Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/RDvWs_raF8P0OfjJA97Uws7VEOg.roa
File: RDvWs_raF8P0OfjJA97Uws7VEOg.roa (raw, json)
Hash identifier: QeOVWdnAUr19ieJ+f/Gg9yNMcVrkzfxxYHf/AY98a58=
Subject key identifier: 44:3B:D6:B3:FA:DA:17:C3:F4:39:F8:C9:03:DE:D4:C2:CE:D5:10:E8
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 01933DF50CB2F4A741444DF2D14265AB3210
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/RDvWs_raF8P0OfjJA97Uws7VEOg.roa
Signing time: Mon 18 Nov 2024 06:28:09 +0000
ROA not before: Mon 18 Nov 2024 06:28:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.8.0/23 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 08:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3d:f5:0c:b2:f4:a7:41:44:4d:f2:d1:42:65:ab:32:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Nov 18 06:28:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=443bd6b3fada17c3f439f8c903ded4c2ced510e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:11:e8:02:3e:68:41:91:98:01:c7:4a:b8:cb:
e1:13:8a:34:51:82:c8:61:83:1f:a0:91:f1:7f:89:
c5:e8:c0:b6:66:81:86:64:f7:4e:b3:eb:d5:b5:75:
67:a2:13:61:85:22:0e:ef:d3:5d:a9:0b:fe:f3:30:
78:66:cc:1a:df:7a:cf:74:e8:4c:5d:32:e6:9b:77:
5e:61:10:c2:b1:ae:a0:8e:19:a4:2e:7e:fe:dc:d3:
0a:6f:72:06:59:de:a6:3d:89:18:82:25:0c:ba:cb:
da:5a:48:18:0d:db:41:e9:cc:95:e0:f1:1a:ff:ed:
ec:f4:bb:e2:06:b5:78:ea:0c:37:1d:a3:98:d3:e0:
b1:fb:16:6a:2d:3c:ac:54:b4:60:c4:dc:4f:7d:f4:
85:af:3a:f9:d7:63:81:a6:e1:94:64:84:39:59:05:
af:ae:14:d2:72:70:ae:c6:99:dc:5b:6f:69:31:97:
f5:fc:e3:c8:73:33:64:6b:e8:e6:88:01:c1:d2:6b:
3d:2d:84:7b:7b:c1:e0:87:b8:e6:a8:26:6d:57:12:
8f:be:b4:16:81:c3:60:12:ef:fd:89:96:eb:7a:15:
09:f9:f8:d6:bc:4d:55:69:ba:b9:cc:ca:f2:fc:7b:
ff:c9:3f:06:73:6b:25:bf:72:34:c4:8e:4a:cd:e8:
8f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:3B:D6:B3:FA:DA:17:C3:F4:39:F8:C9:03:DE:D4:C2:CE:D5:10:E8
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/RDvWs_raF8P0OfjJA97Uws7VEOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0-140.150.9.255
140.150.12.0/24
140.150.18.0/23
140.150.21.0/24
140.150.24.0/23
140.150.28.0/24
Signature Algorithm: sha256WithRSAEncryption
23:c3:60:1a:97:b0:a3:72:9d:44:d1:59:68:d3:52:0a:c7:f3:
6a:fc:57:c3:d4:57:61:31:2d:a4:be:50:30:37:7a:99:61:07:
89:8c:e0:9f:8d:a4:51:eb:16:bc:dd:ad:33:24:4e:0a:0d:a0:
b3:fe:b8:7e:28:b0:c8:33:17:82:ab:0b:e4:0f:d5:27:62:d5:
8b:4e:49:9f:26:6d:56:b0:11:3b:2c:24:e1:da:57:cb:2c:90:
b7:b0:3e:9a:6c:89:aa:cd:66:31:a5:4f:9e:ff:d8:64:3a:42:
7e:67:b9:7e:df:c9:26:35:fa:e3:07:a5:e4:ab:47:10:68:31:
00:a4:4a:0a:9d:21:c9:da:4c:fb:c8:28:33:96:31:e6:9f:b4:
8f:27:df:eb:b7:f2:00:53:ab:70:12:fc:b5:51:84:65:4f:e4:
f7:5a:3a:78:4a:1d:f4:94:ad:bb:5d:3d:ae:66:0c:ac:19:21:
bf:e5:32:2f:46:b2:0f:28:87:f8:d6:9a:c7:61:e5:a3:9a:d1:
55:ed:74:86:37:58:3f:fa:20:9d:fa:24:cd:64:40:ae:f6:b7:
0f:aa:a8:2e:cb:a9:37:61:2c:ff:95:0b:ae:04:b8:54:99:fe:
9b:a8:34:ec:15:0b:05:44:ef:e8:18:3d:13:15:c8:f3:55:e8:
ff:52:88:71
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZM99Qyy9KdBRE3y0UJlqzIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjQxMTE4MDYyODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDNiZDZiM2ZhZGExN2MzZjQzOWY4YzkwM2RlZDRjMmNlZDUxMGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBHoAj5oQZGYAcdKuMvhE4o0UYLI
YYMfoJHxf4nF6MC2ZoGGZPdOs+vVtXVnohNhhSIO79NdqQv+8zB4Zswa33rPdOhM
XTLmm3deYRDCsa6gjhmkLn7+3NMKb3IGWd6mPYkYgiUMusvaWkgYDdtB6cyV4PEa
/+3s9LviBrV46gw3HaOY0+Cx+xZqLTysVLRgxNxPffSFrzr512OBpuGUZIQ5WQWv
rhTScnCuxpncW29pMZf1/OPIczNka+jmiAHB0ms9LYR7e8Hgh7jmqCZtVxKPvrQW
gcNgEu/9iZbrehUJ+fjWvE1Vabq5zMry/Hv/yT8Gc2slv3I0xI5KzeiPUQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFEQ71rP62hfD9Dn4yQPe1MLO1RDoMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvUkR2V3NfcmFGOFAwT2ZqSkE5N1V3czdWRU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArMAsDAwGMlgME
AYyWCAMEAIyWDAMEAYyWEgMEAIyWFQMEAYyWGAMEAIyWHDANBgkqhkiG9w0BAQsF
AAOCAQEAI8NgGpewo3KdRNFZaNNSCsfzavxXw9RXYTEtpL5QMDd6mWEHiYzgn42k
UesWvN2tMyROCg2gs/64fiiwyDMXgqsL5A/VJ2LVi05JnyZtVrAROywk4dpXyyyQ
t7A+mmyJqs1mMaVPnv/YZDpCfme5ft/JJjX64wel5KtHEGgxAKRKCp0hydpM+8go
M5Yx5p+0jyff67fyAFOrcBL8tVGEZU/k91o6eEod9JStu109rmYMrBkhv+UyL0ay
DyiH+Naax2Hlo5rRVe10hjdYP/ognfokzWRArva3D6qoLsupN2Es/5ULrgS4VJn+
m6g07BULBUTv6Bg9ExXI81Xo/1KIcQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:56:35 2024 by rpki-client on console-fra.rpki-client.org