Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Y9EVuA_WrUCksmppRqe9u2D46iA.roa
File: Y9EVuA_WrUCksmppRqe9u2D46iA.roa (raw, json)
Hash identifier: Q12710dN+NIySDnTiGcAK1+ZqbeLq9KOWM2rLZsA8xE=
Subject key identifier: 63:D1:15:B8:0F:D6:AD:40:A4:B2:6A:69:46:A7:BD:BB:60:F8:EA:20
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196D57AB3EEA3ADF77406C5F2E8B68F74B7
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Y9EVuA_WrUCksmppRqe9u2D46iA.roa
Signing time: Thu 15 May 2025 19:45:10 +0000
ROA not before: Thu 15 May 2025 19:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 37.202.202.0/24 maxlen: 24
151.240.17.0/24 maxlen: 24
151.240.100.0/24 maxlen: 24
151.241.76.0/24 maxlen: 24
151.242.39.0/24 maxlen: 24
151.242.67.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
151.242.159.0/24 maxlen: 24
151.243.6.0/24 maxlen: 24
151.243.50.0/24 maxlen: 24
151.243.160.0/22 maxlen: 22
151.245.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 May 2025 09:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d5:7a:b3:ee:a3:ad:f7:74:06:c5:f2:e8:b6:8f:74:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 15 19:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63d115b80fd6ad40a4b26a6946a7bdbb60f8ea20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b0:cb:ec:b7:3a:1a:e4:c7:bd:67:bf:c1:69:
e6:05:53:3b:18:85:8e:f2:42:0b:9f:1e:f0:b5:a4:
6d:af:66:90:3b:bf:f5:90:dd:cb:8c:6f:0e:b4:69:
09:87:84:65:a3:e8:dd:e3:b3:69:cf:26:98:2f:f1:
3e:c8:e3:fb:1d:d9:21:82:da:44:6f:fa:b4:ff:87:
db:a1:ba:40:78:75:12:92:c7:64:5d:92:20:69:8b:
56:fb:a4:64:51:3a:52:9c:b9:91:d8:5c:54:3c:86:
47:9a:d6:02:ab:45:5e:e9:a2:70:17:20:70:60:40:
9a:be:5d:61:df:6b:75:7f:47:5d:37:c6:f1:3b:00:
d1:6b:20:8b:fc:30:59:0e:9f:b0:7d:a9:1f:f7:a8:
ba:cd:4a:29:5c:a0:65:ed:cd:e0:e6:fc:3f:65:08:
79:d3:4e:f7:3a:72:a9:8b:8b:aa:84:b1:a4:7e:b9:
03:c6:c8:92:6d:45:b6:cc:eb:d7:7b:b7:5e:c8:e1:
0c:a7:ae:95:d4:a3:d0:c6:29:cc:c2:a4:a8:12:81:
5e:f4:22:f9:4a:f3:a1:ef:37:16:e0:cc:77:c9:96:
36:fd:c0:80:6a:c0:44:68:a9:1b:f6:51:77:e2:09:
67:56:f7:69:fc:35:b9:95:46:e5:8f:2b:74:3c:05:
7b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D1:15:B8:0F:D6:AD:40:A4:B2:6A:69:46:A7:BD:BB:60:F8:EA:20
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Y9EVuA_WrUCksmppRqe9u2D46iA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.202.0/24
151.240.17.0/24
151.240.100.0/24
151.241.76.0/24
151.242.39.0/24
151.242.67.0/24
151.242.117.0/24
151.242.159.0/24
151.243.6.0/24
151.243.50.0/24
151.243.160.0/22
151.245.112.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:8a:ec:fb:9f:de:24:45:6a:4d:fc:1b:0c:cf:a8:fd:bf:4e:
5a:25:b0:6e:c2:12:94:9a:58:45:c2:4e:c2:af:76:34:b2:23:
ad:45:35:93:7d:2f:e7:f2:ef:fa:1d:a1:c9:7e:61:7a:1d:77:
6d:66:a3:31:41:e8:1a:31:47:63:d2:a1:89:f3:a3:ff:a8:13:
df:a1:0a:a8:c0:d4:dc:aa:5b:3c:0f:24:fe:27:d3:84:3c:07:
5d:0c:81:7e:20:67:b9:6e:15:ed:be:87:ad:c8:aa:fe:6d:bd:
2f:42:8a:1b:72:1e:34:93:e7:de:53:da:2a:dd:c2:96:d1:ac:
1d:5c:8e:3e:bd:0e:68:71:04:29:06:fe:d1:5c:b4:10:2b:79:
33:e9:86:ff:56:69:49:68:68:df:c9:2b:0d:3d:f2:20:21:f3:
af:dc:75:dd:a7:60:da:d4:b9:46:98:67:95:4c:05:1c:12:ee:
31:ce:94:20:99:52:a8:ed:02:32:76:d4:d8:80:54:85:e6:ad:
ff:40:22:a4:e4:f1:85:a2:cd:c9:39:43:0d:c3:2a:8d:e0:ff:
e9:49:97:95:e4:da:1d:e5:1b:ca:94:a3:8e:a0:de:af:03:fb:
0d:a2:23:3b:18:bc:db:87:f8:e1:e8:e7:5a:06:96:a9:74:32:
62:0d:85:d7
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZbVerPuo633dAbF8ui2j3S3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTE1MTk0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2QxMTViODBmZDZhZDQwYTRiMjZhNjk0NmE3YmRiYjYwZjhlYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7DL7Lc6GuTHvWe/wWnmBVM7GIWO
8kILnx7wtaRtr2aQO7/1kN3LjG8OtGkJh4Rlo+jd47NpzyaYL/E+yOP7HdkhgtpE
b/q0/4fbobpAeHUSksdkXZIgaYtW+6RkUTpSnLmR2FxUPIZHmtYCq0Ve6aJwFyBw
YECavl1h32t1f0ddN8bxOwDRayCL/DBZDp+wfakf96i6zUopXKBl7c3g5vw/ZQh5
0073OnKpi4uqhLGkfrkDxsiSbUW2zOvXe7deyOEMp66V1KPQxinMwqSoEoFe9CL5
SvOh7zcW4Mx3yZY2/cCAasBEaKkb9lF34glnVvdp/DW5lUbljyt0PAV74wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGPRFbgP1q1ApLJqaUanvbtg+OogMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWTlFVnVBX1dyVUNrc21wcFJxZTl1MkQ0NmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAJcrKAwQA
l/ARAwQAl/BkAwQAl/FMAwQAl/InAwQAl/JDAwQAl/J1AwQAl/KfAwQAl/MGAwQA
l/MyAwQCl/OgAwQAl/VwMA0GCSqGSIb3DQEBCwUAA4IBAQBbiuz7n94kRWpN/BsM
z6j9v05aJbBuwhKUmlhFwk7Cr3Y0siOtRTWTfS/n8u/6HaHJfmF6HXdtZqMxQega
MUdj0qGJ86P/qBPfoQqowNTcqls8DyT+J9OEPAddDIF+IGe5bhXtvoetyKr+bb0v
Qoobch40k+feU9oq3cKW0awdXI4+vQ5ocQQpBv7RXLQQK3kz6Yb/VmlJaGjfySsN
PfIgIfOv3HXdp2Da1LlGmGeVTAUcEu4xzpQgmVKo7QIydtTYgFSF5q3/QCKk5PGF
os3JOUMNwyqN4P/pSZeV5Nod5RvKlKOOoN6vA/sNoiM7GLzbh/jh6OdaBpapdDJi
DYXX
-----END CERTIFICATE-----
Generated at Wed Jun 18 23:35:05 2025 by rpki-client