Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/CFJ0rQkbpu_9y4UC7J36UcWtiGs.roa
File: CFJ0rQkbpu_9y4UC7J36UcWtiGs.roa (raw, json)
Hash identifier: ESMVpbWK5WW5f9t3oEv55JPtkUaDZtKTGXfpq0jfhIQ=
Subject key identifier: 08:52:74:AD:09:1B:A6:EF:FD:CB:85:02:EC:9D:FA:51:C5:AD:88:6B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01974F2C6345AE4699900E8E8FA816E685A0
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/CFJ0rQkbpu_9y4UC7J36UcWtiGs.roa
Signing time: Sun 08 Jun 2025 10:53:18 +0000
ROA not before: Sun 08 Jun 2025 10:53:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
151.242.190.0/24 maxlen: 24
151.242.194.0/24 maxlen: 24
151.243.7.0/24 maxlen: 24
151.243.10.0/24 maxlen: 24
151.243.152.0/22 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.243.0/24 maxlen: 24
151.244.54.0/24 maxlen: 24
151.245.1.0/24 maxlen: 24
151.245.4.0/24 maxlen: 24
151.245.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jun 2025 05:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4f:2c:63:45:ae:46:99:90:0e:8e:8f:a8:16:e6:85:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 8 10:53:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=085274ad091ba6effdcb8502ec9dfa51c5ad886b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3b:64:02:7d:da:7a:eb:e7:54:af:72:38:49:
36:08:bd:f8:8f:c7:2e:59:41:36:9a:10:7d:a6:da:
e6:d1:76:a7:bc:6f:c9:b1:5e:62:af:45:fb:c5:d8:
7e:5d:b0:25:d1:fe:eb:af:db:4d:fb:f3:a4:39:84:
d2:83:39:5e:0f:50:69:f3:1e:f1:ff:b1:73:cc:5e:
f1:5c:3f:d6:2a:6e:48:ad:48:6a:cc:e2:ec:df:7a:
c6:18:e0:84:82:9c:1f:d0:15:e6:cc:63:89:14:84:
0b:c0:d1:2f:5f:df:2b:b6:ca:7a:c2:ae:1d:b7:39:
c9:68:77:32:e8:80:bb:1c:3d:bb:11:01:f4:12:25:
6c:7d:85:71:f3:86:67:bc:ad:25:b1:00:b7:7a:ea:
62:d7:98:3a:b2:6b:8a:32:b7:ae:f5:fc:d7:2a:b5:
71:c6:30:8d:23:5d:9a:0d:b7:62:40:ea:62:fe:87:
53:3c:07:80:eb:6a:c2:e8:cb:44:99:55:df:ea:4a:
b6:9d:82:21:fe:cc:5b:90:5b:d2:5f:13:65:d3:ba:
8c:d0:1e:fd:6c:82:c4:19:ca:3c:66:32:ca:50:e7:
e2:84:89:7b:b5:a1:5f:88:8c:80:16:f2:64:67:8d:
f0:8d:bc:e1:bb:32:1a:13:c1:34:26:30:b0:25:65:
79:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:52:74:AD:09:1B:A6:EF:FD:CB:85:02:EC:9D:FA:51:C5:AD:88:6B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/CFJ0rQkbpu_9y4UC7J36UcWtiGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
37.202.201.0/24
151.242.190.0/24
151.242.194.0/24
151.243.7.0/24
151.243.10.0/24
151.243.152.0/22
151.243.228.0/24
151.243.243.0/24
151.244.54.0/24
151.245.1.0/24
151.245.4.0/24
151.245.60.0/22
Signature Algorithm: sha256WithRSAEncryption
75:ee:75:47:bc:ea:5b:bb:3a:f4:aa:76:4d:7e:3a:50:9c:e1:
8f:64:4a:33:dc:92:32:8f:49:75:d9:ed:ff:3c:7e:37:f5:ed:
be:a6:51:cc:b4:b3:e8:d0:e2:24:c2:84:50:46:95:aa:8f:d9:
69:f3:c4:76:0b:d2:72:c5:38:0c:5c:cc:65:77:45:69:4c:bb:
3f:fd:27:eb:e0:97:b4:8d:6e:cb:91:73:dc:3e:4c:d3:2f:b0:
cf:19:84:7e:45:49:22:29:7b:29:ad:7a:ce:de:4a:ce:3e:99:
20:08:c7:cd:d5:cf:4d:b6:b0:6c:09:a0:53:03:0e:1e:f8:5a:
7a:42:b3:f7:01:75:1c:0f:12:56:2f:bc:6d:9a:8e:5e:8c:92:
82:10:da:be:c0:9a:6d:f0:b3:34:4b:2d:e1:f6:e5:13:59:49:
0b:f1:fa:6d:3c:76:5c:71:1f:e3:7a:d1:e6:7d:8f:04:d7:0c:
b7:fc:97:50:a1:62:b2:aa:64:a7:71:98:9f:67:32:aa:69:47:
8b:7d:2a:19:66:e4:a7:51:42:98:15:1c:04:74:1d:09:77:8c:
eb:42:b1:02:85:3b:be:b6:02:e4:ee:e3:52:58:4e:3f:50:31:
bb:6e:6c:04:75:55:93:48:d8:5c:fd:c0:ef:1f:87:83:af:33:
4c:48:ee:7a
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZdPLGNFrkaZkA6Oj6gW5oWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjA4MTA1MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODUyNzRhZDA5MWJhNmVmZmRjYjg1MDJlYzlkZmE1MWM1YWQ4ODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDtkAn3aeuvnVK9yOEk2CL34j8cu
WUE2mhB9ptrm0XanvG/JsV5ir0X7xdh+XbAl0f7rr9tN+/OkOYTSgzleD1Bp8x7x
/7FzzF7xXD/WKm5IrUhqzOLs33rGGOCEgpwf0BXmzGOJFIQLwNEvX98rtsp6wq4d
tznJaHcy6IC7HD27EQH0EiVsfYVx84ZnvK0lsQC3eupi15g6smuKMreu9fzXKrVx
xjCNI12aDbdiQOpi/odTPAeA62rC6MtEmVXf6kq2nYIh/sxbkFvSXxNl07qM0B79
bILEGco8ZjLKUOfihIl7taFfiIyAFvJkZ43wjbzhuzIaE8E0JjCwJWV5AwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFAhSdK0JG6bv/cuFAuyd+lHFrYhrMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQ0ZKMHJRa2JwdV85eTRVQzdKMzZVY1d0aUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAJcrCAwQA
JcrJAwQAl/K+AwQAl/LCAwQAl/MHAwQAl/MKAwQCl/OYAwQAl/PkAwQAl/PzAwQA
l/Q2AwQAl/UBAwQAl/UEAwQCl/U8MA0GCSqGSIb3DQEBCwUAA4IBAQB17nVHvOpb
uzr0qnZNfjpQnOGPZEoz3JIyj0l12e3/PH439e2+plHMtLPo0OIkwoRQRpWqj9lp
88R2C9JyxTgMXMxld0VpTLs//Sfr4Je0jW7LkXPcPkzTL7DPGYR+RUkiKXsprXrO
3krOPpkgCMfN1c9NtrBsCaBTAw4e+Fp6QrP3AXUcDxJWL7xtmo5ejJKCENq+wJpt
8LM0Sy3h9uUTWUkL8fptPHZccR/jetHmfY8E1wy3/JdQoWKyqmSncZifZzKqaUeL
fSoZZuSnUUKYFRwEdB0Jd4zrQrEChTu+tgLk7uNSWE4/UDG7bmwEdVWTSNhc/cDv
H4eDrzNMSO56
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:40:26 2025 by rpki-client