Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Ew2S18v_3tY6cLzxzT4Lz9Z1zo4.roa
File: Ew2S18v_3tY6cLzxzT4Lz9Z1zo4.roa (raw, json)
Hash identifier: WZlWKMr9IXSWro5lSVw//BFSIP82w4R9lAJgZIvwnug=
Subject key identifier: 13:0D:92:D7:CB:FF:DE:D6:3A:70:BC:F1:CD:3E:0B:CF:D6:75:CE:8E
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0192898511E08A45E0795C9DEA2EF3B4C5F6
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Ew2S18v_3tY6cLzxzT4Lz9Z1zo4.roa
Signing time: Mon 14 Oct 2024 05:34:12 +0000
ROA not before: Mon 14 Oct 2024 05:34:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.8.0/23 maxlen: 23
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 04:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:89:85:11:e0:8a:45:e0:79:5c:9d:ea:2e:f3:b4:c5:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Oct 14 05:34:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=130d92d7cbffded63a70bcf1cd3e0bcfd675ce8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:60:c5:b0:42:97:ed:85:95:de:a3:5d:0a:97:
f9:4b:5c:ef:35:2b:e1:2f:7d:0c:fd:29:b2:16:59:
f2:64:1c:47:2b:b9:cb:df:63:af:a5:d9:7b:85:b2:
b2:3d:da:c1:ec:af:85:c5:3e:d3:ad:b0:82:e3:6c:
09:22:d1:94:1d:fa:4f:2c:5c:0d:e1:d4:35:14:aa:
8c:2d:ad:35:71:f2:7b:8f:c3:2c:45:3a:33:46:55:
59:ef:91:33:56:de:cf:83:40:19:43:03:90:94:c9:
89:75:3f:d9:c2:95:80:00:b9:f7:14:e8:09:cc:29:
67:df:ad:0b:61:9e:4d:24:b6:03:9b:48:97:21:c7:
a5:02:2e:b8:44:fb:62:83:50:96:40:2e:7e:3e:34:
71:78:f4:fb:6e:df:1a:08:5a:99:cd:e3:63:ff:70:
c0:3d:0f:d9:0b:b0:7e:31:1f:34:83:52:cc:b2:cf:
9d:7c:7f:9d:21:2d:30:be:b5:39:9c:7e:06:73:6f:
5f:b9:f4:c5:9a:6b:40:1a:f4:c5:fb:7b:69:61:51:
b2:cf:96:4d:31:67:83:10:1e:26:1d:85:b0:fa:77:
4b:15:ea:2e:3a:6b:be:6d:f6:03:f6:99:6a:e5:38:
92:fa:9c:a2:f0:ea:c8:63:0e:cc:81:f3:6c:87:6b:
d3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:0D:92:D7:CB:FF:DE:D6:3A:70:BC:F1:CD:3E:0B:CF:D6:75:CE:8E
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Ew2S18v_3tY6cLzxzT4Lz9Z1zo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.1.0-140.150.9.255
140.150.18.0/23
140.150.21.0/24
Signature Algorithm: sha256WithRSAEncryption
16:53:89:e1:ca:da:93:2c:23:79:e8:3c:6d:48:ff:16:c8:9f:
e7:99:a7:d7:99:02:02:b1:53:a2:28:18:4e:74:e7:14:fd:6e:
be:63:c1:0d:01:86:6d:a0:3b:1f:c9:bc:43:c8:30:7b:b5:80:
e1:1b:58:ec:a2:32:0c:ee:a3:06:d3:b8:1d:fe:2c:f2:31:2f:
af:b7:ec:63:7c:bf:97:13:af:37:8b:95:6a:8e:75:45:93:c3:
1e:41:e1:57:94:1e:a8:f7:8b:b9:44:f1:af:f5:10:69:11:06:
47:b1:ef:77:26:c6:48:d2:da:62:a0:31:6d:20:b9:1e:d8:23:
14:2e:07:93:4b:1e:b1:9c:d5:ef:1b:b7:54:e6:d3:94:2a:08:
c5:81:19:62:89:78:ab:49:7b:a2:66:4f:9b:ed:00:3e:ab:7d:
ff:b5:b0:90:0a:fc:ee:5b:d6:9a:57:1b:ef:dd:d0:d1:fe:9f:
fe:e3:a1:4f:af:c5:60:39:06:4e:16:bf:25:bc:45:0b:d2:05:
e1:9d:b2:06:df:31:58:fc:23:8f:94:4e:f2:ae:dd:3c:a1:54:
3f:dd:a6:88:02:55:ad:29:64:ea:0a:ad:e9:3e:bc:ec:01:6d:
25:18:e2:37:be:1a:d0:01:ff:0d:1e:e9:44:ad:a3:30:75:a4:
a3:61:95:69
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZKJhRHgikXgeVyd6i7ztMX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjQxMDE0MDUzNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzBkOTJkN2NiZmZkZWQ2M2E3MGJjZjFjZDNlMGJjZmQ2NzVjZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2DFsEKX7YWV3qNdCpf5S1zvNSvh
L30M/SmyFlnyZBxHK7nL32Ovpdl7hbKyPdrB7K+FxT7TrbCC42wJItGUHfpPLFwN
4dQ1FKqMLa01cfJ7j8MsRTozRlVZ75EzVt7Pg0AZQwOQlMmJdT/ZwpWAALn3FOgJ
zCln360LYZ5NJLYDm0iXIcelAi64RPtig1CWQC5+PjRxePT7bt8aCFqZzeNj/3DA
PQ/ZC7B+MR80g1LMss+dfH+dIS0wvrU5nH4Gc29fufTFmmtAGvTF+3tpYVGyz5ZN
MWeDEB4mHYWw+ndLFeouOmu+bfYD9plq5TiS+pyi8OrIYw7MgfNsh2vTUQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBMNktfL/97WOnC88c0+C8/Wdc6OMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvRXcyUzE4dl8zdFk2Y0x6eHpUNEx6OVoxem80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACMlgED
BAGMlggDBAGMlhIDBACMlhUwDQYJKoZIhvcNAQELBQADggEBABZTieHK2pMsI3no
PG1I/xbIn+eZp9eZAgKxU6IoGE505xT9br5jwQ0Bhm2gOx/JvEPIMHu1gOEbWOyi
MgzuowbTuB3+LPIxL6+37GN8v5cTrzeLlWqOdUWTwx5B4VeUHqj3i7lE8a/1EGkR
Bkex73cmxkjS2mKgMW0guR7YIxQuB5NLHrGc1e8bt1Tm05QqCMWBGWKJeKtJe6Jm
T5vtAD6rff+1sJAK/O5b1ppXG+/d0NH+n/7joU+vxWA5Bk4WvyW8RQvSBeGdsgbf
MVj8I4+UTvKu3TyhVD/dpogCVa0pZOoKrek+vOwBbSUY4je+GtAB/w0e6UStozB1
pKNhlWk=
-----END CERTIFICATE-----
Generated at Tue Oct 15 05:08:28 2024 by rpki-client on console-fra.rpki-client.org