Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qGigJggQAsRxY4uAYi-JDWgQc58.roa
File: qGigJggQAsRxY4uAYi-JDWgQc58.roa (raw, json)
Hash identifier: 8RLX0t2O0ZbULkAjaxmSkqoq9UM2lrMUt5DL57uI3vE=
Subject key identifier: A8:68:A0:26:08:10:02:C4:71:63:8B:80:62:2F:89:0D:68:10:73:9F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196583A30EE373569AE36652623C1C098CC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qGigJggQAsRxY4uAYi-JDWgQc58.roa
Signing time: Mon 21 Apr 2025 12:02:10 +0000
ROA not before: Mon 21 Apr 2025 12:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 37.202.202.0/24 maxlen: 24
151.240.100.0/24 maxlen: 24
151.241.76.0/24 maxlen: 24
151.242.39.0/24 maxlen: 24
151.242.67.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
151.243.6.0/24 maxlen: 24
151.243.160.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 28 Apr 2025 05:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:3a:30:ee:37:35:69:ae:36:65:26:23:c1:c0:98:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 21 12:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a868a026081002c471638b80622f890d6810739f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e6:17:4c:99:59:4d:da:16:4e:b0:33:3d:4c:
be:32:11:8a:66:40:e9:9d:b3:11:4f:37:02:a5:fe:
72:40:da:31:9a:9f:08:a6:3f:39:85:62:2d:9d:b6:
d5:39:26:46:0a:86:cd:47:a2:12:23:a6:a4:75:83:
f8:24:c8:a0:c2:ca:29:81:df:05:77:5c:9a:45:27:
f5:5e:2f:9d:36:0d:9a:b7:d5:7a:ea:5c:8b:a5:dd:
75:19:c3:65:9a:bf:57:8c:0c:09:37:29:d3:21:53:
29:09:3b:1e:c6:e7:b9:6a:ab:52:78:b3:8a:9b:b4:
31:ea:4f:27:27:35:87:5a:d2:fe:c6:45:e8:ca:d3:
cd:10:b5:70:11:ba:45:dc:9f:f6:b9:73:05:44:f6:
48:4f:25:e9:3b:d0:7c:8a:69:c5:b4:2a:57:97:49:
9d:8e:77:53:12:48:81:64:5f:a0:d8:ec:7a:09:7f:
b0:77:d6:f6:f2:c0:37:29:4c:51:c1:44:ea:65:f3:
8e:b4:10:45:d5:6c:3c:34:d3:ce:c3:cc:c4:10:f5:
c3:18:79:a8:1f:d6:86:4e:17:8d:d7:12:09:02:ec:
00:21:a8:05:eb:fa:19:23:30:88:f4:1b:bb:05:82:
47:4d:ce:79:dd:91:1a:02:07:89:4f:2e:f3:67:2d:
b9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:68:A0:26:08:10:02:C4:71:63:8B:80:62:2F:89:0D:68:10:73:9F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qGigJggQAsRxY4uAYi-JDWgQc58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.202.0/24
151.240.100.0/24
151.241.76.0/24
151.242.39.0/24
151.242.67.0/24
151.242.117.0/24
151.243.6.0/24
151.243.160.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:37:9b:d2:95:0b:df:b2:e9:7f:f6:f4:e8:e7:ec:e0:4a:e6:
cf:38:1d:2b:f0:b8:31:9c:a2:98:2e:95:25:e9:c3:dd:29:a4:
74:74:58:69:08:91:21:4e:33:62:21:b2:a6:7e:07:56:a1:5e:
8e:a1:ae:8c:6a:f0:11:73:05:30:7c:b4:8e:cc:e9:24:b4:f6:
69:64:ad:fb:86:90:2b:ac:7d:9b:93:c7:be:85:91:47:93:42:
dd:c8:7f:eb:30:c8:47:b1:05:8c:c3:f5:bb:de:41:83:cb:3d:
1e:34:22:13:8f:07:59:45:ee:83:36:7e:6f:ff:54:2d:66:16:
20:21:72:ba:02:49:39:a9:1c:c8:51:bf:c5:2a:68:7d:a3:c1:
04:f5:4e:86:e2:11:98:9b:69:2d:f0:ba:65:60:0a:b7:ee:79:
fb:0d:9f:b5:09:67:3c:07:dd:c6:21:48:53:fe:e0:72:44:66:
78:3f:68:c2:0d:92:dd:d7:b0:61:b2:f2:df:3c:1d:55:4b:99:
b5:44:ad:fc:4b:34:d9:cf:2d:f8:9e:2a:d7:00:c1:61:6a:c0:
62:6d:0a:79:65:99:7f:23:5f:b4:05:22:9d:a4:63:66:ef:f9:
e5:bf:45:12:fe:55:62:00:85:c4:59:18:79:ab:8c:f5:de:61:
f6:e5:10:2f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZZYOjDuNzVprjZlJiPBwJjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDIxMTIwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODY4YTAyNjA4MTAwMmM0NzE2MzhiODA2MjJmODkwZDY4MTA3MzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uYXTJlZTdoWTrAzPUy+MhGKZkDp
nbMRTzcCpf5yQNoxmp8Ipj85hWItnbbVOSZGCobNR6ISI6akdYP4JMigwsopgd8F
d1yaRSf1Xi+dNg2at9V66lyLpd11GcNlmr9XjAwJNynTIVMpCTsexue5aqtSeLOK
m7Qx6k8nJzWHWtL+xkXoytPNELVwEbpF3J/2uXMFRPZITyXpO9B8imnFtCpXl0md
jndTEkiBZF+g2Ox6CX+wd9b28sA3KUxRwUTqZfOOtBBF1Ww8NNPOw8zEEPXDGHmo
H9aGTheN1xIJAuwAIagF6/oZIzCI9Bu7BYJHTc553ZEaAgeJTy7zZy254QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKhooCYIEALEcWOLgGIviQ1oEHOfMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcUdpZ0pnZ1FBc1J4WTR1QVlpLUpEV2dRYzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAJcrKAwQA
l/BkAwQAl/FMAwQAl/InAwQAl/JDAwQAl/J1AwQAl/MGAwQCl/OgMA0GCSqGSIb3
DQEBCwUAA4IBAQBuN5vSlQvfsul/9vTo5+zgSubPOB0r8LgxnKKYLpUl6cPdKaR0
dFhpCJEhTjNiIbKmfgdWoV6Ooa6MavARcwUwfLSOzOkktPZpZK37hpArrH2bk8e+
hZFHk0LdyH/rMMhHsQWMw/W73kGDyz0eNCITjwdZRe6DNn5v/1QtZhYgIXK6Akk5
qRzIUb/FKmh9o8EE9U6G4hGYm2kt8LplYAq37nn7DZ+1CWc8B93GIUhT/uByRGZ4
P2jCDZLd17BhsvLfPB1VS5m1RK38SzTZzy34nirXAMFhasBibQp5ZZl/I1+0BSKd
pGNm7/nlv0US/lViAIXEWRh5q4z13mH25RAv
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:26:52 2025 by rpki-client