Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xHsp0LYBsAS73LsOQOOmmM3S8mg.roa
File: xHsp0LYBsAS73LsOQOOmmM3S8mg.roa (raw, json)
Hash identifier: /7+j759g7bAESVowvUk3NhEq6cAFp3TJ6J1FfqLG03Y=
Subject key identifier: C4:7B:29:D0:B6:01:B0:04:BB:DC:BB:0E:40:E3:A6:98:CD:D2:F2:68
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196ECB9A272A8E4537CC713E395D5F7B7AA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xHsp0LYBsAS73LsOQOOmmM3S8mg.roa
Signing time: Tue 20 May 2025 08:05:10 +0000
ROA not before: Tue 20 May 2025 08:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
151.242.190.0/24 maxlen: 24
151.242.194.0/24 maxlen: 24
151.243.10.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 May 2025 05:59:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ec:b9:a2:72:a8:e4:53:7c:c7:13:e3:95:d5:f7:b7:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 20 08:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c47b29d0b601b004bbdcbb0e40e3a698cdd2f268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:94:d7:77:b4:0e:79:6a:1d:3a:a5:59:82:5f:
fe:d2:3b:78:a4:42:b4:9a:0e:ee:1b:23:90:ec:ee:
be:02:1e:11:53:da:19:04:92:d2:38:fd:67:45:ea:
03:f5:2b:82:5a:d7:46:01:8b:79:4a:36:0a:6a:39:
65:ab:df:27:5c:a5:0e:c1:26:80:23:71:03:69:7b:
98:da:52:f6:40:b3:fd:3c:29:99:5c:b7:09:7a:7e:
9c:1e:8d:bf:19:e4:82:83:78:9b:de:83:6f:26:5d:
c0:e0:5c:2a:b5:3f:e1:5d:77:f3:76:b8:38:eb:0b:
47:73:2e:06:71:8a:e1:11:3b:43:3f:e6:3a:8e:b2:
d3:d4:a3:a8:b8:49:45:70:bb:c8:dd:e3:34:dc:e1:
2d:ae:60:54:73:a8:2d:2e:aa:6c:9f:85:b7:37:63:
63:3f:24:32:83:30:a8:1c:b0:f1:ed:2b:e1:3e:2d:
94:4b:4a:28:99:c5:05:e3:65:c4:d2:6d:9a:fc:f0:
5d:89:f9:e0:98:a9:d9:66:32:fb:2c:1a:00:79:d2:
6b:d0:e3:95:c0:18:2e:2d:0d:f3:98:bf:bd:01:66:
e3:ae:3c:01:71:fc:22:ec:ad:75:68:5c:f7:1a:56:
04:5d:b3:6f:00:07:35:f4:41:2a:50:99:90:99:f4:
25:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:7B:29:D0:B6:01:B0:04:BB:DC:BB:0E:40:E3:A6:98:CD:D2:F2:68
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xHsp0LYBsAS73LsOQOOmmM3S8mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
37.202.201.0/24
151.242.190.0/24
151.242.194.0/24
151.243.10.0/24
151.243.228.0/24
151.243.243.0/24
Signature Algorithm: sha256WithRSAEncryption
75:51:9d:1f:e0:ca:41:1b:cb:9e:3b:0d:43:79:3a:82:d1:4d:
ec:af:cd:f8:05:b9:5b:66:a3:a3:81:2f:7b:61:a6:55:d0:8b:
c5:1b:32:52:82:63:8b:f7:e3:5f:34:98:3f:2a:68:90:64:0b:
6b:c7:29:e0:06:bf:ff:c7:ad:db:3c:ff:6b:3c:6f:24:5e:70:
72:13:61:d5:e2:2a:c6:8a:8b:ce:cd:6c:b9:9b:0b:7f:1a:2c:
d2:db:b5:87:12:a1:fc:77:eb:b2:d9:32:3a:87:14:c2:a0:dd:
0a:96:07:19:c4:a5:7d:8b:a0:56:e7:d5:a3:54:21:17:44:fd:
2f:8a:a4:75:99:46:c4:19:17:9a:ba:42:a0:c2:11:7e:f9:b8:
15:9c:25:1d:4a:cc:23:97:22:f1:c7:95:9e:11:75:3a:ba:0b:
52:e6:4f:4e:59:ae:1f:d3:92:e9:06:27:91:42:50:33:27:09:
54:ae:b9:c4:32:ab:16:59:ed:f2:38:93:29:4f:f8:b5:ee:3b:
6e:0c:3b:64:96:cb:12:76:7e:a5:25:ea:ff:2b:eb:6a:d8:20:
67:39:e1:76:85:8f:a0:82:7f:df:ba:ab:3e:48:4f:18:6b:da:
4b:23:74:4e:c7:26:ce:25:7e:99:60:bb:13:d3:32:9a:1e:93:
15:b7:45:42
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZbsuaJyqORTfMcT45XV97eqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTIwMDgwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDdiMjlkMGI2MDFiMDA0YmJkY2JiMGU0MGUzYTY5OGNkZDJmMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZTXd7QOeWodOqVZgl/+0jt4pEK0
mg7uGyOQ7O6+Ah4RU9oZBJLSOP1nReoD9SuCWtdGAYt5SjYKajllq98nXKUOwSaA
I3EDaXuY2lL2QLP9PCmZXLcJen6cHo2/GeSCg3ib3oNvJl3A4FwqtT/hXXfzdrg4
6wtHcy4GcYrhETtDP+Y6jrLT1KOouElFcLvI3eM03OEtrmBUc6gtLqpsn4W3N2Nj
PyQygzCoHLDx7SvhPi2US0oomcUF42XE0m2a/PBdifngmKnZZjL7LBoAedJr0OOV
wBguLQ3zmL+9AWbjrjwBcfwi7K11aFz3GlYEXbNvAAc19EEqUJmQmfQlcQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMR7KdC2AbAEu9y7DkDjppjN0vJoMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveEhzcDBMWUJzQVM3M0xzT1FPT21tTTNTOG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJcrCAwQA
JcrJAwQAl/K+AwQAl/LCAwQAl/MKAwQAl/PkAwQAl/PzMA0GCSqGSIb3DQEBCwUA
A4IBAQB1UZ0f4MpBG8ueOw1DeTqC0U3sr834BblbZqOjgS97YaZV0IvFGzJSgmOL
9+NfNJg/KmiQZAtrxyngBr//x63bPP9rPG8kXnByE2HV4irGiovOzWy5mwt/GizS
27WHEqH8d+uy2TI6hxTCoN0KlgcZxKV9i6BW59WjVCEXRP0viqR1mUbEGReaukKg
whF++bgVnCUdSswjlyLxx5WeEXU6ugtS5k9OWa4f05LpBieRQlAzJwlUrrnEMqsW
We3yOJMpT/i17jtuDDtklssSdn6lJer/K+tq2CBnOeF2hY+ggn/fuqs+SE8Ya9pL
I3ROxybOJX6ZYLsT0zKaHpMVt0VC
-----END CERTIFICATE-----
Generated at Sat Jun 7 06:25:42 2025 by rpki-client