Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9a8FK75IpzHP_wWOcSoiY-ZQeWM.roa
File: 9a8FK75IpzHP_wWOcSoiY-ZQeWM.roa (raw, json)
Hash identifier: 3OYV2XYK8t0gUJZO6z5yJ6+BurYptIbvQSF1kyUchGE=
Subject key identifier: F5:AF:05:2B:BE:48:A7:31:CF:FF:05:8E:71:2A:22:63:E6:50:79:63
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019614CF45491ED9FD274805943A0C9785FF
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9a8FK75IpzHP_wWOcSoiY-ZQeWM.roa
Signing time: Tue 08 Apr 2025 09:50:49 +0000
ROA not before: Tue 08 Apr 2025 09:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
37.202.220.0/24 maxlen: 24
151.242.49.0/24 maxlen: 24
151.242.254.0/24 maxlen: 24
151.243.150.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Apr 2025 19:14:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:cf:45:49:1e:d9:fd:27:48:05:94:3a:0c:97:85:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 8 09:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5af052bbe48a731cfff058e712a2263e6507963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d7:d7:56:0a:ed:d0:46:a5:18:95:72:29:5a:
e5:76:98:f4:22:25:5d:d3:13:73:22:a0:fd:e1:10:
60:f8:99:86:cf:44:30:57:25:f7:dd:fa:4e:cb:88:
52:ea:a3:86:4b:be:68:c0:90:2b:84:4d:b5:b9:5a:
c1:44:2a:35:72:b2:f5:65:44:92:68:6c:db:3a:27:
c6:15:28:01:35:27:95:16:f2:4c:99:93:ee:4e:6f:
f4:d0:d1:13:fe:b6:39:01:f0:bb:74:9e:51:c6:cb:
31:92:87:98:f5:64:f4:ec:81:1a:ea:bf:24:11:49:
68:bd:72:a7:b3:50:5a:64:3a:f8:07:ee:e5:74:93:
4a:f0:d3:d3:8b:9b:b8:db:d9:44:32:2f:ab:c7:c5:
40:70:e8:bb:3a:15:f9:f9:27:36:bf:c2:84:05:79:
b3:7d:f7:9e:46:67:6f:50:8e:44:b6:bc:ba:e8:44:
0b:67:5e:ff:e6:2c:22:c8:f8:68:33:63:87:9a:0b:
02:c6:c9:a0:0a:d6:a6:c0:13:70:ae:f1:a5:e3:aa:
b5:3b:f4:a4:1b:39:d2:1f:b6:64:78:f4:4d:9a:bf:
cd:07:ce:72:cd:6f:71:a5:a1:e7:49:de:8b:f5:ee:
64:9e:e0:c1:df:5b:4c:27:f9:ca:63:61:f9:61:5e:
2a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:AF:05:2B:BE:48:A7:31:CF:FF:05:8E:71:2A:22:63:E6:50:79:63
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9a8FK75IpzHP_wWOcSoiY-ZQeWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
37.202.220.0/24
151.242.49.0/24
151.242.254.0/24
151.243.150.0/24
151.243.228.0/24
151.243.243.0/24
Signature Algorithm: sha256WithRSAEncryption
63:82:e7:63:b7:22:99:6f:8c:4b:ff:f6:76:ee:b3:cd:f6:ce:
49:77:4f:88:99:41:50:e8:00:60:d3:01:60:4d:ad:0b:39:e0:
73:d4:51:0f:ce:1f:8c:46:54:f9:1e:79:f9:28:2a:90:3d:4e:
c4:e7:cf:ee:18:c2:52:12:1a:c0:3e:95:ab:05:fb:45:28:d6:
b8:19:12:ba:6c:13:ad:fe:e3:3b:57:56:dd:21:73:20:f3:a4:
24:fd:9e:4c:70:95:f8:ca:82:4c:18:72:0a:b4:7d:1a:79:37:
71:3e:f4:b1:e3:97:e1:99:dc:82:90:5c:fd:10:60:03:a3:e7:
9e:2b:b0:4c:fa:46:b6:68:dc:9a:a3:37:f1:ac:13:ea:85:6b:
6d:2b:85:20:e3:ff:9f:f3:f0:3b:c4:3b:14:8c:bb:a1:98:5f:
b4:34:4c:b4:af:cb:f8:3d:fb:c0:8c:61:6c:64:69:1d:aa:55:
04:fd:75:52:9b:22:03:69:91:91:9c:89:68:83:7f:93:46:06:
0a:a6:53:2a:90:ea:a4:de:28:34:76:18:97:94:6f:6e:4a:e1:
94:42:21:50:da:04:df:46:33:0a:f3:c2:b4:00:ea:c5:4f:19:
2f:ca:25:39:06:6b:39:94:fa:1d:98:4c:03:3c:d2:d0:32:57:
5a:82:3f:78
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZYUz0VJHtn9J0gFlDoMl4X/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDA4MDk1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWFmMDUyYmJlNDhhNzMxY2ZmZjA1OGU3MTJhMjI2M2U2NTA3OTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNfXVgrt0EalGJVyKVrldpj0IiVd
0xNzIqD94RBg+JmGz0QwVyX33fpOy4hS6qOGS75owJArhE21uVrBRCo1crL1ZUSS
aGzbOifGFSgBNSeVFvJMmZPuTm/00NET/rY5AfC7dJ5RxssxkoeY9WT07IEa6r8k
EUlovXKns1BaZDr4B+7ldJNK8NPTi5u429lEMi+rx8VAcOi7OhX5+Sc2v8KEBXmz
ffeeRmdvUI5Etry66EQLZ17/5iwiyPhoM2OHmgsCxsmgCtamwBNwrvGl46q1O/Sk
GznSH7ZkePRNmr/NB85yzW9xpaHnSd6L9e5knuDB31tMJ/nKY2H5YV4qmwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPWvBSu+SKcxz/8FjnEqImPmUHljMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOWE4Rks3NUlwekhQX3dXT2NTb2lZLVpRZVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJcrCAwQA
JcrcAwQAl/IxAwQAl/L+AwQAl/OWAwQAl/PkAwQAl/PzMA0GCSqGSIb3DQEBCwUA
A4IBAQBjgudjtyKZb4xL//Z27rPN9s5Jd0+ImUFQ6ABg0wFgTa0LOeBz1FEPzh+M
RlT5Hnn5KCqQPU7E58/uGMJSEhrAPpWrBftFKNa4GRK6bBOt/uM7V1bdIXMg86Qk
/Z5McJX4yoJMGHIKtH0aeTdxPvSx45fhmdyCkFz9EGADo+eeK7BM+ka2aNyaozfx
rBPqhWttK4Ug4/+f8/A7xDsUjLuhmF+0NEy0r8v4PfvAjGFsZGkdqlUE/XVSmyID
aZGRnIlog3+TRgYKplMqkOqk3ig0dhiXlG9uSuGUQiFQ2gTfRjMK88K0AOrFTxkv
yiU5Bms5lPodmEwDPNLQMldagj94
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:39:57 2025 by rpki-client