Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lq9jxn009t8jzvqrekShrlZZHZI.roa
File: lq9jxn009t8jzvqrekShrlZZHZI.roa (raw, json)
Hash identifier: w8lRdtGIV/yPdQmllrc7p7cIAJBEmKbfgfrdL7mSUAE=
Subject key identifier: 96:AF:63:C6:7D:34:F6:DF:23:CE:FA:AB:7A:44:A1:AE:56:59:1D:92
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194E42C103E9EC7E873ECE387A349C6A2C0
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lq9jxn009t8jzvqrekShrlZZHZI.roa
Signing time: Sat 08 Feb 2025 06:08:00 +0000
ROA not before: Sat 08 Feb 2025 06:08:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.202.205.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.240.105.0/24 maxlen: 24
151.240.140.0/24 maxlen: 24
151.241.110.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.20.0/24 maxlen: 24
151.242.110.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
151.242.255.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
151.243.212.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 12:29:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e4:2c:10:3e:9e:c7:e8:73:ec:e3:87:a3:49:c6:a2:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 8 06:08:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96af63c67d34f6df23cefaab7a44a1ae56591d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c4:61:26:64:c4:05:89:36:f5:4d:5c:91:b1:
1b:ca:a6:ad:28:cd:29:09:e6:2f:df:74:bf:14:ff:
cb:6f:44:57:af:6b:3e:79:76:05:a1:9a:f2:86:6f:
fb:e3:7a:65:16:a7:3c:d2:b2:64:17:6a:95:08:4c:
9f:af:f1:3d:1a:eb:25:0e:02:24:6e:07:d3:c8:36:
7d:d5:09:5c:3c:7b:1a:78:6e:6b:0d:c7:2d:85:a3:
b7:65:7b:07:7e:2c:0f:f8:1c:21:8b:df:cc:5e:ab:
69:14:ec:66:35:08:b8:07:b8:f8:a8:fe:de:f8:16:
4d:ea:98:98:13:71:0b:cd:a9:1a:64:8f:b8:81:2b:
c2:29:7d:ee:51:4d:26:06:d9:cd:3c:c0:16:90:25:
85:89:fe:8b:8e:55:5b:53:a1:d0:18:f7:f5:7a:41:
89:7a:89:3b:07:c5:04:aa:1c:82:4e:e5:25:8a:fa:
db:ad:13:7e:f2:3a:fd:da:09:c8:60:fe:94:b4:f7:
60:71:75:e7:0a:d7:55:9d:cb:7c:df:78:f6:a9:46:
79:98:d4:4b:5b:f9:98:60:db:f5:23:1e:b1:08:9a:
9b:e5:f3:e8:83:c2:3b:9b:14:70:e6:1e:59:f9:23:
0e:c3:ad:6f:3d:27:5d:bb:5e:62:0c:42:d3:58:e9:
86:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AF:63:C6:7D:34:F6:DF:23:CE:FA:AB:7A:44:A1:AE:56:59:1D:92
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lq9jxn009t8jzvqrekShrlZZHZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.205.0/24
37.202.208.0-37.202.210.255
37.202.212.0/23
151.240.105.0/24
151.240.140.0/24
151.241.110.0/24
151.242.14.0/24
151.242.20.0/24
151.242.110.0/24
151.242.117.0/24
151.242.255.0/24
151.243.162.0/24
151.243.212.0/23
Signature Algorithm: sha256WithRSAEncryption
34:ae:3e:65:56:15:05:32:a4:af:2b:2a:9b:d5:27:50:3b:4e:
fe:a9:d0:b6:e8:ee:79:71:03:c4:c7:67:3c:5c:6b:da:e9:5e:
03:aa:c5:a2:f1:36:2e:95:19:d7:91:e9:ec:ae:e7:75:73:cb:
68:26:4b:5e:8e:df:8e:29:0a:39:1d:40:5b:7d:0b:ba:e5:05:
b5:74:ad:7b:f6:56:18:b9:94:be:30:ce:cc:e6:79:68:a8:2c:
6e:bc:e7:c6:db:fd:b3:b9:be:4e:2c:d8:3a:6c:15:26:6e:a2:
da:df:05:47:e7:56:4a:c5:ad:3c:bd:ba:68:30:1e:e8:f3:4f:
4b:33:a4:ea:e4:ec:52:5d:3d:1b:20:8e:02:b1:cd:ae:6b:76:
0f:8c:a0:19:f3:4d:0b:b6:2e:6b:ef:c9:58:56:28:b2:22:8c:
f3:e4:dd:72:05:93:c5:62:cb:6b:09:53:a2:16:8e:82:07:f5:
9e:2d:58:60:a8:7c:a1:34:a9:79:5f:89:ea:90:23:81:f8:8b:
b9:a8:51:ff:3e:10:8c:82:eb:e5:b7:07:5d:9a:10:81:f5:17:
f7:e4:35:0b:be:72:64:4f:ba:36:7f:b5:ad:21:54:bc:61:eb:
1a:90:91:44:ba:2f:15:eb:cc:e5:87:85:1d:23:1b:d6:e0:02:
3d:1f:9d:d3
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZTkLBA+nsfoc+zjh6NJxqLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjA4MDYwODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmFmNjNjNjdkMzRmNmRmMjNjZWZhYWI3YTQ0YTFhZTU2NTkxZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMRhJmTEBYk29U1ckbEbyqatKM0p
CeYv33S/FP/Lb0RXr2s+eXYFoZryhm/743plFqc80rJkF2qVCEyfr/E9GuslDgIk
bgfTyDZ91QlcPHsaeG5rDccthaO3ZXsHfiwP+Bwhi9/MXqtpFOxmNQi4B7j4qP7e
+BZN6piYE3ELzakaZI+4gSvCKX3uUU0mBtnNPMAWkCWFif6LjlVbU6HQGPf1ekGJ
eok7B8UEqhyCTuUlivrbrRN+8jr92gnIYP6UtPdgcXXnCtdVnct833j2qUZ5mNRL
W/mYYNv1Ix6xCJqb5fPog8I7mxRw5h5Z+SMOw61vPSddu15iDELTWOmGKwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFJavY8Z9NPbfI876q3pEoa5WWR2SMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbHE5anhuMDA5dDhqenZxcmVrU2hybFpaSFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAJcrNMAwD
BAQlytADBAAlytIDBAElytQDBACX8GkDBACX8IwDBACX8W4DBACX8g4DBACX8hQD
BACX8m4DBACX8nUDBACX8v8DBACX86IDBAGX89QwDQYJKoZIhvcNAQELBQADggEB
ADSuPmVWFQUypK8rKpvVJ1A7Tv6p0Lbo7nlxA8THZzxca9rpXgOqxaLxNi6VGdeR
6eyu53Vzy2gmS16O344pCjkdQFt9C7rlBbV0rXv2Vhi5lL4wzszmeWioLG6858bb
/bO5vk4s2DpsFSZuotrfBUfnVkrFrTy9umgwHujzT0szpOrk7FJdPRsgjgKxza5r
dg+MoBnzTQu2LmvvyVhWKLIijPPk3XIFk8Viy2sJU6IWjoIH9Z4tWGCofKE0qXlf
ieqQI4H4i7moUf8+EIyC6+W3B12aEIH1F/fkNQu+cmRPujZ/ta0hVLxh6xqQkUS6
LxXrzOWHhR0jG9bgAj0fndM=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:25:26 2025 by rpki-client