:6a:79:0b:ba:
ce:d3:84:34:ed:63:32:33:ef:1d:e2:fb:9f:e6:fb:
19:10:58:46:6c:14:12:9f:60:3c:6d:ab:50:69:34:
6b:e1:91:ee:12:1a:63:f5:96:9e:b8:a8:56:a2:53:
db:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B1:D6:81:5F:45:2B:49:B5:C1:14:95:2F:9E:9E:2C:9E:1D:48:91
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oLHWgV9FK0m1wRSVL56eLJ4dSJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.205.0/24
37.202.208.0-37.202.210.255
37.202.212.0/23
151.240.105.0/24
151.240.140.0/24
151.241.110.0/24
151.242.14.0/24
151.242.20.0/24
151.242.110.0/24
151.243.83.0/24
151.243.104.0/24
151.243.162.0/24
151.243.212.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:0e:48:6c:75:dd:89:76:cc:6b:ea:59:7e:15:5c:95:19:10:
69:e0:8a:52:35:dc:d6:2d:fd:28:a2:88:a9:7c:f3:a2:ae:8f:
ea:bd:9b:ce:fb:98:8d:b5:04:ad:c5:9d:c5:69:99:2c:05:06:
bc:a2:77:c6:f3:31:bb:a4:da:b8:7f:f4:a7:c2:f1:c7:8b:06:
ce:42:e3:e8:c4:17:d6:1b:35:5b:48:94:aa:4b:b3:cd:33:5b:
28:15:2d:61:05:b2:90:4d:61:90:e0:84:ef:32:75:0e:dd:39:
6f:04:93:36:d1:39:82:6f:19:b2:db:ff:c4:e2:cd:fb:a7:85:
3c:bc:54:21:37:4b:54:a8:24:c1:0b:ff:c5:ee:25:fe:85:28:
ba:f6:9d:86:a6:4b:e3:17:78:28:db:2f:f1:b5:d1:2c:f7:77:
e9:54:75:ad:86:92:2c:42:22:54:3a:7e:83:09:34:9d:e4:ad:
27:91:55:29:a3:dd:4e:d8:fe:41:8f:ba:9c:63:51:b7:ac:6c:
69:fb:63:40:a5:be:57:f7:e1:41:9d:8e:79:95:50:5f:bf:2a:
e0:4d:2c:e9:fa:94:3a:f7:9b:9d:e6:91:9c:40:45:dc:03:62:
20:29:20:64:b3:70:83:a1:97:02:c0:85:2a:ae:bb:c6:a8:04:
26:50:ba:cf
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZUxtcPnBa7o+d7MetUk4vKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjIzMDcyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGIxZDY4MTVmNDUyYjQ5YjVjMTE0OTUyZjllOWUyYzllMWQ0ODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMEhl7uElDsUwounIpQnQLvVEEvc
O1kU5Lx/Jz/bfrbeVphgv4DriHdQe6dVSWDAujzGv6F7kph4vLtSa/FGu9AoK5XE
m8Y1WQwoYAa8odo70L2X25Z52XwYV/1cSt49ZRPSasCA/HLscDNqz72Hr++6gSW8
vRLu/zo+Ii2xF9iwTFeysBCh03MlSjnMH7Au4byxmQ/jQy+1+Ie+WcZMIouXQhvk
038Dx5Ns43hN9p4NRqgqoAfz2SzTmhEPeh5sOsyGsihG/p0m4Oifhmp5C7rO04Q0
7WMyM+8d4vuf5vsZEFhGbBQSn2A8batQaTRr4ZHuEhpj9ZaeuKhWolPb7QIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFKCx1oFfRStJtcEUlS+eniyeHUiRMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvb0xIV2dWOUZLMG0xd1JTVkw1NmVMSjRkU0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAJcrNMAwD
BAQlytADBAAlytIDBAElytQDBACX8GkDBACX8IwDBACX8W4DBACX8g4DBACX8hQD
BACX8m4DBACX81MDBACX82gDBACX86IDBAGX89QwDQYJKoZIhvcNAQELBQADggEB
ALIOSGx13Yl2zGvqWX4VXJUZEGngilI13NYt/SiiiKl886Kuj+q9m877mI21BK3F
ncVpmSwFBryid8bzMbuk2rh/9KfC8ceLBs5C4+jEF9YbNVtIlKpLs80zWygVLWEF
spBNYZDghO8ydQ7dOW8EkzbROYJvGbLb/8TizfunhTy8VCE3S1SoJMEL/8XuJf6F
KLr2nYamS+MXeCjbL/G10Sz3d+lUda2GkixCIlQ6foMJNJ3krSeRVSmj3U7Y/kGP
upxjUbesbGn7Y0Clvlf34UGdjnmVUF+/KuBNLOn6lDr3m53mkZxARdwDYiApIGSz
cIOhlwLAhSquu8aoBCZQus8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:50:01 2025 by rpki-client