Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/s1oixKm6bxHmzHV1zimR6btm1A4.roa
File: s1oixKm6bxHmzHV1zimR6btm1A4.roa (raw, json)
Hash identifier: ApP9pP8blaD4Bqco31FxtwYvqPYVGc/yxynWRIgRNx0=
Subject key identifier: B3:5A:22:C4:A9:BA:6F:11:E6:CC:75:75:CE:29:91:E9:BB:66:D4:0E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019675A468E112BF27B00BD54A749DB63363
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/s1oixKm6bxHmzHV1zimR6btm1A4.roa
Signing time: Sun 27 Apr 2025 05:07:11 +0000
ROA not before: Sun 27 Apr 2025 05:07:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.195.0/24 maxlen: 24
37.202.196.0/24 maxlen: 24
37.202.197.0/24 maxlen: 24
37.202.198.0/24 maxlen: 24
37.202.199.0/24 maxlen: 24
37.202.200.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
151.242.50.0/24 maxlen: 24
151.243.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 May 2025 10:13:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:75:a4:68:e1:12:bf:27:b0:0b:d5:4a:74:9d:b6:33:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 27 05:07:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b35a22c4a9ba6f11e6cc7575ce2991e9bb66d40e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ab:eb:cd:3d:9b:41:37:12:df:d3:35:5e:94:
e5:ed:53:9a:c5:78:61:34:f3:cf:41:73:7f:49:50:
18:75:0c:a2:db:db:9d:7a:3f:77:4b:12:ac:be:fa:
1a:64:6c:31:f1:1b:fc:e5:97:d4:d4:5a:d1:43:55:
f6:0e:96:94:dc:b0:3b:30:e2:8d:18:b4:cc:66:cf:
6b:7d:e9:6a:b8:6e:89:b3:d1:05:2e:9e:1d:23:1a:
70:f6:f0:7b:ed:6f:6b:22:a2:dc:f6:3c:a3:bf:7e:
ab:e2:bf:53:87:87:b4:ed:44:59:78:92:3d:bb:cb:
8d:cc:41:4e:a7:b8:ac:82:06:91:21:24:9a:2a:05:
1c:fe:ff:fe:d3:03:05:d7:1c:16:22:7c:9a:7f:3c:
f9:8e:a1:bd:24:ac:33:d0:05:9d:4a:4d:ea:af:9b:
62:2c:94:14:f9:c5:56:f5:60:0c:c6:0e:bc:8b:d2:
e2:ad:54:8e:38:d1:9b:38:13:67:6a:f7:73:84:01:
33:3c:f6:d5:c9:f6:fc:33:42:a9:64:63:1e:cc:be:
c0:ec:99:19:af:a4:00:f0:14:47:a4:b4:6a:88:3a:
f1:43:0b:78:87:26:26:75:9a:87:6f:f2:d0:fb:bb:
e7:26:e0:e7:e2:73:df:2c:cc:49:9d:9b:a6:98:e9:
5f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5A:22:C4:A9:BA:6F:11:E6:CC:75:75:CE:29:91:E9:BB:66:D4:0E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/s1oixKm6bxHmzHV1zimR6btm1A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.195.0-37.202.201.255
151.242.50.0/24
151.243.97.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:0d:d5:2f:fd:a5:e7:84:41:22:40:98:62:41:1a:2d:18:dc:
97:d0:1c:08:e2:4f:15:6b:00:6f:a5:e1:3e:a4:5d:b9:94:4a:
f4:f0:90:a0:e8:27:3c:03:b0:61:f7:31:17:5e:c5:3d:ae:03:
e8:57:2b:43:27:7b:1a:8f:af:50:fc:88:83:2d:52:17:3d:4a:
a4:61:6d:ea:1c:59:3a:ea:83:90:c6:c4:53:24:09:f0:4d:ab:
6e:52:6c:6c:81:e6:aa:21:3f:02:7b:3f:dd:ae:f1:27:ea:06:
29:33:77:b5:08:a2:16:7d:1f:82:4e:3a:11:c4:c7:9e:a6:57:
0e:f1:ab:49:8d:e4:52:ed:bb:f4:03:07:8a:a7:d9:95:61:29:
22:70:3c:17:8c:f0:a0:e1:af:42:cc:c4:70:af:f4:03:f5:03:
7b:76:14:db:6a:79:54:18:9c:10:9f:35:b7:69:8a:f6:dc:1a:
11:bf:3c:8e:8f:a8:55:d7:0d:6a:2b:98:38:63:45:39:a5:0f:
be:b7:9e:92:9b:57:88:15:33:46:7d:9f:fa:07:5f:8a:75:a6:
7b:53:dd:c1:17:65:e2:2a:59:b0:67:eb:0c:a1:9b:58:b8:06:
20:80:f4:1f:63:99:ac:5c:7e:f6:3b:7a:25:25:43:d5:58:d6:
2d:11:e8:04
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZZ1pGjhEr8nsAvVSnSdtjNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI3MDUwNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzVhMjJjNGE5YmE2ZjExZTZjYzc1NzVjZTI5OTFlOWJiNjZkNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqvrzT2bQTcS39M1XpTl7VOaxXhh
NPPPQXN/SVAYdQyi29udej93SxKsvvoaZGwx8Rv85ZfU1FrRQ1X2DpaU3LA7MOKN
GLTMZs9rfelquG6Js9EFLp4dIxpw9vB77W9rIqLc9jyjv36r4r9Th4e07URZeJI9
u8uNzEFOp7isggaRISSaKgUc/v/+0wMF1xwWInyafzz5jqG9JKwz0AWdSk3qr5ti
LJQU+cVW9WAMxg68i9LirVSOONGbOBNnavdzhAEzPPbVyfb8M0KpZGMezL7A7JkZ
r6QA8BRHpLRqiDrxQwt4hyYmdZqHb/LQ+7vnJuDn4nPfLMxJnZummOlfsQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLNaIsSpum8R5sx1dc4pkem7ZtQOMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvczFvaXhLbTZieEhtekhWMXppbVI2YnRtMUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAJcrBMAwD
BAAlysMDBAElysgDBACX8jIDBACX82EwDQYJKoZIhvcNAQELBQADggEBAK0N1S/9
peeEQSJAmGJBGi0Y3JfQHAjiTxVrAG+l4T6kXbmUSvTwkKDoJzwDsGH3MRdexT2u
A+hXK0MnexqPr1D8iIMtUhc9SqRhbeocWTrqg5DGxFMkCfBNq25SbGyB5qohPwJ7
P92u8SfqBikzd7UIohZ9H4JOOhHEx56mVw7xq0mN5FLtu/QDB4qn2ZVhKSJwPBeM
8KDhr0LMxHCv9AP1A3t2FNtqeVQYnBCfNbdpivbcGhG/PI6PqFXXDWormDhjRTml
D763npKbV4gVM0Z9n/oHX4p1pntT3cEXZeIqWbBn6wyhm1i4BiCA9B9jmaxcfvY7
eiUlQ9VY1i0R6AQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 06:06:57 2025 by rpki-client