Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/kuz6N3WhtAADUvIwLfWBjekA55k.roa
File: kuz6N3WhtAADUvIwLfWBjekA55k.roa (raw, json)
Hash identifier: PkM6YhyhN+MvYIkWNIxMfRkB5Tg2iAv9koV9Gxhzdbk=
Subject key identifier: 92:EC:FA:37:75:A1:B4:00:03:52:F2:30:2D:F5:81:8D:E9:00:E7:99
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 01942A255CAA27D6F3D6F23B9EE80B03C6F9
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/kuz6N3WhtAADUvIwLfWBjekA55k.roa
Signing time: Fri 03 Jan 2025 03:11:18 +0000
ROA not before: Fri 03 Jan 2025 03:11:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 07:21:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2a:25:5c:aa:27:d6:f3:d6:f2:3b:9e:e8:0b:03:c6:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Jan 3 03:11:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92ecfa3775a1b4000352f2302df5818de900e799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:af:0b:89:fd:9e:10:6d:fb:2f:7d:7a:fb:73:
79:22:42:32:b2:ba:5e:88:33:56:98:3f:5c:ac:39:
ad:15:b6:8e:c6:79:60:ab:13:3f:d7:46:8b:2d:b4:
46:ee:5f:0d:71:98:10:54:e7:9e:02:3b:e1:a2:ac:
3d:91:b8:0b:a9:cf:d8:08:9d:5a:0c:fa:0c:e3:f6:
b2:0a:37:55:91:63:22:a4:e5:9b:c2:73:56:e8:0a:
b1:c8:17:cb:f2:f1:63:2f:2e:49:62:92:77:6e:d7:
ad:04:c1:bf:76:12:8f:ef:8d:46:58:f7:fc:9f:04:
39:72:88:b0:ae:2b:20:10:5c:aa:a1:5e:97:70:46:
eb:37:01:c0:0a:80:e0:ce:ca:af:49:06:21:58:b3:
35:88:31:e7:b3:c9:37:0a:8d:97:70:6b:f8:eb:30:
60:a3:9a:69:41:b5:50:1c:67:73:06:6a:84:9c:3a:
d0:e1:09:5b:83:1e:a7:6b:95:81:85:4f:14:e5:7d:
31:ca:41:a2:c2:f1:1f:bc:8e:4f:91:c4:ec:47:6e:
09:6d:42:e4:22:4b:c8:cd:1d:6c:57:ad:b9:b6:2f:
55:3a:47:59:a4:0c:e5:6c:78:63:7d:1a:b2:a0:61:
a1:d5:81:7f:87:45:68:77:f2:4f:f4:26:ef:b4:f3:
23:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:EC:FA:37:75:A1:B4:00:03:52:F2:30:2D:F5:81:8D:E9:00:E7:99
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/kuz6N3WhtAADUvIwLfWBjekA55k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0/24
140.150.12.0/24
140.150.14.0/24
140.150.18.0/23
140.150.21.0-140.150.25.255
140.150.28.0-140.150.39.255
Signature Algorithm: sha256WithRSAEncryption
b8:bd:9f:c1:85:d2:9d:ac:47:a3:fa:5f:2e:b1:f8:60:ee:75:
3e:14:5f:a0:c9:c3:77:6f:93:eb:b0:5b:17:c6:7a:cf:10:e3:
e6:6b:3d:f5:12:3a:ae:f8:23:e9:11:2b:88:fb:57:b2:93:d6:
89:f4:9e:5d:5f:4f:49:57:bf:37:60:5b:77:7d:3f:38:83:14:
9f:af:a2:e2:7f:59:80:be:e8:9b:49:10:b0:40:71:0b:79:c7:
70:1c:67:8d:87:05:93:4c:ee:59:1b:9a:57:f3:6e:08:53:84:
c9:5b:d5:ce:59:4f:24:88:29:8a:9e:18:6f:35:c3:24:d2:7d:
d3:b9:62:80:7f:8d:33:2f:df:ee:af:d2:ee:ec:44:a3:96:c2:
79:21:39:24:ac:0f:a8:8d:2d:bd:ce:56:1b:47:9f:cf:7b:26:
b2:76:b5:df:3b:bc:fc:cd:c8:fd:c3:8e:69:9a:2b:6f:f1:55:
05:a2:3b:d6:be:fa:3c:2b:f9:a1:59:9f:86:d2:1b:22:5d:19:
93:c0:bf:32:94:a8:ab:87:db:6b:b2:75:fa:6e:1f:de:48:8b:
ee:0f:8a:20:6b:d8:32:68:dd:4c:09:1f:b1:43:4a:7a:03:6a:
55:68:9f:2b:1f:06:2f:99:b5:ed:54:95:a7:bb:2a:8a:27:6b:
0e:31:6a:bc
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQqJVyqJ9bz1vI7nugLA8b5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMTAzMDMxMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmVjZmEzNzc1YTFiNDAwMDM1MmYyMzAyZGY1ODE4ZGU5MDBlNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq8Lif2eEG37L316+3N5IkIysrpe
iDNWmD9crDmtFbaOxnlgqxM/10aLLbRG7l8NcZgQVOeeAjvhoqw9kbgLqc/YCJ1a
DPoM4/ayCjdVkWMipOWbwnNW6AqxyBfL8vFjLy5JYpJ3btetBMG/dhKP741GWPf8
nwQ5coiwrisgEFyqoV6XcEbrNwHACoDgzsqvSQYhWLM1iDHns8k3Co2XcGv46zBg
o5ppQbVQHGdzBmqEnDrQ4Qlbgx6na5WBhU8U5X0xykGiwvEfvI5PkcTsR24JbULk
IkvIzR1sV625ti9VOkdZpAzlbHhjfRqyoGGh1YF/h0Vod/JP9CbvtPMjQQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJLs+jd1obQAA1LyMC31gY3pAOeZMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEva3V6Nk4zV2h0QUFEVXZJd0xmV0JqZWtBNTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDjJYAAwQA
jJYKAwQAjJYMAwQAjJYOAwQBjJYSMAwDBACMlhUDBAGMlhgwDAMEAoyWHAMEA4yW
IDANBgkqhkiG9w0BAQsFAAOCAQEAuL2fwYXSnaxHo/pfLrH4YO51PhRfoMnDd2+T
67BbF8Z6zxDj5ms99RI6rvgj6REriPtXspPWifSeXV9PSVe/N2Bbd30/OIMUn6+i
4n9ZgL7om0kQsEBxC3nHcBxnjYcFk0zuWRuaV/NuCFOEyVvVzllPJIgpip4YbzXD
JNJ907ligH+NMy/f7q/S7uxEo5bCeSE5JKwPqI0tvc5WG0efz3smsna13zu8/M3I
/cOOaZorb/FVBaI71r76PCv5oVmfhtIbIl0Zk8C/MpSoq4fba7J1+m4f3kiL7g+K
IGvYMmjdTAkfsUNKegNqVWifKx8GL5m17VSVp7sqiidrDjFqvA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 03:41:38 2025 by rpki-client