Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/8X927y03X-H-k6X5g_dyOk0FUNE.roa
File: 8X927y03X-H-k6X5g_dyOk0FUNE.roa (raw, json)
Hash identifier: yQcb4OtpFmGrl04R2auSCTdXXsz37UiBjFhiaEX7Oa0=
Subject key identifier: F1:7F:76:EF:2D:37:5F:E1:FE:93:A5:F9:83:F7:72:3A:4D:05:50:D1
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 019443BDCA71672454508E4313F9C3E62C78
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/8X927y03X-H-k6X5g_dyOk0FUNE.roa
Signing time: Wed 08 Jan 2025 02:28:18 +0000
ROA not before: Wed 08 Jan 2025 02:28:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 07:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:43:bd:ca:71:67:24:54:50:8e:43:13:f9:c3:e6:2c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Jan 8 02:28:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f17f76ef2d375fe1fe93a5f983f7723a4d0550d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:87:a9:bc:bb:dc:14:17:6d:44:11:65:04:35:
80:ea:68:9d:ef:48:d5:ec:a5:a8:9a:8f:ff:54:70:
8c:2f:49:77:c5:ac:3f:4e:e4:5f:f5:55:67:96:f3:
c5:60:9b:72:51:5c:8c:a5:4f:44:3b:dd:6c:29:fc:
20:ee:61:cd:d1:b0:df:07:78:b7:e2:2c:15:95:e4:
9a:95:b2:d0:0b:82:e6:d4:e5:6b:49:5d:b1:0e:9a:
18:74:98:9e:5d:99:8d:3e:0e:6a:b1:86:5e:d6:6e:
b9:71:68:b5:6e:2d:92:21:ea:e4:d7:3a:9c:bc:a2:
ac:4a:be:e6:d3:ca:0c:ab:d8:e0:71:a8:9d:92:3a:
ac:56:79:e5:96:f4:29:bc:de:46:3e:cd:43:37:88:
79:2e:1e:fe:b1:b9:d7:05:1f:fb:6d:78:c7:4d:70:
de:fd:d8:79:5b:1e:48:5f:df:f3:8c:93:e8:be:57:
4d:d8:fe:8f:6e:6f:3e:99:a4:2a:de:78:60:29:f6:
18:27:39:50:96:7d:46:33:fa:6d:10:b2:89:c5:24:
83:a1:42:3a:0d:9c:4c:3e:94:77:1a:f1:bf:8f:7f:
be:c3:7a:9b:80:68:92:58:fa:e0:20:a3:2e:2d:21:
dd:20:29:ab:0d:99:f4:1e:8d:1f:c3:fe:5b:1d:6b:
39:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:7F:76:EF:2D:37:5F:E1:FE:93:A5:F9:83:F7:72:3A:4D:05:50:D1
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/8X927y03X-H-k6X5g_dyOk0FUNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0/24
140.150.12.0/24
140.150.14.0/24
140.150.18.0/23
140.150.21.0-140.150.25.255
140.150.27.0-140.150.38.255
140.150.40.0-140.150.42.255
Signature Algorithm: sha256WithRSAEncryption
87:ff:1f:06:e3:5f:b4:90:58:17:70:8b:2e:98:27:e8:b8:55:
3d:af:ec:f9:3c:e2:fa:0c:b2:8a:26:47:61:1d:4e:bb:6b:7a:
72:fd:0b:41:5d:a7:79:c8:56:7f:34:44:27:0f:0b:2e:47:60:
f9:dc:cc:b4:83:cc:13:11:40:a4:68:80:b7:86:e9:4f:be:7b:
95:5a:67:68:78:73:87:b2:61:af:37:9a:f5:e1:42:bf:28:05:
55:41:f6:43:cf:b3:75:df:4b:95:54:f5:50:f1:c1:f6:f8:28:
d5:ed:5b:31:1e:97:2b:c7:da:9d:71:35:6a:54:da:12:73:e0:
90:59:ef:5f:a4:0a:7b:d6:d0:f8:61:8b:11:72:4a:eb:94:52:
c5:06:9d:50:8a:42:ae:a7:c8:03:87:38:50:eb:de:ad:19:6f:
6f:e9:b8:04:0e:ff:e6:a6:af:27:01:bf:54:bf:45:0c:8c:11:
b8:74:47:7e:ec:60:f7:ee:e0:a7:a8:4e:dc:35:9f:07:81:6e:
92:6e:5d:9a:2d:79:af:1f:2a:35:9d:96:74:83:36:eb:db:c3:
a1:63:0a:36:73:0c:ac:d9:8c:1d:28:fb:7d:24:39:e9:75:9d:
91:b2:ed:48:6c:26:84:22:4c:6b:45:f7:5f:5d:b8:c6:56:93:
ec:a4:46:2f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZRDvcpxZyRUUI5DE/nD5ix4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMTA4MDIyODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTdmNzZlZjJkMzc1ZmUxZmU5M2E1Zjk4M2Y3NzIzYTRkMDU1MGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIepvLvcFBdtRBFlBDWA6mid70jV
7KWomo//VHCML0l3xaw/TuRf9VVnlvPFYJtyUVyMpU9EO91sKfwg7mHN0bDfB3i3
4iwVleSalbLQC4Lm1OVrSV2xDpoYdJieXZmNPg5qsYZe1m65cWi1bi2SIerk1zqc
vKKsSr7m08oMq9jgcaidkjqsVnnllvQpvN5GPs1DN4h5Lh7+sbnXBR/7bXjHTXDe
/dh5Wx5IX9/zjJPovldN2P6Pbm8+maQq3nhgKfYYJzlQln1GM/ptELKJxSSDoUI6
DZxMPpR3GvG/j3++w3qbgGiSWPrgIKMuLSHdICmrDZn0Ho0fw/5bHWs5MwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPF/du8tN1/h/pOl+YP3cjpNBVDRMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvOFg5Mjd5MDNYLUgtazZYNWdfZHlPazBGVU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQDjJYAAwQA
jJYKAwQAjJYMAwQAjJYOAwQBjJYSMAwDBACMlhUDBAGMlhgwDAMEAIyWGwMEAIyW
JjAMAwQDjJYoAwQAjJYqMA0GCSqGSIb3DQEBCwUAA4IBAQCH/x8G41+0kFgXcIsu
mCfouFU9r+z5POL6DLKKJkdhHU67a3py/QtBXad5yFZ/NEQnDwsuR2D53My0g8wT
EUCkaIC3hulPvnuVWmdoeHOHsmGvN5r14UK/KAVVQfZDz7N130uVVPVQ8cH2+CjV
7VsxHpcrx9qdcTVqVNoSc+CQWe9fpAp71tD4YYsRckrrlFLFBp1QikKup8gDhzhQ
696tGW9v6bgEDv/mpq8nAb9Uv0UMjBG4dEd+7GD37uCnqE7cNZ8HgW6Sbl2aLXmv
Hyo1nZZ0gzbr28OhYwo2cwys2YwdKPt9JDnpdZ2Rsu1IbCaEIkxrRfdfXbjGVpPs
pEYv
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:36:08 2025 by rpki-client