Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/qGBbkCC09crX-LHNFrhd_ngJlFI.roa
File: qGBbkCC09crX-LHNFrhd_ngJlFI.roa (raw, json)
Hash identifier: soX5WVYzknXltUS+upBRCYfGRY1Ii2fA4czRr9/ZCc4=
Subject key identifier: A8:60:5B:90:20:B4:F5:CA:D7:F8:B1:CD:16:B8:5D:FE:78:09:94:52
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0194EE4583DB36146881ACA245A8B9673655
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/qGBbkCC09crX-LHNFrhd_ngJlFI.roa
Signing time: Mon 10 Feb 2025 05:12:00 +0000
ROA not before: Mon 10 Feb 2025 05:12:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 08:05:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ee:45:83:db:36:14:68:81:ac:a2:45:a8:b9:67:36:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Feb 10 05:12:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8605b9020b4f5cad7f8b1cd16b85dfe78099452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c4:57:e4:8d:d3:11:f6:55:e7:0d:51:e8:81:
34:c9:29:ec:b4:3e:45:16:23:b0:59:c6:bc:8e:06:
8b:cd:76:1c:f7:73:0e:11:14:a6:f8:ba:2e:02:bf:
ac:e5:b8:54:d3:2e:b2:e4:05:28:eb:f5:07:15:6d:
54:41:81:3a:e8:92:b3:27:2c:49:7f:8e:d6:5f:ac:
16:01:42:66:72:95:8e:e6:62:97:d0:ec:30:d4:e5:
eb:40:34:f2:d5:8d:c3:5d:bf:4b:d9:e4:56:22:bf:
7b:bc:31:85:f6:83:a9:95:e5:da:02:c0:30:df:b0:
3c:d4:84:16:6b:4a:10:01:32:15:38:e4:b7:2a:31:
66:64:5f:7f:1f:c3:ee:b2:fe:f5:8c:5f:b2:12:d2:
1c:46:ba:3b:d9:d4:eb:c1:8b:13:28:87:6d:e2:37:
3b:b6:a4:48:fa:9f:b0:95:8f:76:3f:8a:6b:30:9c:
67:83:89:44:c7:ea:04:b9:f6:2c:06:92:ee:29:50:
f9:71:a9:39:f9:bd:59:54:86:c1:b9:4e:5a:72:6a:
67:82:eb:df:74:d8:04:c2:73:48:f7:d9:57:e1:c6:
38:bc:87:ff:10:95:ef:2a:9b:6d:e2:2a:cd:3e:df:
02:fc:5c:1d:fc:5c:6c:df:c0:86:83:a2:75:f3:00:
ed:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:60:5B:90:20:B4:F5:CA:D7:F8:B1:CD:16:B8:5D:FE:78:09:94:52
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/qGBbkCC09crX-LHNFrhd_ngJlFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0/24
140.150.12.0/24
140.150.14.0/23
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
Signature Algorithm: sha256WithRSAEncryption
90:82:a6:a1:b0:0a:d2:e8:c0:49:65:a0:2f:48:0d:15:dc:ea:
0b:37:27:b8:d7:27:6a:4c:52:7a:f4:ea:00:cc:ca:cb:3a:73:
23:fb:7e:94:ee:f7:a9:f7:37:b4:21:14:ef:b8:a6:dd:8f:35:
16:7e:68:2e:bc:01:7e:8f:02:1d:19:7b:0a:66:4a:df:a1:0c:
48:58:42:d7:a0:f4:3c:df:15:6b:ed:75:ee:f7:80:36:3e:29:
c2:1c:cf:f7:b3:61:97:40:e2:69:94:59:6b:50:37:5b:e8:39:
66:1e:ab:eb:8c:d3:c1:3a:9c:c2:d3:30:38:ab:f4:33:7c:86:
c1:65:99:3d:3c:d0:0d:6a:18:1b:3a:6a:22:53:39:7e:83:79:
cd:d4:8a:2d:39:a3:43:7d:50:b8:d9:5b:ef:84:00:41:3f:91:
68:b9:df:c2:f7:2b:5c:32:5a:98:be:eb:06:8e:5e:12:72:24:
0a:9d:98:c8:60:b4:d5:1e:02:9a:55:a9:6f:b0:4b:a1:f5:87:
36:8f:45:03:98:aa:2d:38:3e:b8:eb:4f:a2:63:18:33:80:6d:
cf:33:d5:0a:4b:29:95:e9:3b:be:d8:ae:34:60:c3:9d:e3:37:
fb:f7:92:a8:ac:a2:0c:9a:bf:06:ab:7b:9e:db:f6:47:f8:e1:
52:65:c1:f9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZTuRYPbNhRogayiRai5ZzZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMjEwMDUxMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODYwNWI5MDIwYjRmNWNhZDdmOGIxY2QxNmI4NWRmZTc4MDk5NDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sRX5I3TEfZV5w1R6IE0ySnstD5F
FiOwWca8jgaLzXYc93MOERSm+LouAr+s5bhU0y6y5AUo6/UHFW1UQYE66JKzJyxJ
f47WX6wWAUJmcpWO5mKX0Oww1OXrQDTy1Y3DXb9L2eRWIr97vDGF9oOpleXaAsAw
37A81IQWa0oQATIVOOS3KjFmZF9/H8Pusv71jF+yEtIcRro72dTrwYsTKIdt4jc7
tqRI+p+wlY92P4prMJxng4lEx+oEufYsBpLuKVD5cak5+b1ZVIbBuU5acmpnguvf
dNgEwnNI99lX4cY4vIf/EJXvKptt4irNPt8C/Fwd/Fxs38CGg6J18wDtiwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFKhgW5AgtPXK1/ixzRa4Xf54CZRSMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvcUdCYmtDQzA5Y3JYLUxITkZyaGRfbmdKbEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDjJYAAwQA
jJYKAwQAjJYMAwQBjJYOMAwDBAGMlhIDBACMliYwDAMEA4yWKAMEAIyWLAMEAYyW
LjANBgkqhkiG9w0BAQsFAAOCAQEAkIKmobAK0ujASWWgL0gNFdzqCzcnuNcnakxS
evTqAMzKyzpzI/t+lO73qfc3tCEU77im3Y81Fn5oLrwBfo8CHRl7CmZK36EMSFhC
16D0PN8Va+117veANj4pwhzP97Nhl0DiaZRZa1A3W+g5Zh6r64zTwTqcwtMwOKv0
M3yGwWWZPTzQDWoYGzpqIlM5foN5zdSKLTmjQ31QuNlb74QAQT+RaLnfwvcrXDJa
mL7rBo5eEnIkCp2YyGC01R4CmlWpb7BLofWHNo9FA5iqLTg+uOtPomMYM4BtzzPV
Cksplek7vtiuNGDDneM3+/eSqKyiDJq/Bqt7ntv2R/jhUmXB+Q==
-----END CERTIFICATE-----
Generated at Tue Apr 29 02:16:46 2025 by rpki-client