Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yUlmsQlHg-PT3LFx9vRW1kXYKP8.roa
File: yUlmsQlHg-PT3LFx9vRW1kXYKP8.roa (raw, json)
Hash identifier: KA/QaSIdbOubiUXhf83FVkuxTlaTmF8T+24eLoqGNGc=
Subject key identifier: C9:49:66:B1:09:47:83:E3:D3:DC:B1:71:F6:F4:56:D6:45:D8:28:FF
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196E7D9C5FFDCD231CE416DCFA0B59711BC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yUlmsQlHg-PT3LFx9vRW1kXYKP8.roa
Signing time: Mon 19 May 2025 09:22:11 +0000
ROA not before: Mon 19 May 2025 09:22:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 37.202.202.0/24 maxlen: 24
151.240.17.0/24 maxlen: 24
151.240.100.0/24 maxlen: 24
151.241.76.0/24 maxlen: 24
151.242.39.0/24 maxlen: 24
151.242.67.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
151.242.159.0/24 maxlen: 24
151.243.6.0/24 maxlen: 24
151.243.50.0/24 maxlen: 24
151.243.88.0/24 maxlen: 24
151.243.160.0/22 maxlen: 22
151.245.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 May 2025 05:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:d9:c5:ff:dc:d2:31:ce:41:6d:cf:a0:b5:97:11:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 19 09:22:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c94966b1094783e3d3dcb171f6f456d645d828ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a0:8e:56:ac:ce:bf:2a:88:f0:99:94:c9:d1:
0f:dd:de:8f:fb:4e:7d:84:19:21:bc:69:c9:ec:8d:
33:2b:9f:e0:d6:9a:5a:38:f4:c5:16:8b:91:85:74:
a8:6b:d8:e0:31:2d:6b:eb:a2:6e:d3:40:03:6c:99:
08:89:7b:55:c8:11:82:9f:33:dd:55:06:95:0b:7a:
a1:b1:ab:33:f5:5d:af:a0:a3:7d:a7:63:e5:ac:74:
08:6b:76:6d:72:d4:3f:d2:b7:33:ad:28:d1:4a:3e:
0b:61:0f:e7:a6:3a:fa:68:85:41:e9:8d:2c:87:dc:
17:c2:6a:be:fd:b8:08:ec:2e:15:a6:7e:b8:67:eb:
4e:63:f1:3d:a1:a8:1d:66:b2:81:7e:d1:d8:d4:f2:
f1:58:8b:59:de:17:b4:9c:49:a0:8b:50:04:1a:86:
86:c4:ba:e9:3c:ee:e4:d4:80:20:1a:04:e9:c5:5a:
be:57:4b:2f:00:b6:36:c8:6b:0b:ca:e8:62:5a:ba:
a2:7f:57:b1:a1:42:f8:bd:81:11:4a:84:99:4c:ab:
7b:1a:46:c3:4b:1a:26:a1:62:c6:04:84:6d:56:f8:
e5:ce:2d:85:10:80:a4:1d:be:b8:db:9f:47:fd:c3:
fe:09:b8:3c:e1:e5:84:26:e3:ca:69:0a:93:16:34:
06:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:49:66:B1:09:47:83:E3:D3:DC:B1:71:F6:F4:56:D6:45:D8:28:FF
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yUlmsQlHg-PT3LFx9vRW1kXYKP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.202.0/24
151.240.17.0/24
151.240.100.0/24
151.241.76.0/24
151.242.39.0/24
151.242.67.0/24
151.242.117.0/24
151.242.159.0/24
151.243.6.0/24
151.243.50.0/24
151.243.88.0/24
151.243.160.0/22
151.245.112.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:2e:55:05:00:fd:d1:18:ac:fa:f2:74:2d:c4:07:2b:81:e7:
3f:af:53:e0:e8:e2:2f:1b:08:24:7b:10:57:b3:57:f5:54:98:
4a:34:c2:19:78:18:52:c0:db:08:65:de:fd:49:af:70:f4:37:
94:78:c3:54:ae:ca:da:2a:9f:da:cd:2b:9d:39:ef:c1:c4:96:
19:8e:fd:67:60:49:e1:92:c9:53:f2:09:6c:ea:b0:59:4b:08:
7f:6a:63:1c:d8:f9:f2:d4:b0:f1:3a:af:91:a9:70:d1:be:58:
03:00:9e:be:9f:09:a5:43:c6:52:16:e3:93:33:59:0e:a8:09:
c3:9d:36:65:d1:d3:71:29:8e:54:d4:49:e2:84:2f:af:c2:43:
e2:aa:db:2c:4e:16:7a:ee:a7:cc:bd:38:c9:20:0d:58:56:8a:
11:b4:d9:46:77:e2:8d:6a:7c:f7:df:97:fd:10:cb:e9:b3:65:
1c:62:ca:e5:67:8f:ee:65:8e:00:a4:4d:95:5a:d6:ca:0a:01:
68:34:e0:b1:8c:7a:bf:06:e0:be:e4:05:f1:bb:34:ac:42:d5:
33:63:62:ad:5c:99:4b:7a:7a:13:92:de:1d:5f:be:62:88:ef:
97:21:f4:b0:1c:83:48:05:27:3b:3c:34:0c:e9:95:c9:24:84:
72:82:11:f1
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZbn2cX/3NIxzkFtz6C1lxG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTE5MDkyMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTQ5NjZiMTA5NDc4M2UzZDNkY2IxNzFmNmY0NTZkNjQ1ZDgyOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaCOVqzOvyqI8JmUydEP3d6P+059
hBkhvGnJ7I0zK5/g1ppaOPTFFouRhXSoa9jgMS1r66Ju00ADbJkIiXtVyBGCnzPd
VQaVC3qhsasz9V2voKN9p2PlrHQIa3ZtctQ/0rczrSjRSj4LYQ/npjr6aIVB6Y0s
h9wXwmq+/bgI7C4Vpn64Z+tOY/E9oagdZrKBftHY1PLxWItZ3he0nEmgi1AEGoaG
xLrpPO7k1IAgGgTpxVq+V0svALY2yGsLyuhiWrqif1exoUL4vYERSoSZTKt7GkbD
SxomoWLGBIRtVvjlzi2FEICkHb64259H/cP+Cbg84eWEJuPKaQqTFjQGBQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMlJZrEJR4Pj09yxcfb0VtZF2Cj/MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveVVsbXNRbEhnLVBUM0xGeDl2Ulcxa1hZS1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAJcrKAwQA
l/ARAwQAl/BkAwQAl/FMAwQAl/InAwQAl/JDAwQAl/J1AwQAl/KfAwQAl/MGAwQA
l/MyAwQAl/NYAwQCl/OgAwQAl/VwMA0GCSqGSIb3DQEBCwUAA4IBAQAtLlUFAP3R
GKz68nQtxAcrgec/r1Pg6OIvGwgkexBXs1f1VJhKNMIZeBhSwNsIZd79Sa9w9DeU
eMNUrsraKp/azSudOe/BxJYZjv1nYEnhkslT8gls6rBZSwh/amMc2Pny1LDxOq+R
qXDRvlgDAJ6+nwmlQ8ZSFuOTM1kOqAnDnTZl0dNxKY5U1EnihC+vwkPiqtssThZ6
7qfMvTjJIA1YVooRtNlGd+KNanz335f9EMvps2UcYsrlZ4/uZY4ApE2VWtbKCgFo
NOCxjHq/BuC+5AXxuzSsQtUzY2KtXJlLenoTkt4dX75iiO+XIfSwHINIBSc7PDQM
6ZXJJIRyghHx
-----END CERTIFICATE-----
Generated at Mon Jun 9 17:18:29 2025 by rpki-client