Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/rxOYpXgz6gx8auW_iVQxURXBRFQ.roa
File: rxOYpXgz6gx8auW_iVQxURXBRFQ.roa (raw, json)
Hash identifier: v6YiOg3nVbI2Tc9FydoGP6tj52Wsh9ohvbB9BVCdTz8=
Subject key identifier: AF:13:98:A5:78:33:EA:0C:7C:6A:E5:BF:89:54:31:51:15:C1:44:54
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01978C3CCA4E8D5A56FBE8C9BDA5989D8890
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/rxOYpXgz6gx8auW_iVQxURXBRFQ.roa
Signing time: Fri 20 Jun 2025 07:28:03 +0000
ROA not before: Fri 20 Jun 2025 07:28:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 37.202.220.0/24 maxlen: 24
151.240.28.0/24 maxlen: 24
151.240.60.0/23 maxlen: 24
151.240.72.0/24 maxlen: 24
151.240.74.0/24 maxlen: 24
151.240.80.0/23 maxlen: 24
151.240.118.0/23 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.13.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.27.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.134.0/24 maxlen: 24
151.242.135.0/24 maxlen: 24
151.242.236.0/22 maxlen: 24
151.243.25.0/24 maxlen: 24
151.243.170.0/24 maxlen: 24
151.243.172.0/24 maxlen: 24
151.244.48.0/24 maxlen: 24
151.244.102.0/24 maxlen: 24
151.245.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Jun 2025 06:21:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:3c:ca:4e:8d:5a:56:fb:e8:c9:bd:a5:98:9d:88:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 20 07:28:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af1398a57833ea0c7c6ae5bf8954315115c14454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:81:34:91:47:de:73:0b:b3:2f:fd:e6:bb:4c:
62:ec:b7:c8:02:85:74:46:71:87:46:2d:20:21:da:
52:8a:3b:c7:26:02:2a:c3:e7:96:5e:9d:2e:63:15:
52:85:29:fe:1a:09:b2:13:10:14:cd:fd:f7:54:07:
b0:dd:42:fe:a0:d0:28:22:6d:e9:df:82:42:a5:19:
40:98:12:f2:7e:9b:ea:46:ca:94:23:8b:39:cb:a7:
02:17:62:6f:ba:18:29:84:f0:5a:bd:3d:60:71:36:
97:d6:15:6a:23:37:24:b1:58:5c:af:8d:66:2b:75:
a3:41:d2:27:f6:ab:2a:95:b8:07:10:e9:4e:d7:cd:
22:50:e9:73:06:2b:ab:42:60:bc:b3:fb:8d:f8:c4:
37:ce:d4:a2:ac:ce:90:fd:72:6f:c7:a0:39:ad:04:
70:81:96:7e:19:e2:ea:a1:ec:45:98:f4:14:f5:22:
69:2b:a7:c0:38:85:11:68:29:d8:a6:3a:1b:13:9a:
50:da:bf:73:a3:ec:58:95:f6:54:c6:34:79:60:ad:
b5:e2:bf:7b:5d:6e:01:d5:79:a7:52:ff:4e:af:1f:
e5:66:5e:a1:19:f7:31:cf:89:c0:28:ee:99:2c:13:
7c:94:70:61:44:f5:f6:9f:d3:dc:a5:66:51:3c:5f:
f7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:13:98:A5:78:33:EA:0C:7C:6A:E5:BF:89:54:31:51:15:C1:44:54
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/rxOYpXgz6gx8auW_iVQxURXBRFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.220.0/24
151.240.28.0/24
151.240.60.0/23
151.240.72.0/24
151.240.74.0/24
151.240.80.0/23
151.240.118.0/23
151.242.4.0/24
151.242.13.0-151.242.14.255
151.242.17.0/24
151.242.27.0/24
151.242.32.0/24
151.242.134.0/23
151.242.236.0/22
151.243.25.0/24
151.243.170.0/24
151.243.172.0/24
151.244.48.0/24
151.244.102.0/24
151.245.64.0/22
Signature Algorithm: sha256WithRSAEncryption
18:ce:37:3f:28:4f:c8:35:9e:f6:af:c5:89:21:00:c9:43:ad:
65:0a:99:50:df:23:71:5e:dd:88:c9:78:9d:30:2f:7b:e1:ad:
94:bc:cd:5b:c2:77:5a:d6:e4:2d:b3:5e:99:77:e6:f7:69:60:
e7:d2:81:d4:f8:54:db:57:c8:30:a8:a8:b5:e5:08:2c:24:8e:
7a:db:af:dc:b7:51:b2:63:6a:73:35:56:90:8d:39:e9:b8:08:
f5:b6:d1:5a:4e:9c:66:dc:09:c6:d0:dc:ef:65:77:d0:90:e5:
89:86:e7:3b:7f:8b:46:b3:72:76:4f:f6:66:75:9d:56:2b:8a:
84:8e:6d:b3:01:50:4c:18:e6:f8:f7:8d:c4:af:51:31:63:77:
4f:3e:f4:3b:28:74:f6:9d:87:4a:42:6b:ac:bc:e6:ac:5d:22:
3e:ec:56:8f:9c:33:c0:24:31:44:30:0d:28:75:65:dc:cb:3e:
fd:08:29:82:02:9d:51:a9:09:42:fb:b3:db:57:4e:a2:28:e1:
7d:c4:0f:92:b5:fd:7e:c9:3a:71:0e:a9:85:9c:b4:01:8d:04:
8e:dd:5f:6b:04:6c:5a:55:d0:a2:05:b8:c4:b0:34:ad:10:48:
0a:78:cf:c5:21:8f:54:7e:1c:30:b0:f5:d3:84:9e:d9:f7:f2:
12:43:d7:30
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZeMPMpOjVpW++jJvaWYnYiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjIwMDcyODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjEzOThhNTc4MzNlYTBjN2M2YWU1YmY4OTU0MzE1MTE1YzE0NDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYE0kUfecwuzL/3mu0xi7LfIAoV0
RnGHRi0gIdpSijvHJgIqw+eWXp0uYxVShSn+GgmyExAUzf33VAew3UL+oNAoIm3p
34JCpRlAmBLyfpvqRsqUI4s5y6cCF2JvuhgphPBavT1gcTaX1hVqIzcksVhcr41m
K3WjQdIn9qsqlbgHEOlO180iUOlzBiurQmC8s/uN+MQ3ztSirM6Q/XJvx6A5rQRw
gZZ+GeLqoexFmPQU9SJpK6fAOIURaCnYpjobE5pQ2r9zo+xYlfZUxjR5YK214r97
XW4B1XmnUv9Orx/lZl6hGfcxz4nAKO6ZLBN8lHBhRPX2n9PcpWZRPF/3YwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFK8TmKV4M+oMfGrlv4lUMVEVwURUMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcnhPWXBYZ3o2Z3g4YXVXX2lWUXhVUlhCUkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAAl
ytwDBACX8BwDBAGX8DwDBACX8EgDBACX8EoDBAGX8FADBAGX8HYDBACX8gQwDAME
AJfyDQMEAJfyDgMEAJfyEQMEAJfyGwMEAJfyIAMEAZfyhgMEApfy7AMEAJfzGQME
AJfzqgMEAJfzrAMEAJf0MAMEAJf0ZgMEApf1QDANBgkqhkiG9w0BAQsFAAOCAQEA
GM43PyhPyDWe9q/FiSEAyUOtZQqZUN8jcV7diMl4nTAve+GtlLzNW8J3WtbkLbNe
mXfm92lg59KB1PhU21fIMKioteUILCSOetuv3LdRsmNqczVWkI056bgI9bbRWk6c
ZtwJxtDc72V30JDliYbnO3+LRrNydk/2ZnWdViuKhI5tswFQTBjm+PeNxK9RMWN3
Tz70Oyh09p2HSkJrrLzmrF0iPuxWj5wzwCQxRDANKHVl3Ms+/QgpggKdUakJQvuz
21dOoijhfcQPkrX9fsk6cQ6phZy0AY0Ejt1fawRsWlXQogW4xLA0rRBICnjPxSGP
VH4cMLD104Se2ffyEkPXMA==
-----END CERTIFICATE-----
Generated at Wed Jul 2 23:58:45 2025 by rpki-client