Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/DmZQOHhfNKYNz3CWyNcYcYl4lWc.roa
File: DmZQOHhfNKYNz3CWyNcYcYl4lWc.roa (raw, json)
Hash identifier: 3w+cPMHw5WBVbWzqig3U1MYHCBAQTzfIsEQUPaSQDfw=
Subject key identifier: 0E:66:50:38:78:5F:34:A6:0D:CF:70:96:C8:D7:18:71:89:78:95:67
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0194F9059FFA33B31219CD307C6841CDD8C0
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/DmZQOHhfNKYNz3CWyNcYcYl4lWc.roa
Signing time: Wed 12 Feb 2025 07:18:02 +0000
ROA not before: Wed 12 Feb 2025 07:18:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.64.0/24 maxlen: 24
146.103.65.0/24 maxlen: 24
146.103.66.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
146.103.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Feb 2025 06:16:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:05:9f:fa:33:b3:12:19:cd:30:7c:68:41:cd:d8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Feb 12 07:18:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e665038785f34a60dcf7096c8d7187189789567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:be:74:3c:a3:8d:0e:e4:0a:38:0d:21:31:e0:
9d:ed:23:fe:34:95:fc:7b:4c:0e:2d:06:5b:d3:6a:
da:4f:33:e9:7f:56:96:f0:33:29:54:96:2e:68:4b:
e3:64:0d:0d:10:a7:d9:92:5b:3a:82:71:c0:dd:c8:
28:9a:c1:b1:1d:ec:ed:d1:9a:ae:88:a4:9f:63:0f:
de:84:8c:28:51:4d:06:e5:45:db:2e:01:f6:91:dd:
22:fa:74:89:88:f4:b2:ee:8e:ad:fe:c1:3f:18:d1:
c3:35:a4:73:87:9a:71:88:06:79:93:7e:69:9c:2d:
48:97:39:68:aa:8e:0d:d7:0e:69:6e:28:35:57:69:
93:cb:7c:d3:5c:af:fb:98:99:40:c1:24:23:af:f8:
88:a2:59:42:32:d4:9f:1c:96:37:50:40:c8:65:a0:
95:34:07:83:c3:4e:ad:19:2a:45:c5:ca:fd:77:69:
99:f9:ca:60:55:14:d7:ce:15:26:85:be:a8:1e:9b:
a0:9b:17:f1:30:f0:4f:fc:7d:ef:fe:a3:0c:d4:9b:
45:a3:dd:04:88:ff:40:3e:8e:58:29:d1:0f:8f:90:
4b:fe:a3:02:e1:b6:a1:72:31:ab:54:e0:6c:19:cb:
16:00:fc:67:db:98:53:11:04:01:3d:c4:59:6f:a1:
82:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:66:50:38:78:5F:34:A6:0D:CF:70:96:C8:D7:18:71:89:78:95:67
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/DmZQOHhfNKYNz3CWyNcYcYl4lWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0-140.150.12.255
140.150.14.0/23
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.64.0-146.103.68.255
Signature Algorithm: sha256WithRSAEncryption
27:7f:57:31:72:c3:4e:35:07:1e:43:2e:0f:e4:6f:be:25:d1:
17:19:74:cf:3c:71:9d:24:7f:f7:1f:96:09:f0:57:fc:a5:79:
a7:bb:01:2d:4a:6c:99:2e:9f:d7:96:da:2a:8f:8c:a8:3b:e7:
18:8c:fa:07:d8:a6:70:29:8b:44:b7:60:87:06:35:ed:a7:7b:
b3:65:c8:29:36:db:cb:8c:01:3b:11:34:a3:c2:ee:1d:8b:fd:
9a:9b:00:0c:f6:94:98:30:48:2c:a6:dd:6c:30:f4:6b:7b:94:
e4:63:33:05:17:4b:6a:b3:0a:3a:50:96:f2:50:6d:c7:d9:52:
f4:7b:b6:f7:5d:83:66:df:4f:e5:9c:c5:23:a2:71:08:23:83:
5d:5e:4e:54:7f:a4:1d:4b:a1:f5:b5:12:ad:3f:f4:17:51:18:
6a:3b:d0:ac:a2:28:98:a1:be:79:65:f4:0e:fd:c1:0b:26:b7:
ed:de:e9:9f:54:7c:94:80:49:a4:d0:85:43:41:44:e6:ae:67:
79:bc:d7:a0:5e:b2:b4:06:86:26:1a:86:a7:bb:25:bc:12:d3:
a4:87:32:ee:9d:63:53:57:e9:4e:60:47:24:95:f3:fb:4a:b9:
ac:ca:14:8c:dd:81:d6:b2:81:39:82:d5:eb:a5:be:83:ce:35:
b2:26:38:13
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZT5BZ/6M7MSGc0wfGhBzdjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMjEyMDcxODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTY2NTAzODc4NWYzNGE2MGRjZjcwOTZjOGQ3MTg3MTg5Nzg5NTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL50PKONDuQKOA0hMeCd7SP+NJX8
e0wOLQZb02raTzPpf1aW8DMpVJYuaEvjZA0NEKfZkls6gnHA3cgomsGxHezt0Zqu
iKSfYw/ehIwoUU0G5UXbLgH2kd0i+nSJiPSy7o6t/sE/GNHDNaRzh5pxiAZ5k35p
nC1Ilzloqo4N1w5pbig1V2mTy3zTXK/7mJlAwSQjr/iIollCMtSfHJY3UEDIZaCV
NAeDw06tGSpFxcr9d2mZ+cpgVRTXzhUmhb6oHpugmxfxMPBP/H3v/qMM1JtFo90E
iP9APo5YKdEPj5BL/qMC4bahcjGrVOBsGcsWAPxn25hTEQQBPcRZb6GCTQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFA5mUDh4XzSmDc9wlsjXGHGJeJVnMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvRG1aUU9IaGZOS1lOejNDV3lOY1ljWWw0bFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQDjJYAMAwD
BAGMlgoDBACMlgwDBAGMlg4wDAMEAYyWEgMEAIyWJjAMAwQDjJYoAwQAjJYsAwQB
jJYuMAwDBAaSZ0ADBACSZ0QwDQYJKoZIhvcNAQELBQADggEBACd/VzFyw041Bx5D
Lg/kb74l0RcZdM88cZ0kf/cflgnwV/yleae7AS1KbJkun9eW2iqPjKg75xiM+gfY
pnApi0S3YIcGNe2ne7NlyCk228uMATsRNKPC7h2L/ZqbAAz2lJgwSCym3Www9Gt7
lORjMwUXS2qzCjpQlvJQbcfZUvR7tvddg2bfT+WcxSOicQgjg11eTlR/pB1LofW1
Eq0/9BdRGGo70KyiKJihvnll9A79wQsmt+3e6Z9UfJSASaTQhUNBROauZ3m816Be
srQGhiYahqe7JbwS06SHMu6dY1NX6U5gRySV8/tKuazKFIzdgdaygTmC1eulvoPO
NbImOBM=
-----END CERTIFICATE-----
Generated at Wed May 7 04:18:12 2025 by rpki-client