Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KAmkMblF9I9pFAJQSpWnxDd4DIs.roa
File: KAmkMblF9I9pFAJQSpWnxDd4DIs.roa (raw, json)
Hash identifier: HtvF5pAiDwGCALSHKptD5ppm82TAKKDGeuFQXzy/P+s=
Subject key identifier: 28:09:A4:31:B9:45:F4:8F:69:14:02:50:4A:95:A7:C4:37:78:0C:8B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196759EE9B2DECB742D9DBE808116F15D98
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KAmkMblF9I9pFAJQSpWnxDd4DIs.roa
Signing time: Sun 27 Apr 2025 05:01:10 +0000
ROA not before: Sun 27 Apr 2025 05:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13347
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.195.0/24 maxlen: 24
37.202.196.0/24 maxlen: 24
37.202.197.0/24 maxlen: 24
37.202.198.0/24 maxlen: 24
37.202.199.0/24 maxlen: 24
37.202.200.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
151.243.246.0/24 maxlen: 24
151.243.248.0/24 maxlen: 24
151.243.249.0/24 maxlen: 24
151.243.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 27 Apr 2025 05:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:75:9e:e9:b2:de:cb:74:2d:9d:be:80:81:16:f1:5d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 27 05:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2809a431b945f48f691402504a95a7c437780c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:79:88:97:2f:26:a1:1e:6d:21:ec:10:76:55:
30:30:68:de:fd:94:55:01:a5:fc:44:15:69:2c:55:
8d:39:4a:99:37:79:7a:7c:a5:08:f8:b5:d1:53:84:
8a:6d:cf:e9:56:18:16:39:54:be:44:54:20:4b:a1:
0d:f5:df:76:78:62:c4:21:65:f4:43:a3:31:d6:04:
f4:ca:a5:8d:2f:e1:ff:87:f1:ab:8b:71:41:03:22:
79:93:8e:10:04:4d:28:05:e2:da:36:49:a6:2e:3d:
89:62:ca:4f:9e:26:ca:e1:08:28:e0:d2:b5:eb:96:
18:c4:c7:83:18:96:a7:a4:95:44:9f:4f:32:64:16:
65:f3:d7:2e:26:4c:3c:0a:c2:91:b8:6b:2f:7b:06:
06:5e:c1:71:a2:12:e5:f5:1f:46:47:ac:54:47:01:
da:af:1f:84:a4:c3:6d:8d:f2:fa:1c:5b:dd:bf:1e:
97:41:57:db:4c:75:2e:9c:8e:f8:90:14:43:5c:3c:
d2:d8:20:d2:8f:90:78:7b:dc:f0:ae:2e:23:94:cf:
28:a8:0f:f2:fe:04:10:57:1a:13:73:48:41:d3:cd:
8f:d5:d3:8f:0f:be:ba:b1:14:b3:74:62:4a:f2:51:
b9:99:ce:a8:83:14:1d:b2:90:50:83:12:ca:0d:a0:
d6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:09:A4:31:B9:45:F4:8F:69:14:02:50:4A:95:A7:C4:37:78:0C:8B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KAmkMblF9I9pFAJQSpWnxDd4DIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.195.0-37.202.201.255
151.243.246.0/24
151.243.248.0/23
151.243.252.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:5a:78:c0:0f:24:3d:51:5a:4d:36:99:8d:01:0d:46:fa:20:
1c:3a:60:10:ef:ee:c0:73:0f:4a:d1:de:ed:a6:80:ae:e5:f5:
8d:f6:02:ad:9c:1a:8e:c1:36:a0:a3:cb:4d:b7:ed:f9:74:94:
05:dd:a0:90:bb:0d:ea:a8:f5:5a:4b:4a:46:0f:3d:a3:84:6d:
1a:46:f7:b7:9f:36:67:83:6c:fc:41:68:6c:79:73:64:f7:d0:
14:e2:a6:bb:fb:4b:a4:98:f7:cd:eb:e6:de:7f:b9:a9:2d:2f:
4d:24:ae:a4:b5:be:13:0f:2d:54:a7:0c:cf:a2:2c:9e:73:b7:
e2:15:cf:89:aa:ea:4f:6d:65:24:9c:5b:84:cf:7c:19:85:19:
66:06:67:6b:af:83:09:d9:e1:c7:67:ab:2a:5c:c7:e4:c7:d5:
5d:ab:eb:0c:22:42:17:c1:9f:90:63:18:79:86:8f:f5:63:9f:
d7:3d:e2:f0:0f:05:e8:0c:69:79:a6:3b:97:3e:c6:0f:7a:58:
7d:d5:7a:4a:95:81:54:e8:4b:bb:15:0e:11:ec:44:ab:7e:8e:
94:9b:b1:68:6b:8c:ec:f6:73:0a:4a:f2:1f:df:cb:6e:71:00:
6f:c0:01:a8:5f:69:07:9f:33:66:89:8b:2b:f3:29:e3:f8:1a:
26:cb:4a:73
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZZ1numy3st0LZ2+gIEW8V2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI3MDUwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODA5YTQzMWI5NDVmNDhmNjkxNDAyNTA0YTk1YTdjNDM3NzgwYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HmIly8moR5tIewQdlUwMGje/ZRV
AaX8RBVpLFWNOUqZN3l6fKUI+LXRU4SKbc/pVhgWOVS+RFQgS6EN9d92eGLEIWX0
Q6Mx1gT0yqWNL+H/h/Gri3FBAyJ5k44QBE0oBeLaNkmmLj2JYspPnibK4Qgo4NK1
65YYxMeDGJanpJVEn08yZBZl89cuJkw8CsKRuGsvewYGXsFxohLl9R9GR6xURwHa
rx+EpMNtjfL6HFvdvx6XQVfbTHUunI74kBRDXDzS2CDSj5B4e9zwri4jlM8oqA/y
/gQQVxoTc0hB082P1dOPD766sRSzdGJK8lG5mc6ogxQdspBQgxLKDaDWFQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCgJpDG5RfSPaRQCUEqVp8Q3eAyLMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvS0Fta01ibEY5STlwRkFKUVNwV254RGQ0RElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAJcrBMAwD
BAAlysMDBAElysgDBACX8/YDBAGX8/gDBACX8/wwDQYJKoZIhvcNAQELBQADggEB
AKNaeMAPJD1RWk02mY0BDUb6IBw6YBDv7sBzD0rR3u2mgK7l9Y32Aq2cGo7BNqCj
y0237fl0lAXdoJC7Deqo9VpLSkYPPaOEbRpG97efNmeDbPxBaGx5c2T30BTiprv7
S6SY983r5t5/uaktL00krqS1vhMPLVSnDM+iLJ5zt+IVz4mq6k9tZSScW4TPfBmF
GWYGZ2uvgwnZ4cdnqypcx+TH1V2r6wwiQhfBn5BjGHmGj/Vjn9c94vAPBegMaXmm
O5c+xg96WH3VekqVgVToS7sVDhHsRKt+jpSbsWhrjOz2cwpK8h/fy25xAG/AAahf
aQefM2aJiyvzKeP4GibLSnM=
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:14:26 2025 by rpki-client