Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/5_hBjXj5m-d249WInU-O4AXceNE.roa
File: 5_hBjXj5m-d249WInU-O4AXceNE.roa (raw, json)
Hash identifier: 1zAneMOeAep5elZDDkMnyNHEcxMuKz8LlMA1T8G3pvU=
Subject key identifier: E7:F8:41:8D:78:F9:9B:E7:76:E3:D5:88:9D:4F:8E:E0:05:DC:78:D1
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 01942B0B2885DE66F222379DE54F1770F60B
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/5_hBjXj5m-d249WInU-O4AXceNE.roa
Signing time: Fri 03 Jan 2025 07:22:18 +0000
ROA not before: Fri 03 Jan 2025 07:22:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.39.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 01:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2b:0b:28:85:de:66:f2:22:37:9d:e5:4f:17:70:f6:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Jan 3 07:22:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7f8418d78f99be776e3d5889d4f8ee005dc78d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2a:47:c3:1d:19:ed:1c:48:a3:16:38:6b:56:
3b:14:35:3e:fe:f2:20:de:59:07:43:6b:a0:82:5d:
18:f4:bc:50:f2:aa:a1:b4:c8:f2:46:87:e1:1b:09:
3a:04:ab:79:2d:bd:bd:39:76:ae:23:11:ac:b3:88:
0d:5b:00:b5:cc:ec:b4:13:6a:c8:60:9b:9c:de:f5:
c2:06:d3:20:40:71:b2:25:53:d2:2a:20:51:a0:90:
1f:ec:e3:8d:13:14:d8:d6:5c:10:2f:c4:02:d0:dc:
de:00:83:53:c1:d8:e4:36:5d:73:d6:ea:12:f9:50:
b4:88:26:68:9f:ee:d4:02:bf:9a:53:f8:e7:2f:bd:
25:79:02:c5:01:93:06:66:96:0c:0e:0a:47:d7:e6:
7c:29:df:04:3f:6d:94:d9:b6:54:ee:23:88:36:02:
da:ec:9d:2b:a4:da:af:c7:09:6b:7b:66:49:c1:83:
48:d5:8f:3a:c3:d5:bb:6a:61:5f:4e:cb:b0:3e:9a:
43:e1:db:d0:fe:da:22:c7:41:79:8d:09:7d:4c:ec:
bf:bc:ad:2a:7b:57:89:af:6e:0a:70:5a:a8:60:74:
6d:ca:c2:ed:f9:c8:90:5e:9d:cf:88:da:ee:ee:24:
d6:db:6a:27:7f:22:15:d9:f9:65:e6:cb:b6:1e:29:
83:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F8:41:8D:78:F9:9B:E7:76:E3:D5:88:9D:4F:8E:E0:05:DC:78:D1
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/5_hBjXj5m-d249WInU-O4AXceNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0/24
140.150.12.0/24
140.150.14.0/24
140.150.18.0/23
140.150.21.0-140.150.25.255
140.150.28.0-140.150.42.255
Signature Algorithm: sha256WithRSAEncryption
97:f3:87:49:3f:c5:2b:94:b1:59:97:fe:6c:db:f8:b6:7d:e1:
bc:a0:40:00:30:e0:aa:bb:da:48:a2:fa:c0:c0:75:ae:66:1c:
78:03:20:9b:65:41:52:66:35:21:46:68:88:be:27:c8:ed:67:
b7:ab:87:fe:41:95:94:78:29:41:e1:db:79:14:72:c8:dc:3c:
28:7c:ac:76:3c:04:45:44:a6:03:be:b1:ea:7f:43:65:30:8c:
ab:9c:9d:ad:b3:1c:db:52:74:99:bb:9e:6e:fa:57:94:f6:12:
9f:fc:19:2c:10:6a:e5:e8:0b:6d:04:6e:8f:bf:25:b7:30:9b:
45:3a:68:37:e2:8a:c2:60:8f:df:58:61:08:e0:7f:50:9b:7b:
05:1e:ac:68:06:9d:3e:f7:69:e0:41:b9:13:87:3c:87:b4:12:
a5:a8:9a:a3:4f:2d:37:fb:63:47:a4:d6:5f:45:84:6f:23:76:
b0:d7:32:46:d9:b2:2a:5a:f6:3b:27:88:d3:ff:12:0f:55:cd:
ae:de:62:b7:5f:94:15:d3:2a:62:3c:84:c3:bb:5e:ce:bd:fb:
2b:6f:18:5c:16:5c:de:c4:ea:aa:1b:b8:5e:32:0b:8a:f4:4f:
ea:4d:fd:ec:6c:49:88:a0:86:f1:95:10:e0:e8:78:4e:ae:ec:
f4:c0:52:ad
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQrCyiF3mbyIjed5U8XcPYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMTAzMDcyMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Y4NDE4ZDc4Zjk5YmU3NzZlM2Q1ODg5ZDRmOGVlMDA1ZGM3OGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSpHwx0Z7RxIoxY4a1Y7FDU+/vIg
3lkHQ2uggl0Y9LxQ8qqhtMjyRofhGwk6BKt5Lb29OXauIxGss4gNWwC1zOy0E2rI
YJuc3vXCBtMgQHGyJVPSKiBRoJAf7OONExTY1lwQL8QC0NzeAINTwdjkNl1z1uoS
+VC0iCZon+7UAr+aU/jnL70leQLFAZMGZpYMDgpH1+Z8Kd8EP22U2bZU7iOINgLa
7J0rpNqvxwlre2ZJwYNI1Y86w9W7amFfTsuwPppD4dvQ/toix0F5jQl9TOy/vK0q
e1eJr24KcFqoYHRtysLt+ciQXp3PiNru7iTW22onfyIV2fll5su2HimD1wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFOf4QY14+ZvnduPViJ1PjuAF3HjRMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvNV9oQmpYajVtLWQyNDlXSW5VLU80QVhjZU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDjJYAAwQA
jJYKAwQAjJYMAwQAjJYOAwQBjJYSMAwDBACMlhUDBAGMlhgwDAMEAoyWHAMEAIyW
KjANBgkqhkiG9w0BAQsFAAOCAQEAl/OHST/FK5SxWZf+bNv4tn3hvKBAADDgqrva
SKL6wMB1rmYceAMgm2VBUmY1IUZoiL4nyO1nt6uH/kGVlHgpQeHbeRRyyNw8KHys
djwERUSmA76x6n9DZTCMq5ydrbMc21J0mbuebvpXlPYSn/wZLBBq5egLbQRuj78l
tzCbRTpoN+KKwmCP31hhCOB/UJt7BR6saAadPvdp4EG5E4c8h7QSpaiao08tN/tj
R6TWX0WEbyN2sNcyRtmyKlr2OyeI0/8SD1XNrt5it1+UFdMqYjyEw7tezr37K28Y
XBZc3sTqqhu4XjILivRP6k397GxJiKCG8ZUQ4Oh4Tq7s9MBSrQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 06:28:05 2025 by rpki-client