Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/S97j2f0DeuqrNwKqHne4KxSE9ZA.roa
File: S97j2f0DeuqrNwKqHne4KxSE9ZA.roa (raw, json)
Hash identifier: EwJTguM2TSgsFNE3nlrlfbKdrkNNUdRMZYnEYZYnKNU=
Subject key identifier: 4B:DE:E3:D9:FD:03:7A:EA:AB:37:02:AA:1E:77:B8:2B:14:84:F5:90
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198664D7AAF18D3A726304B52FA34026D17
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/S97j2f0DeuqrNwKqHne4KxSE9ZA.roa
Signing time: Fri 01 Aug 2025 15:43:30 +0000
ROA not before: Fri 01 Aug 2025 15:43:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 37.202.220.0/24 maxlen: 24
151.240.8.0/24 maxlen: 24
151.240.28.0/24 maxlen: 24
151.240.60.0/23 maxlen: 24
151.240.72.0/24 maxlen: 24
151.240.74.0/24 maxlen: 24
151.240.80.0/23 maxlen: 24
151.240.110.0/24 maxlen: 24
151.240.118.0/23 maxlen: 24
151.240.148.0/23 maxlen: 24
151.240.226.0/23 maxlen: 24
151.240.247.0/24 maxlen: 24
151.240.249.0/24 maxlen: 24
151.240.250.0/24 maxlen: 24
151.240.251.0/24 maxlen: 24
151.240.252.0/24 maxlen: 24
151.240.253.0/24 maxlen: 24
151.241.127.0/24 maxlen: 24
151.242.76.0/23 maxlen: 24
151.242.134.0/24 maxlen: 24
151.242.135.0/24 maxlen: 24
151.242.156.0/23 maxlen: 24
151.242.236.0/22 maxlen: 24
151.243.25.0/24 maxlen: 24
151.243.148.0/23 maxlen: 24
151.243.170.0/24 maxlen: 24
151.243.172.0/24 maxlen: 24
151.244.48.0/24 maxlen: 24
151.244.102.0/24 maxlen: 24
151.244.196.0/24 maxlen: 24
151.244.226.0/23 maxlen: 24
151.245.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Aug 2025 10:34:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:66:4d:7a:af:18:d3:a7:26:30:4b:52:fa:34:02:6d:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 1 15:43:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4bdee3d9fd037aeaab3702aa1e77b82b1484f590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2c:36:2b:16:e7:fe:8e:87:14:57:10:69:d5:
aa:b4:c5:eb:63:58:dd:59:8d:c0:95:78:01:e4:8f:
8e:39:01:0d:d0:e3:5e:63:05:6d:35:13:0a:63:65:
11:38:7f:67:57:85:6c:fb:fc:46:83:05:24:b5:06:
68:e9:41:12:79:b4:5d:0d:65:41:28:8e:73:24:f3:
75:1c:90:5c:68:ac:d4:05:ec:01:a5:bc:0e:3c:6b:
ae:01:13:f1:75:45:0d:71:77:a8:05:bc:1d:17:0f:
4a:f6:03:f5:91:e2:57:30:4c:8b:7e:ca:9a:70:aa:
00:c7:4a:a7:3d:2e:c3:a8:ab:7b:b6:82:82:a0:4f:
6e:9a:e0:d4:54:32:71:d7:50:9f:11:f4:05:57:9b:
cf:87:62:49:d4:94:e2:e6:d8:7d:df:9a:d0:83:01:
b8:54:21:c2:1c:12:67:f7:c7:7c:75:68:e6:a5:97:
4d:29:a1:02:3d:ab:d4:8e:63:af:53:d1:36:8a:0d:
11:b6:98:a6:c9:1b:5f:00:98:1b:46:d6:a7:b2:2b:
e9:60:85:c4:bd:46:fb:50:a4:6f:83:56:d1:38:ce:
a0:34:d2:4f:61:6f:35:77:6d:da:6c:a4:cb:f4:fb:
ca:a7:b8:c9:30:19:94:97:74:92:04:0c:91:3f:1f:
ce:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DE:E3:D9:FD:03:7A:EA:AB:37:02:AA:1E:77:B8:2B:14:84:F5:90
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/S97j2f0DeuqrNwKqHne4KxSE9ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.220.0/24
151.240.8.0/24
151.240.28.0/24
151.240.60.0/23
151.240.72.0/24
151.240.74.0/24
151.240.80.0/23
151.240.110.0/24
151.240.118.0/23
151.240.148.0/23
151.240.226.0/23
151.240.247.0/24
151.240.249.0-151.240.253.255
151.241.127.0/24
151.242.76.0/23
151.242.134.0/23
151.242.156.0/23
151.242.236.0/22
151.243.25.0/24
151.243.148.0/23
151.243.170.0/24
151.243.172.0/24
151.244.48.0/24
151.244.102.0/24
151.244.196.0/24
151.244.226.0/23
151.245.64.0/22
Signature Algorithm: sha256WithRSAEncryption
80:03:4f:b1:4e:d1:e8:47:14:db:51:29:57:5a:2b:dd:0c:3f:
47:a7:11:dd:33:29:87:00:85:8f:2d:a0:36:6a:b6:40:e1:ce:
a0:11:59:55:1b:da:ef:27:90:58:6a:4c:96:6b:ed:0b:ce:a6:
c2:40:0e:e6:ec:2e:2d:18:27:e7:6c:c4:f8:b1:94:3b:f7:88:
c7:7c:e2:c5:49:c4:b2:b3:d8:f8:d0:16:24:39:d5:6c:c7:e8:
ac:7d:70:5d:82:27:71:8f:8a:1c:3b:90:14:dc:fd:70:7f:96:
23:45:22:30:2c:38:08:65:37:fa:b4:51:05:af:a9:cc:35:12:
0c:7b:03:ef:c2:b9:28:b8:59:15:60:0e:fd:e8:35:15:34:21:
2b:08:3f:98:15:16:11:a8:22:34:72:f9:9d:fc:69:a2:c7:6e:
85:1c:51:97:32:64:cc:4f:8b:eb:4d:1c:af:90:42:a8:5a:59:
fd:17:4a:61:b6:9a:88:8c:b0:a5:a7:30:e4:4c:2d:19:75:b3:
f3:2a:68:1e:28:85:58:fc:c7:9e:03:73:da:01:7f:1f:44:80:
9a:67:c1:af:8b:c6:b5:4e:aa:e4:2b:7c:db:59:60:25:6e:f5:
c0:7e:5d:ae:31:67:d1:ac:5f:77:79:b4:8e:39:04:9f:f8:31:
81:31:4d:06
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAZhmTXqvGNOnJjBLUvo0Am0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODAxMTU0MzMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmRlZTNkOWZkMDM3YWVhYWIzNzAyYWExZTc3YjgyYjE0ODRmNTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCw2Kxbn/o6HFFcQadWqtMXrY1jd
WY3AlXgB5I+OOQEN0ONeYwVtNRMKY2UROH9nV4Vs+/xGgwUktQZo6UESebRdDWVB
KI5zJPN1HJBcaKzUBewBpbwOPGuuARPxdUUNcXeoBbwdFw9K9gP1keJXMEyLfsqa
cKoAx0qnPS7DqKt7toKCoE9umuDUVDJx11CfEfQFV5vPh2JJ1JTi5th935rQgwG4
VCHCHBJn98d8dWjmpZdNKaECPavUjmOvU9E2ig0RtpimyRtfAJgbRtansivpYIXE
vUb7UKRvg1bROM6gNNJPYW81d23abKTL9PvKp7jJMBmUl3SSBAyRPx/OcwIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFEve49n9A3rqqzcCqh53uCsUhPWQMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUzk3ajJmMERldXFyTndLcUhuZTRLeFNFOVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAAl
ytwDBACX8AgDBACX8BwDBAGX8DwDBACX8EgDBACX8EoDBAGX8FADBACX8G4DBAGX
8HYDBAGX8JQDBAGX8OIDBACX8PcwDAMEAJfw+QMEAZfw/AMEAJfxfwMEAZfyTAME
AZfyhgMEAZfynAMEApfy7AMEAJfzGQMEAZfzlAMEAJfzqgMEAJfzrAMEAJf0MAME
AJf0ZgMEAJf0xAMEAZf04gMEApf1QDANBgkqhkiG9w0BAQsFAAOCAQEAgANPsU7R
6EcU21EpV1or3Qw/R6cR3TMphwCFjy2gNmq2QOHOoBFZVRva7yeQWGpMlmvtC86m
wkAO5uwuLRgn52zE+LGUO/eIx3zixUnEsrPY+NAWJDnVbMforH1wXYIncY+KHDuQ
FNz9cH+WI0UiMCw4CGU3+rRRBa+pzDUSDHsD78K5KLhZFWAO/eg1FTQhKwg/mBUW
EagiNHL5nfxposduhRxRlzJkzE+L600cr5BCqFpZ/RdKYbaaiIywpacw5EwtGXWz
8ypoHiiFWPzHngNz2gF/H0SAmmfBr4vGtU6q5Ct821lgJW71wH5drjFn0axfd3m0
jjkEn/gxgTFNBg==
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:47:16 2025 by rpki-client