Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/VydZc2-JZSdvSt-ZcBihQv4es5k.roa
File: VydZc2-JZSdvSt-ZcBihQv4es5k.roa (raw, json)
Hash identifier: XpQ9JSAoH/scaEn/PjN9maLyi+H3kkuxhBl5LURMgtA=
Subject key identifier: 57:27:59:73:6F:89:65:27:6F:4A:DF:99:70:18:A1:42:FE:1E:B3:99
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 01943E6428B67CC1EE20147FCC83C5612EEF
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/VydZc2-JZSdvSt-ZcBihQv4es5k.roa
Signing time: Tue 07 Jan 2025 01:32:18 +0000
ROA not before: Tue 07 Jan 2025 01:32:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 02:28:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3e:64:28:b6:7c:c1:ee:20:14:7f:cc:83:c5:61:2e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Jan 7 01:32:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=572759736f8965276f4adf997018a142fe1eb399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8d:97:d7:1f:70:c6:0b:79:ec:78:70:06:5d:
68:77:c0:c9:29:f9:8c:df:99:d5:ae:37:96:d7:d0:
ad:24:26:f0:90:f7:89:b7:41:94:9d:e1:6d:35:a2:
c5:9d:1e:6a:d8:b8:98:1a:6c:e2:92:6b:dc:b8:d7:
59:00:4d:a3:8d:b3:2b:6d:32:cc:e8:cc:33:67:dc:
8c:f4:69:c3:06:98:8e:31:57:96:14:f7:53:d0:a2:
76:a7:b8:28:71:fe:a8:e6:61:ad:dc:03:5d:95:94:
c3:89:41:2a:ec:d6:92:8c:10:1e:c0:2f:3d:44:39:
e7:16:6d:ba:30:2e:fa:62:58:68:de:d4:8a:48:52:
8d:78:8d:7c:c3:e0:1f:97:59:ed:37:3f:c9:e6:e9:
42:6b:c9:22:e5:82:b5:f0:df:56:f5:e2:36:02:e5:
28:86:cb:45:92:06:44:e4:a1:42:6f:a0:d0:cb:63:
7a:1d:c1:c9:c3:1d:d6:6d:c0:dd:5c:c3:e7:a3:ee:
43:14:12:b9:6f:eb:2b:03:3c:54:4a:1b:15:68:27:
87:b6:46:f0:48:40:f6:5b:0d:11:0e:be:f7:59:e0:
78:d5:9a:5c:5e:c7:3c:c0:49:b6:87:ca:a5:ee:8f:
79:37:f8:07:41:64:4f:f5:cb:54:c8:56:35:06:44:
e3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:27:59:73:6F:89:65:27:6F:4A:DF:99:70:18:A1:42:FE:1E:B3:99
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/VydZc2-JZSdvSt-ZcBihQv4es5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0/24
140.150.12.0/24
140.150.14.0/24
140.150.18.0/23
140.150.21.0-140.150.25.255
140.150.28.0-140.150.38.255
140.150.40.0-140.150.42.255
Signature Algorithm: sha256WithRSAEncryption
47:b2:bf:fc:d1:39:57:b1:bb:c0:14:29:6a:a2:b5:0a:f1:a1:
3b:6c:5b:94:53:9c:9c:88:bd:7a:60:b3:9b:f6:2c:c5:73:7e:
a5:78:14:05:ac:e7:e9:3f:d9:98:c9:40:e6:a7:29:de:dd:3d:
42:83:53:31:3f:67:e1:7b:06:ea:90:7c:f4:6d:f8:b3:98:fb:
ed:73:61:b3:da:92:ca:e6:0a:45:90:31:d2:fe:a8:7b:33:ba:
41:5d:7d:31:b2:18:12:f0:8f:6a:fd:77:e2:09:a9:9c:17:d9:
90:14:31:33:43:84:08:02:0c:87:90:bd:f3:27:84:d1:44:cf:
82:65:2d:99:41:c0:b1:2c:c5:a9:c7:6d:c4:4d:5c:17:95:3d:
3f:36:1f:77:ad:38:89:52:9f:2a:d9:7e:8e:00:4a:0e:ca:e2:
e5:e2:cc:5f:d1:55:c0:06:f1:01:77:58:49:11:49:67:e8:4f:
9e:f5:6a:8e:5c:cd:7d:bc:9f:a0:15:1a:da:1d:3f:f2:76:2f:
cd:05:22:2c:39:0d:ee:36:db:59:b6:37:99:13:e3:73:73:1d:
08:02:28:ca:cf:fb:14:df:9e:75:f3:e6:2d:6a:58:6e:90:03:
7c:44:03:77:ba:41:ba:29:44:32:66:e6:3c:e1:23:b4:14:fb:
c3:dc:49:de
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQ+ZCi2fMHuIBR/zIPFYS7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMTA3MDEzMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzI3NTk3MzZmODk2NTI3NmY0YWRmOTk3MDE4YTE0MmZlMWViMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI2X1x9wxgt57HhwBl1od8DJKfmM
35nVrjeW19CtJCbwkPeJt0GUneFtNaLFnR5q2LiYGmzikmvcuNdZAE2jjbMrbTLM
6MwzZ9yM9GnDBpiOMVeWFPdT0KJ2p7gocf6o5mGt3ANdlZTDiUEq7NaSjBAewC89
RDnnFm26MC76Ylho3tSKSFKNeI18w+Afl1ntNz/J5ulCa8ki5YK18N9W9eI2AuUo
hstFkgZE5KFCb6DQy2N6HcHJwx3WbcDdXMPno+5DFBK5b+srAzxUShsVaCeHtkbw
SED2Ww0RDr73WeB41ZpcXsc8wEm2h8ql7o95N/gHQWRP9ctUyFY1BkTjeQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFcnWXNviWUnb0rfmXAYoUL+HrOZMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvVnlkWmMyLUpaU2R2U3QtWmNCaWhRdjRlczVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQDjJYAAwQA
jJYKAwQAjJYMAwQAjJYOAwQBjJYSMAwDBACMlhUDBAGMlhgwDAMEAoyWHAMEAIyW
JjAMAwQDjJYoAwQAjJYqMA0GCSqGSIb3DQEBCwUAA4IBAQBHsr/80TlXsbvAFClq
orUK8aE7bFuUU5yciL16YLOb9izFc36leBQFrOfpP9mYyUDmpyne3T1Cg1MxP2fh
ewbqkHz0bfizmPvtc2Gz2pLK5gpFkDHS/qh7M7pBXX0xshgS8I9q/XfiCamcF9mQ
FDEzQ4QIAgyHkL3zJ4TRRM+CZS2ZQcCxLMWpx23ETVwXlT0/Nh93rTiJUp8q2X6O
AEoOyuLl4sxf0VXABvEBd1hJEUln6E+e9WqOXM19vJ+gFRraHT/ydi/NBSIsOQ3u
NttZtjeZE+Nzcx0IAijKz/sU35518+YtalhukAN8RAN3ukG6KUQyZuY84SO0FPvD
3Ene
-----END CERTIFICATE-----
Generated at Tue Apr 29 14:23:22 2025 by rpki-client