Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Eo3Soxc4ZRx7sC5NA7U9TUYprpA.roa
File: Eo3Soxc4ZRx7sC5NA7U9TUYprpA.roa (raw, json)
Hash identifier: wAgzglfGr9FG1Sgj63MFTUd33dpO/MZIrZ+2hbeRajU=
Subject key identifier: 12:8D:D2:A3:17:38:65:1C:7B:B0:2E:4D:03:B5:3D:4D:46:29:AE:90
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 01955B0F3BE9EE829CE1C2173341AAB20567
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Eo3Soxc4ZRx7sC5NA7U9TUYprpA.roa
Signing time: Mon 03 Mar 2025 08:11:19 +0000
ROA not before: Mon 03 Mar 2025 08:11:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.64.0/24 maxlen: 24
146.103.65.0/24 maxlen: 24
146.103.66.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
146.103.68.0/24 maxlen: 24
146.103.71.0/24 maxlen: 24
146.103.73.0/24 maxlen: 24
146.103.74.0/24 maxlen: 24
146.103.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 09:52:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:0f:3b:e9:ee:82:9c:e1:c2:17:33:41:aa:b2:05:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Mar 3 08:11:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=128dd2a31738651c7bb02e4d03b53d4d4629ae90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ab:6c:11:9c:68:d1:fd:d4:be:53:f3:13:e4:
ff:1c:ed:0d:54:22:c4:16:e2:b9:fa:29:be:98:e4:
9e:3d:49:b8:fe:80:86:08:f2:04:e2:3a:e1:93:46:
ef:4b:df:2c:1d:ad:7a:68:5a:89:95:17:f1:82:8b:
b4:75:a9:e9:03:97:6a:23:ce:dc:d0:cf:05:bf:15:
4f:24:fc:e7:a6:21:6d:ed:36:f7:70:5f:7b:8f:a7:
f3:6f:90:2b:c7:5d:09:51:5e:41:b2:a1:17:1c:93:
24:47:c1:d0:07:ad:f6:fc:34:e6:6a:cb:2e:c3:ff:
d6:72:3f:02:6a:1d:4c:4a:f1:7c:fa:ca:8a:d5:66:
a8:fa:64:13:b1:e9:e2:02:51:d2:a2:5d:27:4f:db:
16:9a:c6:95:8c:29:a1:75:9e:2e:7f:9d:47:1a:4d:
13:35:fe:e4:68:5d:f1:f6:42:20:05:2b:c9:76:97:
71:6e:90:6d:de:06:08:5e:24:83:e2:73:45:6c:28:
5a:4d:80:eb:30:e5:25:a5:f5:8a:74:30:40:4c:a5:
1b:3a:8e:61:6a:86:93:0d:b7:ba:e5:6b:14:0a:12:
24:34:b1:7b:7a:72:4b:a0:c2:5a:6c:92:1b:a9:b9:
25:bc:60:38:50:f7:c9:c1:32:86:82:4e:40:34:af:
1a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:8D:D2:A3:17:38:65:1C:7B:B0:2E:4D:03:B5:3D:4D:46:29:AE:90
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Eo3Soxc4ZRx7sC5NA7U9TUYprpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0-140.150.12.255
140.150.14.0/23
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.64.0-146.103.68.255
146.103.71.0/24
146.103.73.0-146.103.75.255
Signature Algorithm: sha256WithRSAEncryption
46:a1:a6:ca:82:ec:e8:7b:ac:1d:78:7d:ca:94:ba:bc:ea:52:
a0:ba:61:39:69:15:83:5b:6a:b0:ea:d3:f9:df:8e:27:4f:f4:
4d:4c:0e:0f:69:10:cb:1f:25:2d:84:b4:1f:33:93:8e:be:ae:
d2:5d:61:52:7a:e1:36:8f:08:b4:57:11:25:2d:a0:1e:cb:99:
4b:a4:d6:26:d9:0d:9c:be:a4:1e:ce:ed:92:71:2f:62:3a:48:
7e:8c:20:14:69:8e:00:bc:34:d2:8f:45:86:8d:a0:d3:dc:32:
57:ed:e9:6e:a5:bd:ef:b9:76:62:5e:bb:73:ae:fd:70:a0:a6:
13:28:f2:a6:04:83:d0:0d:c1:cc:ee:b2:9f:41:84:13:50:67:
e3:f7:6c:3f:1a:47:af:8e:58:ef:7f:ee:79:40:0f:e5:e4:98:
20:86:81:42:8e:21:0d:60:5a:29:3f:c7:ef:46:78:3d:70:04:
56:40:a6:f9:6b:ab:1d:6f:6e:ea:41:38:09:60:24:f6:96:a4:
3f:a9:99:c8:6a:39:38:a6:1e:10:7f:19:6e:f7:05:9f:a4:c9:
d0:08:c9:6b:1a:ba:41:a1:75:3e:a1:dc:34:84:cc:8b:3a:45:
87:72:b2:2b:23:7f:8f:c4:cc:6b:a3:eb:52:d2:7e:ff:68:00:
00:ee:43:f5
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZVbDzvp7oKc4cIXM0GqsgVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMzAzMDgxMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjhkZDJhMzE3Mzg2NTFjN2JiMDJlNGQwM2I1M2Q0ZDQ2MjlhZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qtsEZxo0f3UvlPzE+T/HO0NVCLE
FuK5+im+mOSePUm4/oCGCPIE4jrhk0bvS98sHa16aFqJlRfxgou0danpA5dqI87c
0M8FvxVPJPznpiFt7Tb3cF97j6fzb5Arx10JUV5BsqEXHJMkR8HQB632/DTmassu
w//Wcj8Cah1MSvF8+sqK1Wao+mQTseniAlHSol0nT9sWmsaVjCmhdZ4uf51HGk0T
Nf7kaF3x9kIgBSvJdpdxbpBt3gYIXiSD4nNFbChaTYDrMOUlpfWKdDBATKUbOo5h
aoaTDbe65WsUChIkNLF7enJLoMJabJIbqbklvGA4UPfJwTKGgk5ANK8anQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFBKN0qMXOGUce7AuTQO1PU1GKa6QMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvRW8zU294YzRaUng3c0M1TkE3VTlUVVlwcnBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQDjJYAMAwD
BAGMlgoDBACMlgwDBAGMlg4wDAMEAYyWEgMEAIyWJjAMAwQDjJYoAwQAjJYsAwQB
jJYuMAwDBAaSZ0ADBACSZ0QDBACSZ0cwDAMEAJJnSQMEApJnSDANBgkqhkiG9w0B
AQsFAAOCAQEARqGmyoLs6HusHXh9ypS6vOpSoLphOWkVg1tqsOrT+d+OJ0/0TUwO
D2kQyx8lLYS0HzOTjr6u0l1hUnrhNo8ItFcRJS2gHsuZS6TWJtkNnL6kHs7tknEv
YjpIfowgFGmOALw00o9Fho2g09wyV+3pbqW977l2Yl67c679cKCmEyjypgSD0A3B
zO6yn0GEE1Bn4/dsPxpHr45Y73/ueUAP5eSYIIaBQo4hDWBaKT/H70Z4PXAEVkCm
+WurHW9u6kE4CWAk9pakP6mZyGo5OKYeEH8ZbvcFn6TJ0AjJaxq6QaF1PqHcNITM
izpFh3KyKyN/j8TMa6PrUtJ+/2gAAO5D9Q==
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:20:20 2025 by rpki-client