Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/dujaJdHmRVifqMWcE8EFYKo7L1s.roa
File: dujaJdHmRVifqMWcE8EFYKo7L1s.roa (raw, json)
Hash identifier: meF9vErQJH/cdCahu3yoNsJ4N8zES6fEMj98ae8cg3s=
Subject key identifier: 76:E8:DA:25:D1:E6:45:58:9F:A8:C5:9C:13:C1:05:60:AA:3B:2F:5B
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0194EE45837C611A22C8F50F08C8817E02ED
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/dujaJdHmRVifqMWcE8EFYKo7L1s.roa
Signing time: Mon 10 Feb 2025 05:12:00 +0000
ROA not before: Mon 10 Feb 2025 05:12:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38107
IP address blocks: 140.150.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 06:14:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ee:45:83:7c:61:1a:22:c8:f5:0f:08:c8:81:7e:02:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Feb 10 05:12:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76e8da25d1e645589fa8c59c13c10560aa3b2f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b7:d4:0c:10:7b:89:fa:72:c4:c8:04:a2:45:
8c:31:c3:69:60:41:8a:5d:87:92:36:a5:c5:c2:77:
e6:b6:e8:22:73:6f:24:2a:0e:ea:11:d1:c6:50:d8:
47:15:19:33:ea:63:f5:d6:24:d5:14:16:3e:3c:11:
1e:a3:10:76:04:e8:d2:56:e5:df:9b:a4:05:ee:67:
c7:04:e1:ea:89:eb:97:39:b2:2b:3d:70:bc:f4:19:
04:b3:f4:74:12:89:ff:b2:43:f6:bf:57:32:d5:0c:
37:5a:64:67:20:e4:f9:e3:cc:d5:04:4a:0f:a7:68:
11:90:00:29:0f:ff:3f:11:b8:df:76:e4:32:96:41:
0d:fe:13:ec:f7:28:53:22:c7:b2:f5:10:06:f4:27:
d3:3f:5a:39:a1:fd:bc:30:95:af:82:27:58:e7:09:
44:26:b0:ec:f4:5f:4c:91:58:24:9b:d2:ae:6b:df:
e9:a1:7c:90:0c:c4:07:cb:71:b6:c6:a9:14:c4:45:
fe:57:6c:f6:ee:c3:dc:3b:ef:54:fb:fd:42:1e:b3:
cb:05:0f:33:26:88:1e:ae:1b:20:5e:05:ea:1f:9b:
e6:bd:09:28:26:c9:5e:ad:1c:d5:16:0a:59:11:b5:
75:9f:36:31:b4:cb:b8:60:82:06:1e:c5:7b:05:95:
ca:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E8:DA:25:D1:E6:45:58:9F:A8:C5:9C:13:C1:05:60:AA:3B:2F:5B
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/dujaJdHmRVifqMWcE8EFYKo7L1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.20.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:08:54:1e:ab:8d:6a:cb:0e:a4:d2:ef:ab:e2:c9:2e:c2:ba:
7d:0d:38:ed:71:c9:a4:83:b3:01:61:5b:b8:af:56:22:4c:6d:
df:0d:9c:51:14:46:f1:b1:73:81:c9:12:d2:68:7c:bc:9c:1b:
bc:fb:85:14:d5:df:03:e4:71:52:76:22:4a:d9:b0:1c:15:52:
b4:f9:82:64:92:d9:c4:41:20:94:b6:9c:f7:0f:ae:84:3f:95:
b3:35:a3:ad:54:22:86:0c:63:70:5f:d2:19:07:51:62:9a:0e:
3d:36:f9:ad:19:9b:4e:4b:76:d3:ca:27:5b:98:a2:b1:eb:ca:
4d:22:0d:fa:a9:71:2a:76:2f:11:03:bf:76:ca:75:ec:03:4a:
0a:c8:c7:7f:d3:7e:15:bb:13:21:33:45:1f:e1:f1:62:b3:d4:
15:dc:fe:31:6a:e9:23:e1:5f:b3:60:1a:c4:5a:c4:f0:24:04:
b3:c3:a8:60:49:35:28:4d:7c:25:b9:89:8c:79:90:16:00:55:
49:fb:56:0f:55:39:75:91:5e:b0:38:4e:c4:3d:55:bf:4b:59:
d1:02:0e:3d:db:31:31:82:5c:b3:d2:36:b2:d0:19:b7:76:d3:
db:8a:1e:a6:46:12:6c:e9:bf:a1:b8:74:a8:0d:03:03:d7:f4:
c0:3f:c8:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTuRYN8YRoiyPUPCMiBfgLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMjEwMDUxMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmU4ZGEyNWQxZTY0NTU4OWZhOGM1OWMxM2MxMDU2MGFhM2IyZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LfUDBB7ifpyxMgEokWMMcNpYEGK
XYeSNqXFwnfmtugic28kKg7qEdHGUNhHFRkz6mP11iTVFBY+PBEeoxB2BOjSVuXf
m6QF7mfHBOHqieuXObIrPXC89BkEs/R0Eon/skP2v1cy1Qw3WmRnIOT548zVBEoP
p2gRkAApD/8/EbjfduQylkEN/hPs9yhTIsey9RAG9CfTP1o5of28MJWvgidY5wlE
JrDs9F9MkVgkm9Kua9/poXyQDMQHy3G2xqkUxEX+V2z27sPcO+9U+/1CHrPLBQ8z
JogerhsgXgXqH5vmvQkoJslerRzVFgpZEbV1nzYxtMu4YIIGHsV7BZXKMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbo2iXR5kVYn6jFnBPBBWCqOy9bMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvZHVqYUpkSG1SVmlmcU1XY0U4RUZZS283TDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjJYUMA0G
CSqGSIb3DQEBCwUAA4IBAQDACFQeq41qyw6k0u+r4skuwrp9DTjtccmkg7MBYVu4
r1YiTG3fDZxRFEbxsXOByRLSaHy8nBu8+4UU1d8D5HFSdiJK2bAcFVK0+YJkktnE
QSCUtpz3D66EP5WzNaOtVCKGDGNwX9IZB1Fimg49NvmtGZtOS3bTyidbmKKx68pN
Ig36qXEqdi8RA792ynXsA0oKyMd/034VuxMhM0Uf4fFis9QV3P4xaukj4V+zYBrE
WsTwJASzw6hgSTUoTXwluYmMeZAWAFVJ+1YPVTl1kV6wOE7EPVW/S1nRAg492zEx
glyz0jay0Bm3dtPbih6mRhJs6b+huHSoDQMD1/TAP8j/
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:20:09 2025 by rpki-client