Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/B52XNMwX9k1FfWOXjY-ex_n7xRY.roa
File: B52XNMwX9k1FfWOXjY-ex_n7xRY.roa (raw, json)
Hash identifier: STXb36OGH/SPJ1vZPJgW5BVUWL3hDmThUNEigTrjjxI=
Subject key identifier: 07:9D:97:34:CC:17:F6:4D:45:7D:63:97:8D:8F:9E:C7:F9:FB:C5:16
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 019425FD6A2FD119EE9E1E8A0F82CC541006
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/B52XNMwX9k1FfWOXjY-ex_n7xRY.roa
Signing time: Thu 02 Jan 2025 07:49:12 +0000
ROA not before: Thu 02 Jan 2025 07:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 03:11:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:6a:2f:d1:19:ee:9e:1e:8a:0f:82:cc:54:10:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Jan 2 07:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=079d9734cc17f64d457d63978d8f9ec7f9fbc516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:06:0d:51:a5:30:ad:65:e4:35:eb:76:7d:50:
df:b8:aa:5b:e1:d9:a9:63:e4:d0:a3:9e:ce:24:fb:
2a:b8:f9:e7:ee:d7:66:aa:85:18:1c:15:ff:4d:cf:
18:57:f1:33:6e:39:f2:4b:44:e1:bf:c8:a7:d2:ae:
51:b7:a2:93:7d:7c:09:76:e3:ee:8e:dc:2b:20:d8:
4a:bb:e7:ba:f1:66:df:a6:4a:b4:f2:c8:6e:56:6e:
3c:85:b3:83:30:e4:3f:69:c4:dd:d0:1b:55:5a:bd:
30:0e:84:41:bc:f2:2e:e1:de:f6:2f:93:39:54:6a:
82:27:10:70:35:0d:95:a0:c0:94:f3:8c:a2:4d:93:
71:5a:21:6a:e3:42:23:c9:2c:84:08:2a:73:c4:4c:
3e:a4:29:d6:1a:51:ce:d0:4f:0f:78:97:05:4c:d4:
a1:b8:df:2a:1c:49:91:46:85:38:42:3f:b4:26:de:
80:15:9e:7a:49:11:43:8b:cc:01:da:18:c4:1d:59:
85:5f:12:d4:77:ca:4f:a6:b4:8f:f3:87:44:92:da:
e7:86:7d:97:3f:fc:66:19:ef:f6:6b:23:e2:f2:06:
d2:a7:70:2e:02:52:cc:98:c2:dc:e9:c1:fd:a5:f4:
b7:37:f3:9d:e9:7e:ff:72:22:c7:ed:e5:90:d2:49:
2e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:9D:97:34:CC:17:F6:4D:45:7D:63:97:8D:8F:9E:C7:F9:FB:C5:16
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/B52XNMwX9k1FfWOXjY-ex_n7xRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0/24
140.150.12.0/24
140.150.14.0/24
140.150.18.0/23
140.150.21.0-140.150.25.255
140.150.28.0-140.150.38.255
Signature Algorithm: sha256WithRSAEncryption
7e:11:50:94:0f:95:5e:26:f5:17:0c:21:08:e8:4c:98:62:e0:
83:bf:e3:0b:b2:4d:61:b8:e3:aa:97:98:02:64:84:45:bf:0b:
b8:76:69:65:ce:cf:33:66:4c:66:72:34:7d:cf:71:4e:50:68:
5f:b4:cd:b6:6e:2b:f9:0a:15:9b:13:d1:cb:39:32:3e:43:49:
b7:b8:f6:be:59:b0:ce:02:f6:45:63:e1:4d:19:5b:87:59:89:
91:ba:c0:a9:4e:8d:b1:fd:1a:67:b4:e2:ba:27:73:6f:fb:18:
8f:cf:41:ac:cb:08:48:87:91:f6:9b:e2:cd:59:01:8c:a1:18:
7c:8f:fe:75:a6:b9:8d:18:22:31:a7:78:60:20:9a:bc:6c:06:
d8:f1:de:b3:75:b3:8c:b1:01:5a:9d:99:0a:e9:ee:87:01:6a:
7a:85:b1:d5:58:40:64:46:3a:53:24:22:b6:d7:6f:7c:c7:51:
4c:3f:eb:db:82:70:34:11:97:34:e7:f2:69:87:55:44:22:b9:
dc:24:44:fe:f3:be:01:5c:82:49:ea:f6:ea:88:36:08:fc:fa:
c9:bd:fd:c0:c8:e1:b6:62:2a:16:4e:4a:52:cb:93:02:f7:0e:
5d:ac:cb:6a:04:f1:f3:8c:de:55:d8:46:f7:12:a7:b3:b1:3c:
30:e0:bc:b3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQl/Wov0Rnunh6KD4LMVBAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMTAyMDc0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzlkOTczNGNjMTdmNjRkNDU3ZDYzOTc4ZDhmOWVjN2Y5ZmJjNTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwYNUaUwrWXkNet2fVDfuKpb4dmp
Y+TQo57OJPsquPnn7tdmqoUYHBX/Tc8YV/EzbjnyS0Thv8in0q5Rt6KTfXwJduPu
jtwrINhKu+e68Wbfpkq08shuVm48hbODMOQ/acTd0BtVWr0wDoRBvPIu4d72L5M5
VGqCJxBwNQ2VoMCU84yiTZNxWiFq40IjySyECCpzxEw+pCnWGlHO0E8PeJcFTNSh
uN8qHEmRRoU4Qj+0Jt6AFZ56SRFDi8wB2hjEHVmFXxLUd8pPprSP84dEktrnhn2X
P/xmGe/2ayPi8gbSp3AuAlLMmMLc6cH9pfS3N/Od6X7/ciLH7eWQ0kkuYQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFAedlzTMF/ZNRX1jl42Pnsf5+8UWMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvQjUyWE5Nd1g5azFGZldPWGpZLWV4X243eFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDjJYAAwQA
jJYKAwQAjJYMAwQAjJYOAwQBjJYSMAwDBACMlhUDBAGMlhgwDAMEAoyWHAMEAIyW
JjANBgkqhkiG9w0BAQsFAAOCAQEAfhFQlA+VXib1FwwhCOhMmGLgg7/jC7JNYbjj
qpeYAmSERb8LuHZpZc7PM2ZMZnI0fc9xTlBoX7TNtm4r+QoVmxPRyzkyPkNJt7j2
vlmwzgL2RWPhTRlbh1mJkbrAqU6Nsf0aZ7Tiuidzb/sYj89BrMsISIeR9pvizVkB
jKEYfI/+daa5jRgiMad4YCCavGwG2PHes3WzjLEBWp2ZCunuhwFqeoWx1VhAZEY6
UyQittdvfMdRTD/r24JwNBGXNOfyaYdVRCK53CRE/vO+AVyCSer26og2CPz6yb39
wMjhtmIqFk5KUsuTAvcOXazLagTx84zeVdhG9xKns7E8MOC8sw==
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:48:30 2025 by rpki-client