Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/s6CySOBLeH8YKx_XVmNs8B-qWWE.roa
File: s6CySOBLeH8YKx_XVmNs8B-qWWE.roa (raw, json)
Hash identifier: tHohAUnGjVDUPMTuGY7vJb8b3/MHxobV+ZA7KU1HNEs=
Subject key identifier: B3:A0:B2:48:E0:4B:78:7F:18:2B:1F:D7:56:63:6C:F0:1F:AA:59:61
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196346D9AC16C35995A0753B9EF7097D951
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/s6CySOBLeH8YKx_XVmNs8B-qWWE.roa
Signing time: Mon 14 Apr 2025 13:12:00 +0000
ROA not before: Mon 14 Apr 2025 13:12:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 37.202.206.0/24 maxlen: 24
151.242.49.0/24 maxlen: 24
151.242.97.0/24 maxlen: 24
151.242.102.0/24 maxlen: 24
151.242.114.0/24 maxlen: 24
151.242.116.0/24 maxlen: 24
151.242.119.0/24 maxlen: 24
151.242.120.0/24 maxlen: 24
151.242.123.0/24 maxlen: 24
151.242.124.0/24 maxlen: 24
151.242.125.0/24 maxlen: 24
151.242.126.0/24 maxlen: 24
151.243.64.0/20 maxlen: 24
151.243.97.0/24 maxlen: 24
151.243.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Apr 2025 05:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:6d:9a:c1:6c:35:99:5a:07:53:b9:ef:70:97:d9:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 14 13:12:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3a0b248e04b787f182b1fd756636cf01faa5961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:63:62:3a:9d:be:6f:90:6f:e0:b4:7d:be:ed:
8a:dc:51:da:2f:df:af:90:18:65:8f:10:aa:50:1d:
29:a5:6a:ea:25:22:cd:45:2f:27:a6:a8:56:cc:52:
5b:0f:0d:5d:29:65:75:b1:da:78:6f:e6:06:bc:ab:
39:d6:bd:25:26:af:60:25:92:0e:22:5e:08:3b:80:
83:88:10:e1:df:55:0f:43:3b:53:6c:b9:d7:fe:b8:
1c:29:05:1e:a9:fb:97:f8:f7:eb:8e:c0:4c:bc:24:
2c:de:84:ed:92:d4:7c:dc:c9:c5:89:03:b8:1c:ed:
72:9c:1a:31:b2:c2:60:e6:f0:d8:a6:82:fe:19:38:
d6:4b:29:b8:bd:14:d0:80:31:fb:7a:72:53:aa:3a:
df:b8:85:f7:3b:38:5f:2e:0a:6b:18:fe:65:d1:65:
49:1f:6b:75:3c:ee:37:76:18:57:e7:b2:4e:91:8d:
78:be:cc:0b:f9:84:0b:b1:bb:ab:41:19:38:dc:30:
33:d0:3c:73:6b:ab:c2:18:38:aa:1c:18:9e:d5:58:
6c:fa:60:bf:94:c8:fe:19:1c:95:f1:df:2e:7c:c8:
3b:4d:b0:e2:23:90:3a:d1:98:9e:62:20:c2:14:ac:
e8:aa:3f:51:8a:50:eb:01:a3:29:b7:be:5e:3c:79:
6c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A0:B2:48:E0:4B:78:7F:18:2B:1F:D7:56:63:6C:F0:1F:AA:59:61
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/s6CySOBLeH8YKx_XVmNs8B-qWWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.206.0/24
151.242.49.0/24
151.242.97.0/24
151.242.102.0/24
151.242.114.0/24
151.242.116.0/24
151.242.119.0-151.242.120.255
151.242.123.0-151.242.126.255
151.243.64.0/20
151.243.97.0/24
151.243.106.0/24
Signature Algorithm: sha256WithRSAEncryption
19:55:28:cb:0d:91:46:28:95:e8:75:49:23:13:2a:e4:be:ca:
73:e6:7d:4a:2e:19:8e:9c:70:9d:16:1e:63:bc:90:3a:0b:04:
c0:f8:7c:70:75:5e:79:b5:7f:9a:fd:b7:73:a5:1d:43:29:46:
75:0f:f8:cf:c0:ff:88:08:cd:c0:c3:db:55:3e:42:f2:78:aa:
2d:6f:a8:bf:ac:92:c5:9d:38:60:e3:18:96:fe:08:ce:73:87:
44:36:5f:31:7a:f2:fc:32:91:eb:16:fb:2a:b3:3e:9f:ae:a1:
02:6e:80:1f:b7:b4:4e:84:52:4b:cc:db:43:02:8f:ba:82:3c:
c8:24:56:2c:f4:16:fd:8f:bb:42:32:46:5e:c2:ec:34:df:d5:
16:e4:00:2f:2a:74:2a:fd:97:ff:ac:f1:96:ea:44:49:9e:a9:
00:b4:f0:9a:cf:28:62:7a:d8:41:8b:99:8b:fb:e9:1e:26:0e:
d1:90:32:b2:5b:e2:cb:28:48:26:95:48:2b:e8:b2:98:b4:f6:
81:40:8f:8a:e1:2f:b9:b6:c7:e3:be:69:7f:40:4e:ca:cb:84:
8d:5d:c1:ea:11:2d:7c:3a:3b:2a:63:51:25:bb:d5:16:db:4d:
bd:b2:d4:14:50:c7:c5:56:19:ad:10:ae:aa:8c:d2:9b:85:65:
86:9a:37:79
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZY0bZrBbDWZWgdTue9wl9lRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDE0MTMxMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2EwYjI0OGUwNGI3ODdmMTgyYjFmZDc1NjYzNmNmMDFmYWE1OTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGNiOp2+b5Bv4LR9vu2K3FHaL9+v
kBhljxCqUB0ppWrqJSLNRS8npqhWzFJbDw1dKWV1sdp4b+YGvKs51r0lJq9gJZIO
Il4IO4CDiBDh31UPQztTbLnX/rgcKQUeqfuX+PfrjsBMvCQs3oTtktR83MnFiQO4
HO1ynBoxssJg5vDYpoL+GTjWSym4vRTQgDH7enJTqjrfuIX3OzhfLgprGP5l0WVJ
H2t1PO43dhhX57JOkY14vswL+YQLsburQRk43DAz0Dxza6vCGDiqHBie1Vhs+mC/
lMj+GRyV8d8ufMg7TbDiI5A60ZieYiDCFKzoqj9RilDrAaMpt75ePHls/wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFLOgskjgS3h/GCsf11ZjbPAfqllhMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvczZDeVNPQkxlSDhZS3hfWFZtTnM4Qi1xV1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAJcrOAwQA
l/IxAwQAl/JhAwQAl/JmAwQAl/JyAwQAl/J0MAwDBACX8ncDBACX8ngwDAMEAJfy
ewMEAJfyfgMEBJfzQAMEAJfzYQMEAJfzajANBgkqhkiG9w0BAQsFAAOCAQEAGVUo
yw2RRiiV6HVJIxMq5L7Kc+Z9Si4ZjpxwnRYeY7yQOgsEwPh8cHVeebV/mv23c6Ud
QylGdQ/4z8D/iAjNwMPbVT5C8niqLW+ov6ySxZ04YOMYlv4IznOHRDZfMXry/DKR
6xb7KrM+n66hAm6AH7e0ToRSS8zbQwKPuoI8yCRWLPQW/Y+7QjJGXsLsNN/VFuQA
Lyp0Kv2X/6zxlupESZ6pALTwms8oYnrYQYuZi/vpHiYO0ZAyslviyyhIJpVIK+iy
mLT2gUCPiuEvubbH475pf0BOysuEjV3B6hEtfDo7KmNRJbvVFttNvbLUFFDHxVYZ
rRCuqozSm4Vlhpo3eQ==
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:06:36 2025 by rpki-client