Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Rsb5VgUn9vavEpMaaAi58W5oVTs.roa
File: Rsb5VgUn9vavEpMaaAi58W5oVTs.roa (raw, json)
Hash identifier: 7kmj3+rsbnAb9vThV2W9EUv6bCcpn7ue5HgvgEzmnI0=
Subject key identifier: 46:C6:F9:56:05:27:F6:F6:AF:12:93:1A:68:08:B9:F1:6E:68:55:3B
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 01928E56238D333C7AB03BDD38335D95502A
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Rsb5VgUn9vavEpMaaAi58W5oVTs.roa
Signing time: Tue 15 Oct 2024 04:01:02 +0000
ROA not before: Tue 15 Oct 2024 04:01:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.8.0/23 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 16:28:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8e:56:23:8d:33:3c:7a:b0:3b:dd:38:33:5d:95:50:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Oct 15 04:01:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46c6f9560527f6f6af12931a6808b9f16e68553b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c3:90:27:b7:97:f6:c4:8b:fd:37:df:fb:94:
77:72:a8:ad:97:65:1b:03:17:de:48:fb:11:4d:2e:
ba:0a:77:02:85:f6:2b:d3:ec:51:c7:fc:cf:6e:73:
23:14:ad:ef:74:9b:b6:3f:80:80:1b:8c:2e:55:19:
d5:dc:d2:08:8b:07:66:60:e5:f6:96:77:2b:df:84:
51:8c:6c:f2:34:67:27:a2:f2:79:81:d4:32:9e:53:
66:47:ee:97:ed:fa:27:7a:bf:49:cf:4d:2b:71:6f:
14:17:51:0a:89:27:3e:2d:b2:20:ff:8c:db:5a:d5:
81:8a:7b:12:99:1d:5f:aa:40:ee:7e:5c:44:30:d3:
0d:45:b2:2e:bf:33:ea:b2:f8:95:c1:1e:5f:95:fc:
ec:e1:a5:1b:68:08:9b:4b:14:ef:57:53:a7:7e:6f:
2b:89:b2:88:b4:97:6a:15:b5:64:bd:a1:3f:f9:46:
65:ae:9a:a2:c2:5f:67:16:ec:8d:db:ef:50:48:1e:
12:93:44:7e:fb:f5:20:32:1a:07:5f:a8:27:dd:00:
7c:bc:b0:3f:9c:7f:08:36:ab:cf:63:f3:4e:a3:ae:
9e:97:3d:58:79:8d:c4:fd:41:0e:c1:4e:e8:68:a7:
a5:62:9d:52:c0:cd:a3:96:24:99:48:84:d8:a4:5c:
bf:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C6:F9:56:05:27:F6:F6:AF:12:93:1A:68:08:B9:F1:6E:68:55:3B
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/Rsb5VgUn9vavEpMaaAi58W5oVTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.1.0-140.150.9.255
140.150.18.0/23
140.150.21.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:32:c0:57:35:68:72:ac:11:9c:8e:6e:50:20:db:47:08:7b:
25:95:23:42:eb:b9:1c:a2:57:14:e2:68:cb:5a:25:e8:97:f9:
86:ce:31:f5:67:7b:c5:cb:cc:00:44:f4:17:ae:35:0f:2e:38:
cd:09:28:76:2d:5e:b0:b6:e7:84:33:4c:94:85:cb:29:b3:1e:
af:c4:69:91:e6:ac:c8:4a:ec:a8:27:5b:3d:8d:3b:81:9c:ac:
f7:22:89:1a:1a:05:bf:fc:87:aa:eb:8b:ca:7d:bc:77:97:24:
2b:59:1d:f5:df:83:e9:a7:39:95:de:42:5f:df:0e:0e:e9:f8:
98:a4:00:1f:9d:1a:cc:6e:4b:38:f4:8c:59:e7:b4:af:04:da:
c6:4e:2b:c3:3a:be:a2:66:08:00:ae:e5:fd:9b:86:49:86:dc:
d1:2b:d5:97:56:24:57:b5:7e:3a:56:57:65:8a:86:6f:f5:8e:
b9:ad:82:ce:87:d1:89:b6:1f:b3:8e:91:bb:7c:4d:6c:6c:2b:
48:44:d8:5d:e5:86:6d:ce:8f:c8:3e:2b:2c:de:69:7e:58:fb:
ba:e1:15:f1:6a:c7:c7:73:01:3f:5a:a0:37:e1:95:bf:84:54:
f7:ca:3b:6d:27:73:bc:25:48:a9:80:a8:89:e1:03:8f:ab:da:
cb:e6:c3:ee
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZKOViONMzx6sDvdODNdlVAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjQxMDE1MDQwMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmM2Zjk1NjA1MjdmNmY2YWYxMjkzMWE2ODA4YjlmMTZlNjg1NTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsOQJ7eX9sSL/Tff+5R3cqitl2Ub
AxfeSPsRTS66CncChfYr0+xRx/zPbnMjFK3vdJu2P4CAG4wuVRnV3NIIiwdmYOX2
lncr34RRjGzyNGcnovJ5gdQynlNmR+6X7foner9Jz00rcW8UF1EKiSc+LbIg/4zb
WtWBinsSmR1fqkDuflxEMNMNRbIuvzPqsviVwR5flfzs4aUbaAibSxTvV1Onfm8r
ibKItJdqFbVkvaE/+UZlrpqiwl9nFuyN2+9QSB4Sk0R++/UgMhoHX6gn3QB8vLA/
nH8INqvPY/NOo66elz1YeY3E/UEOwU7oaKelYp1SwM2jliSZSITYpFy/PwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEbG+VYFJ/b2rxKTGmgIufFuaFU7MB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvUnNiNVZnVW45dmF2RXBNYWFBaTU4VzVvVlRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACMlgED
BAGMlggDBAGMlhIDBACMlhUwDQYJKoZIhvcNAQELBQADggEBAKMywFc1aHKsEZyO
blAg20cIeyWVI0LruRyiVxTiaMtaJeiX+YbOMfVne8XLzABE9BeuNQ8uOM0JKHYt
XrC254QzTJSFyymzHq/EaZHmrMhK7KgnWz2NO4GcrPciiRoaBb/8h6rri8p9vHeX
JCtZHfXfg+mnOZXeQl/fDg7p+JikAB+dGsxuSzj0jFnntK8E2sZOK8M6vqJmCACu
5f2bhkmG3NEr1ZdWJFe1fjpWV2WKhm/1jrmtgs6H0Ym2H7OOkbt8TWxsK0hE2F3l
hm3Oj8g+KyzeaX5Y+7rhFfFqx8dzAT9aoDfhlb+EVPfKO20nc7wlSKmAqInhA4+r
2svmw+4=
-----END CERTIFICATE-----
Generated at Wed Oct 23 19:04:57 2024 by rpki-client on console-ams.rpki-client.org