Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/fNVlQHiCLURODZz2gveG_rShmiY.roa
File: fNVlQHiCLURODZz2gveG_rShmiY.roa (raw, json)
Hash identifier: AasYkMo4sLYhD6S9KGjclm8vmKXMCTqLLs+bRZOhIVQ=
Subject key identifier: 7C:D5:65:40:78:82:2D:44:4E:0D:9C:F6:82:F7:86:FE:B4:A1:9A:26
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0194EEE3E5AA17425567A10C61E641EE9101
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/fNVlQHiCLURODZz2gveG_rShmiY.roa
Signing time: Mon 10 Feb 2025 08:05:00 +0000
ROA not before: Mon 10 Feb 2025 08:05:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 06:27:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ee:e3:e5:aa:17:42:55:67:a1:0c:61:e6:41:ee:91:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Feb 10 08:05:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cd5654078822d444e0d9cf682f786feb4a19a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f0:1f:64:f2:68:04:0b:91:62:bc:b2:2d:b2:
f0:27:4c:dc:6a:da:4a:9d:bf:3d:39:ed:b2:81:de:
11:57:db:62:36:b6:fd:ae:51:f6:a9:86:1c:80:a8:
49:7e:23:e9:a8:3c:3c:41:62:54:5b:2e:6d:42:9b:
cf:e4:94:d1:70:2e:96:2a:a3:21:70:7b:c5:08:3d:
18:14:01:a7:b1:d1:fb:70:44:d4:f9:23:d0:67:c0:
60:2b:87:93:59:f8:fd:90:78:61:89:ff:26:56:f9:
79:0d:24:75:b4:33:8d:76:39:85:04:f7:af:14:99:
44:8f:42:07:17:3d:23:44:75:70:ec:59:2e:a7:13:
0d:b0:11:cd:bf:91:2a:09:74:91:86:a8:b9:8c:0e:
37:99:02:07:ce:6c:a3:22:a4:ca:cd:74:69:02:09:
b6:89:2e:f5:19:1a:2f:de:74:0e:33:4d:11:34:2d:
e9:3d:5e:0f:28:d3:e2:47:f9:27:0e:41:83:e4:80:
c5:11:62:93:2c:26:68:c6:ae:4c:ad:2e:30:36:90:
71:74:82:ea:82:b7:ed:16:84:0a:15:4a:07:ca:21:
97:79:0b:f5:eb:2a:5b:71:49:0f:8d:34:5e:e6:25:
9b:08:de:e4:ae:c3:4d:21:b7:94:99:21:fc:f4:d2:
53:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D5:65:40:78:82:2D:44:4E:0D:9C:F6:82:F7:86:FE:B4:A1:9A:26
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/fNVlQHiCLURODZz2gveG_rShmiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0-140.150.12.255
140.150.14.0/23
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
Signature Algorithm: sha256WithRSAEncryption
96:f8:a4:3b:99:c6:22:09:92:7e:e4:aa:37:6d:2f:b8:64:d5:
46:bd:ce:9b:f1:14:e2:c2:fb:63:e2:b2:d8:ae:c1:71:a8:e7:
3d:5f:ca:66:f7:96:9f:d1:43:ae:bb:2b:a4:4c:d0:2c:dc:a5:
13:9f:1f:9e:61:6f:8b:53:2c:34:bc:ec:35:88:28:ed:be:bd:
61:31:05:6c:29:f9:54:8f:96:31:f0:02:8c:b1:fe:17:f7:0e:
16:26:83:e9:7f:13:97:44:75:6b:9f:41:a2:8c:c4:c8:e6:b8:
96:04:23:a8:2c:24:05:7e:5a:e3:6f:51:9f:7d:d4:44:0d:52:
3b:00:2d:01:c1:73:53:53:46:01:9e:24:65:23:09:79:c2:39:
d5:b7:62:f6:15:6f:85:43:27:de:59:75:8e:ae:8f:d9:48:69:
53:df:ac:c2:cc:30:8e:69:11:e7:3a:02:e4:21:fe:a4:ee:85:
d7:31:81:ef:61:43:99:61:47:c0:0c:65:10:c0:fc:5a:03:60:
0d:3b:fd:ec:4a:8d:20:db:62:01:76:6c:ce:12:88:c0:95:89:
74:f3:fb:06:5b:ae:32:29:80:e8:a3:ff:28:6f:95:bd:63:db:
b3:6b:82:0c:06:d8:51:d6:53:4a:d7:9f:c1:65:e7:c0:bd:59:
a4:76:58:0f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZTu4+WqF0JVZ6EMYeZB7pEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMjEwMDgwNTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Q1NjU0MDc4ODIyZDQ0NGUwZDljZjY4MmY3ODZmZWI0YTE5YTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfAfZPJoBAuRYryyLbLwJ0zcatpK
nb89Oe2ygd4RV9tiNrb9rlH2qYYcgKhJfiPpqDw8QWJUWy5tQpvP5JTRcC6WKqMh
cHvFCD0YFAGnsdH7cETU+SPQZ8BgK4eTWfj9kHhhif8mVvl5DSR1tDONdjmFBPev
FJlEj0IHFz0jRHVw7FkupxMNsBHNv5EqCXSRhqi5jA43mQIHzmyjIqTKzXRpAgm2
iS71GRov3nQOM00RNC3pPV4PKNPiR/knDkGD5IDFEWKTLCZoxq5MrS4wNpBxdILq
grftFoQKFUoHyiGXeQv16ypbcUkPjTRe5iWbCN7krsNNIbeUmSH89NJTuQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHzVZUB4gi1ETg2c9oL3hv60oZomMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvZk5WbFFIaUNMVVJPRFp6Mmd2ZUdfclNobWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQDjJYAMAwD
BAGMlgoDBACMlgwDBAGMlg4wDAMEAYyWEgMEAIyWJjAMAwQDjJYoAwQAjJYsAwQB
jJYuMA0GCSqGSIb3DQEBCwUAA4IBAQCW+KQ7mcYiCZJ+5Ko3bS+4ZNVGvc6b8RTi
wvtj4rLYrsFxqOc9X8pm95af0UOuuyukTNAs3KUTnx+eYW+LUyw0vOw1iCjtvr1h
MQVsKflUj5Yx8AKMsf4X9w4WJoPpfxOXRHVrn0GijMTI5riWBCOoLCQFflrjb1Gf
fdREDVI7AC0BwXNTU0YBniRlIwl5wjnVt2L2FW+FQyfeWXWOro/ZSGlT36zCzDCO
aRHnOgLkIf6k7oXXMYHvYUOZYUfADGUQwPxaA2ANO/3sSo0g22IBdmzOEojAlYl0
8/sGW64yKYDoo/8ob5W9Y9uza4IMBthR1lNK15/BZefAvVmkdlgP
-----END CERTIFICATE-----
Generated at Mon Jul 28 01:07:11 2025 by rpki-client