Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/oeg7qML7A8ommVcZ9VJWumCu00w.roa
File: oeg7qML7A8ommVcZ9VJWumCu00w.roa (raw, json)
Hash identifier: 3cHT14YZ6PN2Bac8N3Dqn3kgfloRZlS7LKi24ZrIN08=
Subject key identifier: A1:E8:3B:A8:C2:FB:03:CA:26:99:57:19:F5:52:56:BA:60:AE:D3:4C
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 019385610CA499BE059D0BE58F8F5530B29D
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/oeg7qML7A8ommVcZ9VJWumCu00w.roa
Signing time: Mon 02 Dec 2024 03:19:10 +0000
ROA not before: Mon 02 Dec 2024 03:19:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Dec 2024 05:58:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:85:61:0c:a4:99:be:05:9d:0b:e5:8f:8f:55:30:b2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Dec 2 03:19:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1e83ba8c2fb03ca26995719f55256ba60aed34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1b:9a:89:63:9a:06:81:d7:ed:ba:ce:75:b6:
a4:0d:48:ab:0b:7c:a8:a4:58:45:7e:ed:ba:15:d7:
f5:40:9b:b3:f4:86:5a:a7:1c:50:cd:4d:54:9b:9e:
4f:bc:65:7f:07:10:6c:c6:17:21:9d:3d:38:de:6d:
56:01:49:00:96:a5:42:b9:d8:29:98:98:73:54:ef:
02:77:9d:9f:23:c6:fa:35:b0:98:87:24:a9:f9:69:
43:ac:78:0c:76:28:f1:06:d3:2b:3c:9a:19:f1:2f:
e0:7c:b5:89:df:f0:72:52:a0:93:75:e0:95:a9:01:
cf:7a:17:0b:47:4a:27:3b:53:69:c5:f5:49:d8:a3:
a3:ca:da:89:f1:3a:fd:7a:94:d9:2d:6c:21:df:bf:
d8:76:f3:7f:19:bd:7c:42:8a:8f:be:ea:10:d3:6b:
f4:08:97:c8:99:ce:80:9f:82:da:21:61:53:76:01:
f2:00:a3:37:64:c6:df:e0:ae:59:dd:d1:62:81:54:
a4:16:30:d3:d6:d0:fb:bb:36:30:74:23:37:44:d3:
9d:42:5f:ee:14:ac:67:45:e0:54:f1:0d:5f:fb:98:
82:9c:16:f3:92:f6:a9:35:73:12:6c:cf:da:60:63:
bc:eb:d0:20:78:14:93:ff:7c:0e:30:e9:52:d1:82:
92:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E8:3B:A8:C2:FB:03:CA:26:99:57:19:F5:52:56:BA:60:AE:D3:4C
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/oeg7qML7A8ommVcZ9VJWumCu00w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0/24
140.150.12.0/24
140.150.18.0/23
140.150.21.0-140.150.25.255
140.150.28.0-140.150.33.255
140.150.35.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:7c:7f:81:e8:28:95:7f:4b:ac:f9:75:96:49:3f:2f:95:62:
7c:a4:50:cd:d2:5a:0e:6e:f3:b5:20:07:a8:95:54:dc:8c:b1:
05:fa:82:30:af:a0:dd:e4:53:a1:6b:f7:e9:f0:53:6d:a2:d9:
69:b9:44:0c:c7:88:be:e2:f9:4f:06:2f:e1:61:ea:fe:5c:66:
16:cc:c5:3d:58:f1:16:63:2f:8c:d6:eb:ec:fd:53:3f:52:4f:
86:9f:ed:51:69:a6:84:ce:c9:f7:47:32:63:69:ff:b3:73:4e:
35:44:69:2c:8f:8a:00:e5:43:28:4e:a6:cc:16:32:4a:99:62:
fc:83:53:02:03:8e:fb:91:fb:08:cb:65:5f:a8:62:e9:ec:0d:
f5:d7:6a:e8:9d:29:6d:76:ea:cf:16:47:5c:36:c3:65:7e:44:
d1:46:13:61:6f:70:e6:2f:b6:7b:03:a6:89:90:f2:0b:61:f6:
55:72:8d:7e:a6:97:44:a5:97:4d:72:d0:ad:2e:a5:d3:89:52:
91:96:ba:57:46:c3:70:07:6a:83:32:4b:87:20:7f:d3:1d:28:
7e:f5:1b:a8:04:19:ec:ed:84:98:8e:5b:08:73:55:33:1d:a1:
eb:cc:38:67:57:db:2d:80:36:25:c6:27:a8:76:36:52:f5:e7:
a7:51:2b:b4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZOFYQykmb4FnQvlj49VMLKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjQxMjAyMDMxOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWU4M2JhOGMyZmIwM2NhMjY5OTU3MTlmNTUyNTZiYTYwYWVkMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhuaiWOaBoHX7brOdbakDUirC3yo
pFhFfu26Fdf1QJuz9IZapxxQzU1Um55PvGV/BxBsxhchnT043m1WAUkAlqVCudgp
mJhzVO8Cd52fI8b6NbCYhySp+WlDrHgMdijxBtMrPJoZ8S/gfLWJ3/ByUqCTdeCV
qQHPehcLR0onO1NpxfVJ2KOjytqJ8Tr9epTZLWwh37/YdvN/Gb18QoqPvuoQ02v0
CJfImc6An4LaIWFTdgHyAKM3ZMbf4K5Z3dFigVSkFjDT1tD7uzYwdCM3RNOdQl/u
FKxnReBU8Q1f+5iCnBbzkvapNXMSbM/aYGO869AgeBST/3wOMOlS0YKSwQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFKHoO6jC+wPKJplXGfVSVrpgrtNMMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvb2VnN3FNTDdBOG9tbVZjWjlWSld1bUN1MDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDjJYAAwQA
jJYKAwQAjJYMAwQBjJYSMAwDBACMlhUDBAGMlhgwDAMEAoyWHAMEAYyWIAMEAIyW
IzANBgkqhkiG9w0BAQsFAAOCAQEAx3x/gegolX9LrPl1lkk/L5VifKRQzdJaDm7z
tSAHqJVU3IyxBfqCMK+g3eRToWv36fBTbaLZablEDMeIvuL5TwYv4WHq/lxmFszF
PVjxFmMvjNbr7P1TP1JPhp/tUWmmhM7J90cyY2n/s3NONURpLI+KAOVDKE6mzBYy
Spli/INTAgOO+5H7CMtlX6hi6ewN9ddq6J0pbXbqzxZHXDbDZX5E0UYTYW9w5i+2
ewOmiZDyC2H2VXKNfqaXRKWXTXLQrS6l04lSkZa6V0bDcAdqgzJLhyB/0x0ofvUb
qAQZ7O2EmI5bCHNVMx2h68w4Z1fbLYA2JcYnqHY2UvXnp1ErtA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:42:27 2025 by rpki-client