Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/oIifziey101IJI-aaiPJZTEvjwU.roa
File: oIifziey101IJI-aaiPJZTEvjwU.roa (raw, json)
Hash identifier: CcllDQHFem9i3kZQOkGorIYcw2n1QsxjBH8qoacjPOk=
Subject key identifier: A0:88:9F:CE:27:B2:D7:4D:48:24:8F:9A:6A:23:C9:65:31:2F:8F:05
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0195A394C180924136CE8B3F7EE90E9E8B72
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/oIifziey101IJI-aaiPJZTEvjwU.roa
Signing time: Mon 17 Mar 2025 10:09:49 +0000
ROA not before: Mon 17 Mar 2025 10:09:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.64.0/24 maxlen: 24
146.103.65.0/24 maxlen: 24
146.103.66.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
146.103.68.0/24 maxlen: 24
146.103.71.0/24 maxlen: 24
146.103.73.0/24 maxlen: 24
146.103.74.0/24 maxlen: 24
146.103.75.0/24 maxlen: 24
146.103.76.0/24 maxlen: 24
146.103.77.0/24 maxlen: 24
146.103.78.0/24 maxlen: 24
146.103.79.0/24 maxlen: 24
146.103.80.0/24 maxlen: 24
146.103.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 05:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:94:c1:80:92:41:36:ce:8b:3f:7e:e9:0e:9e:8b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Mar 17 10:09:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0889fce27b2d74d48248f9a6a23c965312f8f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a2:e7:08:a4:4a:2a:56:99:c6:ca:47:2a:bf:
7e:33:d0:25:c2:3b:bf:4f:eb:87:82:32:9d:14:f4:
42:98:ef:50:dc:c0:4a:1d:8b:97:56:6c:74:a5:86:
03:e9:48:52:95:12:1a:87:f6:11:27:1e:94:dd:42:
16:a2:d8:27:35:08:c5:1b:96:33:1c:b6:82:7b:ea:
22:52:40:48:fe:b9:49:31:fb:38:e5:91:0d:62:ed:
79:9b:e5:f6:8a:2e:b3:ef:6c:92:e6:7f:4c:a0:06:
a9:82:d9:6a:c4:cf:70:f5:41:7a:94:cf:1f:89:d3:
1c:4c:a4:90:47:8d:bf:2e:45:c5:e6:4f:8b:ed:ba:
2f:6f:3f:bb:98:3e:dd:43:b8:93:45:7b:cd:06:d6:
cd:89:5a:43:fe:3b:8a:67:8f:c1:73:c9:71:52:f1:
07:30:45:60:59:60:0c:b0:a1:cb:9b:9b:57:1c:2f:
13:c6:35:59:76:74:71:9a:ba:4d:61:0b:59:aa:87:
b8:0b:b0:d1:ff:d9:a3:31:ae:a9:86:ae:ed:64:0b:
1b:83:e6:60:a8:3f:21:66:c6:17:03:43:7f:aa:2d:
78:30:32:bd:aa:44:6a:54:2e:ca:44:da:05:78:ae:
e1:d3:3e:70:7c:72:52:3a:33:8b:03:6d:3a:c2:2b:
bd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:88:9F:CE:27:B2:D7:4D:48:24:8F:9A:6A:23:C9:65:31:2F:8F:05
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/oIifziey101IJI-aaiPJZTEvjwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0-140.150.12.255
140.150.14.0/23
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.64.0-146.103.68.255
146.103.71.0/24
146.103.73.0-146.103.81.255
Signature Algorithm: sha256WithRSAEncryption
52:0b:e3:9c:8c:8b:19:70:ca:8c:9f:4c:21:d3:68:cc:e1:fb:
75:a0:1d:d6:4d:4a:bd:dc:c3:5c:9a:db:61:ea:8a:17:f6:dc:
ae:f3:ec:a6:82:92:06:35:1d:0b:12:5c:9d:26:5e:2e:4a:8d:
8a:d2:6c:9c:81:ed:20:85:17:42:c5:75:f9:b6:dd:4d:6e:52:
6d:ed:f7:83:b0:76:9d:81:cf:0d:aa:16:22:37:53:37:e3:b0:
2b:94:bc:92:5c:d0:68:1e:44:80:eb:08:c9:d6:7d:1c:2a:4f:
cd:49:67:85:f9:d1:ed:96:35:a4:34:89:2f:e8:31:f1:56:b2:
af:4e:a6:eb:5a:45:0e:91:a4:e6:70:e5:32:f6:d3:a1:09:98:
c9:77:2f:14:67:1c:3b:5a:c6:82:c3:bb:47:7c:84:18:28:b6:
dd:7d:08:5c:d8:32:f8:63:84:76:ac:af:fb:fe:b1:ac:83:e2:
60:f6:f6:b6:62:ff:07:4a:cc:49:40:1e:3b:e0:27:7e:49:16:
f7:10:2d:d4:c7:02:da:28:e5:24:84:81:28:21:03:d7:8f:75:
a2:6b:02:8f:ed:5b:c6:bc:47:f8:ab:42:85:9b:8b:20:43:87:
89:28:c0:a3:78:bf:55:03:a6:54:db:ad:08:eb:04:34:d4:3f:
36:5b:6b:47
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZWjlMGAkkE2zos/fukOnotyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwMzE3MTAwOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDg4OWZjZTI3YjJkNzRkNDgyNDhmOWE2YTIzYzk2NTMxMmY4ZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqLnCKRKKlaZxspHKr9+M9Alwju/
T+uHgjKdFPRCmO9Q3MBKHYuXVmx0pYYD6UhSlRIah/YRJx6U3UIWotgnNQjFG5Yz
HLaCe+oiUkBI/rlJMfs45ZENYu15m+X2ii6z72yS5n9MoAapgtlqxM9w9UF6lM8f
idMcTKSQR42/LkXF5k+L7bovbz+7mD7dQ7iTRXvNBtbNiVpD/juKZ4/Bc8lxUvEH
MEVgWWAMsKHLm5tXHC8TxjVZdnRxmrpNYQtZqoe4C7DR/9mjMa6phq7tZAsbg+Zg
qD8hZsYXA0N/qi14MDK9qkRqVC7KRNoFeK7h0z5wfHJSOjOLA206wiu9cwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFKCIn84nstdNSCSPmmojyWUxL48FMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvb0lpZnppZXkxMDFJSkktYWFpUEpaVEV2andVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQDjJYAMAwD
BAGMlgoDBACMlgwDBAGMlg4wDAMEAYyWEgMEAIyWJjAMAwQDjJYoAwQAjJYsAwQB
jJYuMAwDBAaSZ0ADBACSZ0QDBACSZ0cwDAMEAJJnSQMEAZJnUDANBgkqhkiG9w0B
AQsFAAOCAQEAUgvjnIyLGXDKjJ9MIdNozOH7daAd1k1KvdzDXJrbYeqKF/bcrvPs
poKSBjUdCxJcnSZeLkqNitJsnIHtIIUXQsV1+bbdTW5Sbe33g7B2nYHPDaoWIjdT
N+OwK5S8klzQaB5EgOsIydZ9HCpPzUlnhfnR7ZY1pDSJL+gx8Vayr06m61pFDpGk
5nDlMvbToQmYyXcvFGccO1rGgsO7R3yEGCi23X0IXNgy+GOEdqyv+/6xrIPiYPb2
tmL/B0rMSUAeO+AnfkkW9xAt1McC2ijlJISBKCED1491omsCj+1bxrxH+KtChZuL
IEOHiSjAo3i/VQOmVNutCOsENNQ/NltrRw==
-----END CERTIFICATE-----
Generated at Mon Jul 28 01:20:10 2025 by rpki-client