Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xPUawGNHjl-pH2HZwBqkxLMgbp8.roa
File: xPUawGNHjl-pH2HZwBqkxLMgbp8.roa (raw, json)
Hash identifier: q2FNgB94VLK2qr9hE8I2gbod98HMmGA6esgUtGdGVNU=
Subject key identifier: C4:F5:1A:C0:63:47:8E:5F:A9:1F:61:D9:C0:1A:A4:C4:B3:20:6E:9F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7AB2A799C1AE9595924A0976A23BC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xPUawGNHjl-pH2HZwBqkxLMgbp8.roa
Signing time: Wed 01 Jan 2025 21:48:44 +0000
ROA not before: Wed 01 Jan 2025 21:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 37.202.203.0/24 maxlen: 24
37.202.206.0/24 maxlen: 24
37.202.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 09:10:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ab:2a:79:9c:1a:e9:59:59:24:a0:97:6a:23:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4f51ac063478e5fa91f61d9c01aa4c4b3206e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f7:a6:f9:b1:06:5a:a8:f5:5f:d3:2b:aa:28:
b2:f6:ed:7a:0d:17:d4:bd:f8:1e:31:f6:7e:73:37:
a3:4e:90:14:f2:e0:fb:ff:3f:f4:93:04:ad:7e:02:
d7:db:ca:25:5c:f4:09:0a:c4:4b:ff:ec:74:43:3b:
90:0a:41:25:35:ec:d1:76:3c:62:6f:a0:00:a7:68:
44:78:2e:eb:73:16:4c:39:45:84:15:29:4c:1a:ff:
0c:35:ed:4e:1f:61:35:95:58:82:c6:3c:d0:cc:16:
c7:bb:b1:4e:07:4e:b7:d7:62:de:9f:ee:fb:ec:7d:
c3:93:11:d0:54:d0:94:cd:9d:01:72:b4:1f:44:b2:
cf:57:cc:69:dc:a6:39:e7:cf:47:51:dd:62:25:ae:
93:95:06:e6:6d:43:0c:52:5b:05:a8:7c:6c:99:d1:
c2:10:7c:b3:44:6d:0c:9d:01:c6:ac:06:3e:93:34:
36:a8:e2:bc:c6:6e:f6:c1:4c:21:c7:05:c7:79:53:
eb:47:0d:88:fb:2f:51:46:a6:34:ad:46:b3:16:db:
ac:27:08:d0:31:73:35:6f:d3:05:21:5d:87:7c:81:
d5:23:26:7a:1f:da:a5:6c:2c:f4:6d:22:03:90:f4:
82:ab:1c:1a:a5:95:63:5a:bd:da:6f:a5:2b:25:a8:
c5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F5:1A:C0:63:47:8E:5F:A9:1F:61:D9:C0:1A:A4:C4:B3:20:6E:9F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xPUawGNHjl-pH2HZwBqkxLMgbp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.203.0/24
37.202.206.0/24
37.202.217.0/24
Signature Algorithm: sha256WithRSAEncryption
86:91:d1:74:5f:30:46:c3:3d:0e:cd:02:82:b2:48:05:5b:46:
6b:22:44:e0:ce:4d:0b:0c:dc:8b:f8:92:c2:de:67:b9:b3:73:
bd:65:9a:91:73:63:1c:07:96:c1:ba:77:f1:1a:98:22:d6:e7:
93:73:4f:b2:a4:a7:42:8d:88:1b:b3:8b:ac:38:67:9e:a9:67:
a9:bd:07:6f:e6:d0:6c:e9:82:77:76:1e:f8:43:a5:89:f1:7a:
fa:6d:7f:db:b9:5d:7c:75:aa:91:11:84:c2:7d:bb:d1:ee:e1:
3b:c5:de:45:80:e9:87:19:bf:0e:32:6d:3b:a3:9a:22:f1:25:
a2:35:3e:76:e4:77:31:e9:ad:e2:fe:15:0f:46:b5:08:96:87:
f7:fc:4e:6a:0d:86:91:4d:4c:66:19:71:7f:43:aa:7e:97:79:
9c:64:a4:bf:d9:d2:62:f1:91:53:2f:27:ea:a2:36:02:7d:73:
d7:72:e1:7e:39:c3:8a:1a:ad:1d:94:27:54:a1:ab:64:35:e5:
76:76:cf:ff:cb:32:9d:86:28:6f:77:60:bb:5d:33:a8:33:27:
36:8c:d1:d4:8c:2f:3a:4c:9a:61:76:d1:41:de:fe:be:eb:6c:
a9:5c:aa:9e:c3:80:61:af:05:34:46:a5:75:6a:d3:a0:82:99:
a3:d9:05:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj16sqeZwa6VlZJKCXaiO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGY1MWFjMDYzNDc4ZTVmYTkxZjYxZDljMDFhYTRjNGIzMjA2ZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovem+bEGWqj1X9Mrqiiy9u16DRfU
vfgeMfZ+czejTpAU8uD7/z/0kwStfgLX28olXPQJCsRL/+x0QzuQCkElNezRdjxi
b6AAp2hEeC7rcxZMOUWEFSlMGv8MNe1OH2E1lViCxjzQzBbHu7FOB06312Len+77
7H3DkxHQVNCUzZ0BcrQfRLLPV8xp3KY5589HUd1iJa6TlQbmbUMMUlsFqHxsmdHC
EHyzRG0MnQHGrAY+kzQ2qOK8xm72wUwhxwXHeVPrRw2I+y9RRqY0rUazFtusJwjQ
MXM1b9MFIV2HfIHVIyZ6H9qlbCz0bSIDkPSCqxwapZVjWr3ab6UrJajFtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMT1GsBjR45fqR9h2cAapMSzIG6fMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveFBVYXdHTkhqbC1wSDJIWndCcWt4TE1nYnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJcrLAwQA
JcrOAwQAJcrZMA0GCSqGSIb3DQEBCwUAA4IBAQCGkdF0XzBGwz0OzQKCskgFW0Zr
IkTgzk0LDNyL+JLC3me5s3O9ZZqRc2McB5bBunfxGpgi1ueTc0+ypKdCjYgbs4us
OGeeqWepvQdv5tBs6YJ3dh74Q6WJ8Xr6bX/buV18daqREYTCfbvR7uE7xd5FgOmH
Gb8OMm07o5oi8SWiNT525Hcx6a3i/hUPRrUIlof3/E5qDYaRTUxmGXF/Q6p+l3mc
ZKS/2dJi8ZFTLyfqojYCfXPXcuF+OcOKGq0dlCdUoatkNeV2ds//yzKdhihvd2C7
XTOoMyc2jNHUjC86TJphdtFB3v6+62ypXKqew4BhrwU0RqV1atOggpmj2QUZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:08:45 2025 by rpki-client