Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NyJwCJ2TFCSK9VF_MD0OgvrIwj0.roa
File: NyJwCJ2TFCSK9VF_MD0OgvrIwj0.roa (raw, json)
Hash identifier: xsig0WynEiKkENzaNfgKjJSYYeOS++qGDpZkAoqwuDc=
Subject key identifier: 37:22:70:08:9D:93:14:24:8A:F5:51:7F:30:3D:0E:82:FA:C8:C2:3D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7A94F8439BECC0EA61146F43CADAA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NyJwCJ2TFCSK9VF_MD0OgvrIwj0.roa
Signing time: Wed 01 Jan 2025 21:48:43 +0000
ROA not before: Wed 01 Jan 2025 21:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.195.0/24 maxlen: 24
37.202.196.0/24 maxlen: 24
37.202.197.0/24 maxlen: 24
37.202.198.0/24 maxlen: 24
37.202.199.0/24 maxlen: 24
37.202.200.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 05:27:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:a9:4f:84:39:be:cc:0e:a6:11:46:f4:3c:ad:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=372270089d9314248af5517f303d0e82fac8c23d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ee:49:de:13:a6:c1:99:d3:3a:64:72:02:e8:
a9:d1:d0:31:6c:2a:88:1e:66:d1:c7:22:2a:0a:4d:
fa:e9:70:63:8f:80:18:0f:b8:9b:2b:d4:b1:eb:c5:
0f:b0:6a:74:af:2c:e0:5e:ee:dc:8a:6e:af:d6:bf:
49:fc:7f:7d:e6:e5:81:9a:3b:60:13:11:8b:8b:38:
24:2d:9f:21:a9:4b:df:a3:8a:0a:32:79:58:6d:01:
27:75:e0:73:ee:44:a0:d8:73:79:79:1c:f6:d0:7d:
87:79:d3:66:f5:00:af:4d:75:54:a3:ae:ab:98:ed:
6e:f5:73:5c:0b:45:8e:66:9d:52:f0:b8:60:7f:38:
62:a7:1b:72:ee:45:66:33:bf:57:26:8b:92:72:58:
c3:ef:43:bb:8b:61:8a:1c:0a:90:8f:82:e8:b7:f7:
e3:e2:65:aa:63:be:57:d9:08:42:43:47:78:e2:6f:
85:77:4f:ed:5f:67:b1:ee:ad:cc:1f:5b:ee:1c:e4:
ab:6d:71:e9:33:91:76:e0:de:37:c1:40:87:ae:bb:
10:d9:f7:34:0e:70:43:e6:21:79:27:00:e4:47:c0:
d0:6d:3d:17:2b:fb:31:bd:f7:62:a4:12:b6:74:da:
d6:74:70:f1:ac:f6:ce:16:44:c6:5b:db:69:a5:20:
eb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:22:70:08:9D:93:14:24:8A:F5:51:7F:30:3D:0E:82:FA:C8:C2:3D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NyJwCJ2TFCSK9VF_MD0OgvrIwj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.195.0-37.202.201.255
Signature Algorithm: sha256WithRSAEncryption
a8:84:9b:f9:cf:d7:15:85:e0:62:ba:9b:8c:7e:38:1d:57:d7:
98:59:c4:16:f3:0b:61:46:cb:6f:71:46:20:7f:3c:88:81:bc:
e8:a4:8c:4e:83:cd:26:b1:44:84:20:31:41:4e:bd:76:b6:ea:
cc:b1:6e:c9:0d:fa:82:cb:f0:65:c0:4f:67:df:d9:87:77:d0:
19:a3:9d:f8:fb:61:41:42:14:e1:79:d4:3f:04:ec:b7:65:78:
7f:44:b8:bc:e7:72:7c:db:9f:78:3d:64:05:90:1c:0c:10:a1:
19:75:c3:0b:7a:63:f2:af:fc:65:98:51:9e:16:b9:f7:80:27:
16:73:ab:c2:1f:a0:40:0b:03:2b:1f:39:aa:f4:84:b3:ff:8d:
25:8e:65:b5:da:4f:74:f9:a5:ee:fc:a2:e9:23:d2:45:62:1b:
7b:95:1e:e8:dd:34:1d:34:b2:c8:e6:e9:06:2e:4f:b2:0a:24:
05:87:e7:70:d8:79:00:79:d2:3e:72:b3:6f:ec:2f:ba:db:23:
d4:4e:49:e6:58:b0:b4:57:7c:0f:c4:4c:86:69:cd:84:2f:a1:
3d:05:7c:6f:63:06:53:87:f4:c1:6e:ac:36:ca:9b:50:0b:9b:
e7:6f:d3:93:3c:51:51:68:d1:e3:11:bb:b4:06:cf:fe:17:8a:
54:da:0c:33
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQj16lPhDm+zA6mEUb0PK2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzIyNzAwODlkOTMxNDI0OGFmNTUxN2YzMDNkMGU4MmZhYzhjMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2e5J3hOmwZnTOmRyAuip0dAxbCqI
HmbRxyIqCk366XBjj4AYD7ibK9Sx68UPsGp0ryzgXu7cim6v1r9J/H995uWBmjtg
ExGLizgkLZ8hqUvfo4oKMnlYbQEndeBz7kSg2HN5eRz20H2HedNm9QCvTXVUo66r
mO1u9XNcC0WOZp1S8Lhgfzhipxty7kVmM79XJouScljD70O7i2GKHAqQj4Lot/fj
4mWqY75X2QhCQ0d44m+Fd0/tX2ex7q3MH1vuHOSrbXHpM5F24N43wUCHrrsQ2fc0
DnBD5iF5JwDkR8DQbT0XK/sxvfdipBK2dNrWdHDxrPbOFkTGW9tppSDrmQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDcicAidkxQkivVRfzA9DoL6yMI9MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTnlKd0NKMlRGQ1NLOVZGX01EME9ndnJJd2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAJcrBMAwD
BAAlysMDBAElysgwDQYJKoZIhvcNAQELBQADggEBAKiEm/nP1xWF4GK6m4x+OB1X
15hZxBbzC2FGy29xRiB/PIiBvOikjE6DzSaxRIQgMUFOvXa26syxbskN+oLL8GXA
T2ff2Yd30Bmjnfj7YUFCFOF51D8E7LdleH9EuLzncnzbn3g9ZAWQHAwQoRl1wwt6
Y/Kv/GWYUZ4WufeAJxZzq8IfoEALAysfOar0hLP/jSWOZbXaT3T5pe78oukj0kVi
G3uVHujdNB00ssjm6QYuT7IKJAWH53DYeQB50j5ys2/sL7rbI9ROSeZYsLRXfA/E
TIZpzYQvoT0FfG9jBlOH9MFurDbKm1ALm+dv05M8UVFo0eMRu7QGz/4XilTaDDM=
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:29:04 2025 by rpki-client