Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/tdnGrG1H3igTnc2K1j8g5xqGE3o.roa
File: tdnGrG1H3igTnc2K1j8g5xqGE3o.roa (raw, json)
Hash identifier: Mznosml4KvkUIV77LfoLSRU5xa9di/RBKiE7NNPB9Jk=
Subject key identifier: B5:D9:C6:AC:6D:47:DE:28:13:9D:CD:8A:D6:3F:20:E7:1A:86:13:7A
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0194F8D6ED519B7B00AF2926832DD32760DE
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/tdnGrG1H3igTnc2K1j8g5xqGE3o.roa
Signing time: Wed 12 Feb 2025 06:27:02 +0000
ROA not before: Wed 12 Feb 2025 06:27:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 07:17:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f8:d6:ed:51:9b:7b:00:af:29:26:83:2d:d3:27:60:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Feb 12 06:27:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5d9c6ac6d47de28139dcd8ad63f20e71a86137a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3b:85:9b:ed:0b:f3:a3:ce:22:7b:09:b1:05:
5e:6f:fb:3a:a4:14:3e:06:22:64:8a:99:3b:00:7f:
b0:ee:76:c3:83:51:e2:ce:c9:24:d0:99:c9:9d:74:
39:95:88:d7:6c:45:ed:c7:d2:3f:18:2a:e4:ad:ad:
4d:62:4a:7e:ed:85:ef:ba:33:32:75:dc:a3:81:11:
a5:59:34:91:39:56:fa:82:d6:14:e0:73:4d:2b:73:
cb:76:9f:f6:b6:a3:10:8e:61:e0:2f:56:15:80:44:
b0:ce:84:97:2e:47:89:89:0c:02:ad:26:86:9f:2c:
96:29:b3:18:8b:87:d0:3a:ea:59:71:ec:f2:ce:25:
12:e1:e3:47:59:59:aa:0f:30:d6:2b:c8:d2:25:02:
54:31:20:6c:eb:45:f0:0e:a2:cc:3c:6f:b9:e9:4d:
5f:f3:0f:ce:fc:98:32:cf:47:9d:8d:fd:13:f9:b4:
ec:7d:55:46:f5:69:f1:09:52:a1:b9:48:44:84:40:
bf:1c:86:e6:00:40:76:ed:bc:96:d9:5c:ed:90:fb:
38:a3:9b:04:70:5d:6b:00:e5:d5:59:af:3c:2a:f9:
3d:49:01:da:ae:2b:36:18:df:f2:12:5d:33:1d:67:
c6:0a:07:7a:d1:5b:26:83:92:c6:e2:6c:f9:6a:39:
58:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D9:C6:AC:6D:47:DE:28:13:9D:CD:8A:D6:3F:20:E7:1A:86:13:7A
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/tdnGrG1H3igTnc2K1j8g5xqGE3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0-140.150.12.255
140.150.14.0/23
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.67.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:17:17:1f:d9:cb:32:6d:61:c1:80:78:5e:78:ad:f5:9b:cf:
1c:2b:4c:1b:bf:77:ca:f2:b3:9d:cc:9b:ce:4f:74:4a:1f:32:
f2:f4:64:23:d1:b2:57:14:72:92:f6:2c:37:42:34:ad:ea:25:
8d:4f:64:73:80:31:01:fa:a7:c1:ac:61:db:4a:01:5e:5c:64:
f9:be:11:3f:9e:08:1d:2a:73:06:74:47:cd:7c:cd:97:56:b0:
86:71:81:f5:6a:2e:16:99:77:0f:72:d8:7d:85:81:0b:8e:79:
1b:93:11:32:ac:f5:69:d4:ee:01:bf:87:44:6a:c1:e1:b7:24:
9e:ef:0f:fc:00:73:fd:dc:1f:3b:32:03:94:f0:a9:9a:a6:92:
02:87:a3:cb:24:f5:87:08:96:79:4e:8d:0f:df:96:9b:61:0e:
a7:bb:68:88:f5:06:82:cc:65:21:3a:49:a8:b8:2f:3f:66:3c:
6f:89:d5:c9:32:ba:ca:84:a2:d7:d6:6e:f0:10:0b:27:78:9c:
c0:2b:d2:df:f6:f7:34:06:74:46:48:98:a9:b0:2c:d6:c0:3c:
10:1b:9e:e4:16:23:12:d1:65:c3:2e:bc:c9:57:25:b4:fe:1c:
3e:2c:52:0b:fe:5b:3e:32:80:b9:e2:7c:89:1c:68:94:d3:c1:
dc:1c:e1:88
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZT41u1Rm3sArykmgy3TJ2DeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMjEyMDYyNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQ5YzZhYzZkNDdkZTI4MTM5ZGNkOGFkNjNmMjBlNzFhODYxMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDuFm+0L86POInsJsQVeb/s6pBQ+
BiJkipk7AH+w7nbDg1Hizskk0JnJnXQ5lYjXbEXtx9I/GCrkra1NYkp+7YXvujMy
ddyjgRGlWTSROVb6gtYU4HNNK3PLdp/2tqMQjmHgL1YVgESwzoSXLkeJiQwCrSaG
nyyWKbMYi4fQOupZcezyziUS4eNHWVmqDzDWK8jSJQJUMSBs60XwDqLMPG+56U1f
8w/O/Jgyz0edjf0T+bTsfVVG9WnxCVKhuUhEhEC/HIbmAEB27byW2VztkPs4o5sE
cF1rAOXVWa88Kvk9SQHaris2GN/yEl0zHWfGCgd60Vsmg5LG4mz5ajlYZQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLXZxqxtR94oE53NitY/IOcahhN6MB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvdGRuR3JHMUgzaWdUbmMySzFqOGc1eHFHRTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQDjJYAMAwD
BAGMlgoDBACMlgwDBAGMlg4wDAMEAYyWEgMEAIyWJjAMAwQDjJYoAwQAjJYsAwQB
jJYuAwQAkmdDMA0GCSqGSIb3DQEBCwUAA4IBAQBLFxcf2csybWHBgHheeK31m88c
K0wbv3fK8rOdzJvOT3RKHzLy9GQj0bJXFHKS9iw3QjSt6iWNT2RzgDEB+qfBrGHb
SgFeXGT5vhE/nggdKnMGdEfNfM2XVrCGcYH1ai4WmXcPcth9hYELjnkbkxEyrPVp
1O4Bv4dEasHhtySe7w/8AHP93B87MgOU8KmappICh6PLJPWHCJZ5To0P35abYQ6n
u2iI9QaCzGUhOkmouC8/ZjxvidXJMrrKhKLX1m7wEAsneJzAK9Lf9vc0BnRGSJip
sCzWwDwQG57kFiMS0WXDLrzJVyW0/hw+LFIL/ls+MoC54nyJHGiU08HcHOGI
-----END CERTIFICATE-----
Generated at Tue Apr 29 03:28:11 2025 by rpki-client