Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5VFPWw9P5gQCdu0q9aakJCuUV_o.roa
File: 5VFPWw9P5gQCdu0q9aakJCuUV_o.roa (raw, json)
Hash identifier: K94l9F1ysyYkrQ7iqJ9m+M24I94BHeKJJqK0BtZUsb4=
Subject key identifier: E5:51:4F:5B:0F:4F:E6:04:02:76:ED:2A:F5:A6:A4:24:2B:94:57:FA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01967AF3F62C72547D92BA838072A332FB31
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5VFPWw9P5gQCdu0q9aakJCuUV_o.roa
Signing time: Mon 28 Apr 2025 05:52:10 +0000
ROA not before: Mon 28 Apr 2025 05:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 37.202.202.0/24 maxlen: 24
151.240.100.0/24 maxlen: 24
151.241.76.0/24 maxlen: 24
151.242.39.0/24 maxlen: 24
151.242.67.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
151.242.159.0/24 maxlen: 24
151.243.6.0/24 maxlen: 24
151.243.160.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 09 May 2025 05:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7a:f3:f6:2c:72:54:7d:92:ba:83:80:72:a3:32:fb:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 28 05:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5514f5b0f4fe6040276ed2af5a6a4242b9457fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:43:6d:6b:ae:ca:0d:61:df:53:d9:2c:02:9b:
5b:b6:6f:28:84:f9:2b:3c:7b:f4:ad:c9:e4:1f:13:
08:99:4c:10:12:3e:09:a5:4a:39:ca:10:55:67:db:
a1:11:eb:26:82:5b:cc:f3:34:34:2f:e0:09:72:ae:
ee:96:3f:37:f9:11:18:c8:23:c5:e3:4d:6b:b4:40:
ae:a7:cc:c6:dd:e0:ca:4d:05:9f:c5:59:fe:aa:fe:
a5:57:71:30:6b:4e:f8:cf:b2:5e:b4:fa:b7:87:72:
61:75:6b:c2:46:a3:66:b6:cc:27:1a:a7:4f:b4:2d:
e9:78:97:9b:52:78:c3:3a:a8:f3:b3:70:46:0b:c0:
36:2b:fc:20:6a:ce:dd:f8:d3:5a:94:bf:27:c3:26:
9c:fd:02:de:c9:34:cb:81:a7:17:d8:f7:ec:ab:ef:
a4:6d:a1:f5:37:0e:cc:31:7c:5b:e5:3f:ca:14:7f:
dc:e7:e9:d3:02:53:11:0d:5d:da:5f:bd:35:9b:79:
e8:81:81:db:dd:0f:f7:b1:6f:d4:2d:b9:40:93:23:
00:a1:3b:d0:79:b6:13:0d:db:b4:8e:48:14:15:df:
a3:20:85:7b:a2:4d:64:b0:b4:74:26:cd:b4:30:d2:
c2:76:55:5b:54:c2:66:59:31:81:c4:8c:24:04:67:
7c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:51:4F:5B:0F:4F:E6:04:02:76:ED:2A:F5:A6:A4:24:2B:94:57:FA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5VFPWw9P5gQCdu0q9aakJCuUV_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.202.0/24
151.240.100.0/24
151.241.76.0/24
151.242.39.0/24
151.242.67.0/24
151.242.117.0/24
151.242.159.0/24
151.243.6.0/24
151.243.160.0/22
Signature Algorithm: sha256WithRSAEncryption
40:f7:a6:e4:1b:a1:44:a4:27:e0:9a:b6:21:12:21:e9:af:2d:
fd:7b:f5:9d:b6:a6:c3:58:03:36:a7:1d:74:a0:17:00:71:c4:
d5:0d:89:a5:94:5d:01:53:d0:3b:62:85:9f:ed:61:49:6c:fc:
44:e7:ee:b9:b0:4d:45:ed:23:9d:c1:1a:cc:bd:3b:63:be:5c:
7a:c3:f6:8c:60:41:5d:f9:2b:f6:97:91:11:5e:03:f9:b5:9d:
c5:81:6c:16:90:24:db:11:0d:9c:7c:0a:1e:b5:67:db:5c:48:
8f:64:a2:91:4d:72:1e:55:41:1f:13:e7:e4:23:f2:73:0f:8f:
53:42:5c:7a:85:25:00:a1:1d:f0:e5:7f:88:71:c5:13:bf:35:
39:3d:50:62:7a:cc:a8:41:a0:a7:30:38:b9:67:4f:78:b0:2d:
a2:ea:46:7c:b2:15:85:bd:ef:ea:69:77:8e:30:12:0c:cd:4e:
fb:5d:3a:21:27:b3:fc:ba:91:38:2e:21:6f:31:7c:86:a1:5b:
09:99:24:03:cc:0a:5a:1a:44:6b:8a:0b:00:e0:3d:db:b0:d5:
87:64:46:95:62:ad:d2:bf:3d:9d:db:d8:e4:ec:e5:35:19:0b:
66:2c:8b:86:5a:31:c7:7c:6a:aa:3f:24:d5:be:c9:5c:1c:a3:
87:16:89:44
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZZ68/YsclR9krqDgHKjMvsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI4MDU1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTUxNGY1YjBmNGZlNjA0MDI3NmVkMmFmNWE2YTQyNDJiOTQ1N2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0Nta67KDWHfU9ksAptbtm8ohPkr
PHv0rcnkHxMImUwQEj4JpUo5yhBVZ9uhEesmglvM8zQ0L+AJcq7ulj83+REYyCPF
401rtECup8zG3eDKTQWfxVn+qv6lV3Ewa074z7JetPq3h3JhdWvCRqNmtswnGqdP
tC3peJebUnjDOqjzs3BGC8A2K/wgas7d+NNalL8nwyac/QLeyTTLgacX2Pfsq++k
baH1Nw7MMXxb5T/KFH/c5+nTAlMRDV3aX701m3nogYHb3Q/3sW/ULblAkyMAoTvQ
ebYTDdu0jkgUFd+jIIV7ok1ksLR0Js20MNLCdlVbVMJmWTGBxIwkBGd8awIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOVRT1sPT+YEAnbtKvWmpCQrlFf6MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNVZGUFd3OVA1Z1FDZHUwcTlhYWtKQ3VVVl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAJcrKAwQA
l/BkAwQAl/FMAwQAl/InAwQAl/JDAwQAl/J1AwQAl/KfAwQAl/MGAwQCl/OgMA0G
CSqGSIb3DQEBCwUAA4IBAQBA96bkG6FEpCfgmrYhEiHpry39e/WdtqbDWAM2px10
oBcAccTVDYmllF0BU9A7YoWf7WFJbPxE5+65sE1F7SOdwRrMvTtjvlx6w/aMYEFd
+Sv2l5ERXgP5tZ3FgWwWkCTbEQ2cfAoetWfbXEiPZKKRTXIeVUEfE+fkI/JzD49T
Qlx6hSUAoR3w5X+IccUTvzU5PVBiesyoQaCnMDi5Z094sC2i6kZ8shWFve/qaXeO
MBIMzU77XTohJ7P8upE4LiFvMXyGoVsJmSQDzApaGkRrigsA4D3bsNWHZEaVYq3S
vz2d29jk7OU1GQtmLIuGWjHHfGqqPyTVvslcHKOHFolE
-----END CERTIFICATE-----
Generated at Sun May 11 22:52:29 2025 by rpki-client