Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/YkxBgRSHJ6dzjplIxwqto1_FCIQ.roa
File: YkxBgRSHJ6dzjplIxwqto1_FCIQ.roa (raw, json)
Hash identifier: EPVQAc8jtOr9r3HXvviGUYusEo8XZQfoApmNZefnfXY=
Subject key identifier: 62:4C:41:81:14:87:27:A7:73:8E:99:48:C7:0A:AD:A3:5F:C5:08:84
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 019646D2503CE04CD28F2BDAACEC83DABDD5
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/YkxBgRSHJ6dzjplIxwqto1_FCIQ.roa
Signing time: Fri 18 Apr 2025 02:55:10 +0000
ROA not before: Fri 18 Apr 2025 02:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.64.0/24 maxlen: 24
146.103.65.0/24 maxlen: 24
146.103.66.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
146.103.68.0/24 maxlen: 24
146.103.71.0/24 maxlen: 24
146.103.73.0/24 maxlen: 24
146.103.74.0/24 maxlen: 24
146.103.75.0/24 maxlen: 24
146.103.76.0/24 maxlen: 24
146.103.77.0/24 maxlen: 24
146.103.78.0/24 maxlen: 24
146.103.79.0/24 maxlen: 24
146.103.80.0/24 maxlen: 24
146.103.81.0/24 maxlen: 24
146.103.82.0/24 maxlen: 24
146.103.83.0/24 maxlen: 24
146.103.84.0/24 maxlen: 24
146.103.85.0/24 maxlen: 24
146.103.86.0/24 maxlen: 24
146.103.87.0/24 maxlen: 24
146.103.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Apr 2025 10:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:46:d2:50:3c:e0:4c:d2:8f:2b:da:ac:ec:83:da:bd:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Apr 18 02:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=624c4181148727a7738e9948c70aada35fc50884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:41:61:b4:7e:a1:aa:ab:64:20:3e:e9:cd:a0:
b4:d7:a0:82:a8:2d:4c:96:b0:89:76:06:d6:be:34:
0e:98:c0:7d:9a:c0:30:54:71:dc:90:b8:36:44:37:
6e:27:f2:34:05:51:cc:77:1b:c3:48:0b:76:29:67:
86:a8:d6:b8:f6:4c:e3:59:70:11:ba:73:05:21:42:
18:9a:6e:73:14:b7:0f:a9:3b:38:1c:d7:f5:9b:54:
1f:83:f1:88:15:f5:70:01:31:55:db:ed:59:97:c7:
97:75:cb:e4:77:29:df:60:75:1a:94:42:00:45:8a:
c5:4a:d3:20:1b:0a:5c:a4:a9:88:fe:4e:14:5d:52:
0f:de:6f:74:31:1a:1b:d3:c7:78:9d:2f:e0:fb:04:
05:ca:be:a0:5b:ca:46:45:11:d6:c0:ec:ec:fe:50:
7e:07:42:61:b8:94:81:a9:2d:ed:55:23:98:5a:34:
ac:16:a8:29:f6:77:ee:c0:89:0c:69:71:9f:e7:df:
7b:e4:0c:5c:bd:b7:bd:ee:11:25:70:44:6b:a6:d7:
e6:02:00:29:a2:ee:31:5c:b8:65:aa:d8:ab:62:6b:
3c:82:85:26:3d:92:af:1c:b6:24:f3:c7:20:83:0a:
4d:37:dc:12:3f:85:6d:e5:06:1b:4d:10:6a:d9:20:
29:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4C:41:81:14:87:27:A7:73:8E:99:48:C7:0A:AD:A3:5F:C5:08:84
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/YkxBgRSHJ6dzjplIxwqto1_FCIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0-140.150.12.255
140.150.14.0/23
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.64.0-146.103.68.255
146.103.71.0/24
146.103.73.0-146.103.88.255
Signature Algorithm: sha256WithRSAEncryption
a5:de:01:2e:44:4b:a6:95:c6:09:8f:39:61:32:c4:7b:37:26:
7b:1b:24:74:d6:63:cf:0b:c0:74:d0:da:c3:2a:37:2c:63:31:
74:33:c0:e9:0b:3e:47:5d:b5:6e:4d:73:19:4f:39:c6:82:ab:
97:11:f4:7e:31:63:12:98:33:7e:7a:10:91:5a:5c:d0:e9:7d:
fc:bb:d8:04:2a:bc:94:9e:01:66:07:96:cc:a5:b8:1b:10:b4:
cf:21:19:29:39:2a:3f:7a:a7:c6:71:7a:2e:00:e3:fa:8b:d7:
b7:22:da:69:51:b0:ab:d5:49:8d:6a:57:2e:21:4d:07:a8:e2:
2b:6b:59:f5:29:e9:97:76:a4:c5:02:86:34:c2:b3:14:1c:4d:
ae:e5:4b:96:92:78:46:f0:7b:16:16:1b:f1:9d:f0:e7:50:57:
c7:55:64:42:f4:1a:92:95:02:c4:a9:6c:0f:96:75:06:b8:68:
93:04:b3:75:d4:0f:71:f3:1f:b8:35:37:be:73:11:9c:08:67:
11:fd:03:68:79:f1:0c:54:b0:fe:d8:e7:6d:41:3a:8c:3a:6b:
b4:77:3a:42:72:a9:2b:9b:2a:31:2d:64:93:8b:d1:22:64:6e:
64:40:ed:af:4e:87:f9:5e:ad:65:cf:cd:da:56:a0:b2:ff:44:
3f:72:63:c6
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZZG0lA84EzSjyvarOyD2r3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwNDE4MDI1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRjNDE4MTE0ODcyN2E3NzM4ZTk5NDhjNzBhYWRhMzVmYzUwODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUFhtH6hqqtkID7pzaC016CCqC1M
lrCJdgbWvjQOmMB9msAwVHHckLg2RDduJ/I0BVHMdxvDSAt2KWeGqNa49kzjWXAR
unMFIUIYmm5zFLcPqTs4HNf1m1Qfg/GIFfVwATFV2+1Zl8eXdcvkdynfYHUalEIA
RYrFStMgGwpcpKmI/k4UXVIP3m90MRob08d4nS/g+wQFyr6gW8pGRRHWwOzs/lB+
B0JhuJSBqS3tVSOYWjSsFqgp9nfuwIkMaXGf59975Axcvbe97hElcERrptfmAgAp
ou4xXLhlqtirYms8goUmPZKvHLYk88cggwpNN9wSP4Vt5QYbTRBq2SApRQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFGJMQYEUhyenc46ZSMcKraNfxQiEMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvWWt4QmdSU0hKNmR6anBsSXh3cXRvMV9GQ0lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQDjJYAMAwD
BAGMlgoDBACMlgwDBAGMlg4wDAMEAYyWEgMEAIyWJjAMAwQDjJYoAwQAjJYsAwQB
jJYuMAwDBAaSZ0ADBACSZ0QDBACSZ0cwDAMEAJJnSQMEAJJnWDANBgkqhkiG9w0B
AQsFAAOCAQEApd4BLkRLppXGCY85YTLEezcmexskdNZjzwvAdNDawyo3LGMxdDPA
6Qs+R121bk1zGU85xoKrlxH0fjFjEpgzfnoQkVpc0Ol9/LvYBCq8lJ4BZgeWzKW4
GxC0zyEZKTkqP3qnxnF6LgDj+ovXtyLaaVGwq9VJjWpXLiFNB6jiK2tZ9Snpl3ak
xQKGNMKzFBxNruVLlpJ4RvB7FhYb8Z3w51BXx1VkQvQakpUCxKlsD5Z1BrhokwSz
ddQPcfMfuDU3vnMRnAhnEf0DaHnxDFSw/tjnbUE6jDprtHc6QnKpK5sqMS1kk4vR
ImRuZEDtr06H+V6tZc/N2lagsv9EP3Jjxg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 14:24:34 2025 by rpki-client