Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/PzEfNQmsH1tZAe22BKlFEPUk220.roa
File: PzEfNQmsH1tZAe22BKlFEPUk220.roa (raw, json)
Hash identifier: 5FovKPUmvxrWlHLd6x8pjixKgJPH3PLLwNJYQ5AYKek=
Subject key identifier: 3F:31:1F:35:09:AC:1F:5B:59:01:ED:B6:04:A9:45:10:F5:24:DB:6D
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 01937AF7078E43FEE32CEE1BFB30F5791F4A
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/PzEfNQmsH1tZAe22BKlFEPUk220.roa
Signing time: Sat 30 Nov 2024 02:47:09 +0000
ROA not before: Sat 30 Nov 2024 02:47:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 03:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:7a:f7:07:8e:43:fe:e3:2c:ee:1b:fb:30:f5:79:1f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Nov 30 02:47:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f311f3509ac1f5b5901edb604a94510f524db6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a0:df:8a:1b:9f:0e:6c:a0:24:a4:dc:56:3c:
a1:14:64:b5:f7:9b:7f:0c:84:47:a0:91:49:ac:a1:
c6:59:5e:dd:b2:f7:f1:22:c5:bb:af:77:95:d8:13:
53:e9:f8:c0:de:0c:74:72:fb:45:39:79:26:3f:e5:
72:a2:c3:36:0a:0f:03:2e:57:a5:d6:7c:15:00:7c:
50:43:8e:b5:6c:2d:2a:47:99:2d:e3:22:16:9e:ce:
04:bc:02:46:d4:2f:55:24:e4:59:99:ef:2f:cb:cf:
99:a7:1e:6d:75:61:b4:e0:8b:36:80:d2:f7:8e:8c:
a0:cf:46:2a:00:76:e2:3d:f0:00:e4:b2:bc:f7:b7:
90:e8:88:5d:04:76:42:cf:8a:d5:42:4a:32:04:22:
ff:72:88:6f:8c:29:58:aa:64:9f:b2:6f:99:83:0d:
51:c8:7b:dc:a9:f4:02:0a:ce:b6:ad:a1:7f:24:7a:
94:c6:9c:4d:9f:c4:7a:e8:29:8e:9e:1e:b0:a4:85:
8a:09:36:ad:5c:ab:e7:f1:d3:22:cf:72:66:08:18:
46:b7:cc:c4:da:99:0e:50:44:d0:23:21:98:a6:3c:
f6:8c:8c:48:d0:ce:2e:71:f1:9b:31:77:ce:eb:81:
37:36:d2:63:f6:86:c0:54:95:f6:03:7f:a5:b7:54:
8e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:31:1F:35:09:AC:1F:5B:59:01:ED:B6:04:A9:45:10:F5:24:DB:6D
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/PzEfNQmsH1tZAe22BKlFEPUk220.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0/24
140.150.12.0/24
140.150.18.0/23
140.150.21.0-140.150.25.255
140.150.28.0-140.150.33.255
Signature Algorithm: sha256WithRSAEncryption
03:ad:c8:40:a1:47:93:b0:ef:49:65:ef:83:08:c2:73:4a:79:
81:cc:b8:ff:8a:65:d0:2e:75:5d:fc:33:9a:64:81:61:2a:ae:
7d:ce:67:21:15:64:f9:53:c2:02:9a:76:da:fe:b8:06:48:9f:
2f:a6:65:22:6f:7b:b9:e3:cf:95:d6:c7:39:56:a2:45:a2:98:
89:b4:5e:bb:e3:70:89:d8:5a:20:4a:57:fb:6e:15:2e:b6:e0:
92:50:c1:2f:4b:14:08:05:cd:4a:03:2a:47:45:bd:31:b0:07:
7d:39:fc:5e:a2:a2:fe:7f:a4:1e:4d:36:7c:6c:1a:a7:7e:ce:
bd:68:23:33:42:be:96:77:02:84:22:1d:85:c3:44:0a:ca:53:
78:11:1d:dc:14:79:44:f8:ea:90:9d:b6:21:94:79:cd:81:96:
1a:47:c8:ba:5e:ba:d2:cd:3a:25:2f:92:92:16:7b:3f:a2:55:
6e:ae:35:01:83:08:c9:71:ec:35:35:73:76:7a:11:f0:c4:58:
26:4d:ac:1d:92:be:31:98:e7:a0:e6:32:77:e4:0a:a7:fb:3a:
c5:42:cd:b0:80:26:90:87:18:31:fd:e1:87:4b:ea:61:ee:ff:
56:4d:03:d6:07:0e:43:b9:9c:09:86:88:75:53:a3:31:7f:a3:
27:ee:5f:4f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZN69weOQ/7jLO4b+zD1eR9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjQxMTMwMDI0NzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjMxMWYzNTA5YWMxZjViNTkwMWVkYjYwNGE5NDUxMGY1MjRkYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaDfihufDmygJKTcVjyhFGS195t/
DIRHoJFJrKHGWV7dsvfxIsW7r3eV2BNT6fjA3gx0cvtFOXkmP+VyosM2Cg8DLlel
1nwVAHxQQ461bC0qR5kt4yIWns4EvAJG1C9VJORZme8vy8+Zpx5tdWG04Is2gNL3
joygz0YqAHbiPfAA5LK897eQ6IhdBHZCz4rVQkoyBCL/cohvjClYqmSfsm+Zgw1R
yHvcqfQCCs62raF/JHqUxpxNn8R66CmOnh6wpIWKCTatXKvn8dMiz3JmCBhGt8zE
2pkOUETQIyGYpjz2jIxI0M4ucfGbMXfO64E3NtJj9obAVJX2A3+lt1SO6wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFD8xHzUJrB9bWQHttgSpRRD1JNttMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvUHpFZk5RbXNIMXRaQWUyMkJLbEZFUFVrMjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQDjJYAAwQA
jJYKAwQAjJYMAwQBjJYSMAwDBACMlhUDBAGMlhgwDAMEAoyWHAMEAYyWIDANBgkq
hkiG9w0BAQsFAAOCAQEAA63IQKFHk7DvSWXvgwjCc0p5gcy4/4pl0C51XfwzmmSB
YSqufc5nIRVk+VPCApp22v64BkifL6ZlIm97uePPldbHOVaiRaKYibReu+Nwidha
IEpX+24VLrbgklDBL0sUCAXNSgMqR0W9MbAHfTn8XqKi/n+kHk02fGwap37OvWgj
M0K+lncChCIdhcNECspTeBEd3BR5RPjqkJ22IZR5zYGWGkfIul660s06JS+SkhZ7
P6JVbq41AYMIyXHsNTVzdnoR8MRYJk2sHZK+MZjnoOYyd+QKp/s6xULNsIAmkIcY
Mf3hh0vqYe7/Vk0D1gcOQ7mcCYaIdVOjMX+jJ+5fTw==
-----END CERTIFICATE-----
Generated at Tue Apr 29 02:27:59 2025 by rpki-client