Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/cc29EKTyRlybWdynPc5Aa30zjbw.roa
File: cc29EKTyRlybWdynPc5Aa30zjbw.roa (raw, json)
Hash identifier: xSn34/rGYiUxeN+BGFAdMYs1Oupk3vNPg/jlrO6nFgQ=
Subject key identifier: 71:CD:BD:10:A4:F2:46:5C:9B:59:DC:A7:3D:CE:40:6B:7D:33:8D:BC
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 019270B5232524FDE73EFC0E5C2BF7E55F06
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/cc29EKTyRlybWdynPc5Aa30zjbw.roa
Signing time: Wed 09 Oct 2024 09:56:12 +0000
ROA not before: Wed 09 Oct 2024 09:56:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 02:22:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:70:b5:23:25:24:fd:e7:3e:fc:0e:5c:2b:f7:e5:5f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Oct 9 09:56:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71cdbd10a4f2465c9b59dca73dce406b7d338dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f8:7f:12:48:09:83:0d:e1:6b:35:01:12:16:
82:9c:e5:11:ac:57:23:29:de:6b:7b:5b:02:a2:07:
a6:f0:ef:ae:bd:e6:72:7c:7e:63:3b:b8:39:bd:69:
11:5e:64:4d:85:c8:20:29:b5:11:d0:d2:e2:5e:34:
79:fb:0f:c4:51:71:43:30:96:46:f1:8e:0a:68:af:
32:a5:51:61:01:e8:30:29:e5:56:4a:03:e1:82:a1:
45:94:5e:75:64:41:a7:96:c4:3e:45:df:75:98:87:
71:63:71:77:27:97:e3:92:4c:fe:c1:38:89:79:b6:
c7:45:c1:ca:3c:f3:10:72:71:b6:7b:8f:34:66:6f:
f0:e5:3e:70:01:84:c6:1a:05:d2:43:00:d3:5e:37:
41:56:74:8b:6b:3e:db:28:32:ed:9e:d1:f3:9c:2c:
2d:18:ed:95:98:74:56:02:d7:c3:2f:95:e7:7f:38:
3d:ac:b0:10:6b:13:17:82:f2:3e:b7:3f:17:de:de:
52:9d:54:e8:ee:9b:38:ac:65:ad:0c:3b:78:39:3d:
c1:7c:4c:39:35:de:f0:eb:ee:3b:a3:5a:13:59:e8:
65:84:4d:7c:66:0c:2f:2a:22:17:40:ba:d7:53:a4:
94:da:89:f8:b8:97:54:14:7b:6c:30:0b:ea:6d:cd:
ae:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:CD:BD:10:A4:F2:46:5C:9B:59:DC:A7:3D:CE:40:6B:7D:33:8D:BC
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/cc29EKTyRlybWdynPc5Aa30zjbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.1.0-140.150.7.255
140.150.18.0-140.150.21.255
Signature Algorithm: sha256WithRSAEncryption
4a:86:bf:1f:1f:c4:2e:54:f3:1a:ed:3a:b8:0e:39:cb:da:91:
ff:7c:f8:c2:ed:e9:51:21:e0:fe:4a:b2:7d:05:95:5e:0e:19:
8b:2e:0c:ab:27:77:1f:0d:a3:81:6e:d8:a3:55:87:2c:1a:10:
9c:f9:60:cf:09:2b:49:14:b3:ff:56:98:6e:cf:9f:f0:81:d9:
c6:14:21:78:64:ff:6e:16:f4:85:1c:01:a3:eb:34:37:8b:f0:
31:ac:83:b5:63:80:56:ef:58:da:2d:cc:d6:a4:bb:7b:e2:b8:
34:4a:41:b5:91:b9:b1:f5:ea:34:dc:09:d3:6e:9c:ce:0a:f7:
a2:67:39:7a:f1:52:85:2f:67:b1:9a:ad:b8:d3:62:ed:a1:33:
0a:37:41:99:60:06:92:8a:ee:e8:9a:5c:99:89:89:43:df:6e:
52:8a:be:af:76:7f:97:d0:62:6a:ae:ed:6e:98:80:08:a7:52:
7d:f5:c2:61:d4:cf:a9:4e:6c:13:08:76:c2:77:d6:eb:27:a8:
6f:6e:6d:2f:00:15:af:3e:9c:3e:78:b7:c2:9a:9e:f5:5e:f5:
69:fe:77:4b:b7:bf:68:dd:ab:1f:8c:96:23:68:60:cf:01:56:
dc:a3:de:ff:be:c4:cd:00:f4:96:7b:4f:c0:ba:1e:b4:47:ee:
0d:4a:3b:69
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZJwtSMlJP3nPvwOXCv35V8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjQxMDA5MDk1NjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWNkYmQxMGE0ZjI0NjVjOWI1OWRjYTczZGNlNDA2YjdkMzM4ZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPh/EkgJgw3hazUBEhaCnOURrFcj
Kd5re1sCogem8O+uveZyfH5jO7g5vWkRXmRNhcggKbUR0NLiXjR5+w/EUXFDMJZG
8Y4KaK8ypVFhAegwKeVWSgPhgqFFlF51ZEGnlsQ+Rd91mIdxY3F3J5fjkkz+wTiJ
ebbHRcHKPPMQcnG2e480Zm/w5T5wAYTGGgXSQwDTXjdBVnSLaz7bKDLtntHznCwt
GO2VmHRWAtfDL5Xnfzg9rLAQaxMXgvI+tz8X3t5SnVTo7ps4rGWtDDt4OT3BfEw5
Nd7w6+47o1oTWehlhE18ZgwvKiIXQLrXU6SU2on4uJdUFHtsMAvqbc2u1QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHHNvRCk8kZcm1ncpz3OQGt9M428MB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvY2MyOUVLVHlSbHliV2R5blBjNUFhMzB6amJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBACMlgED
BAOMlgAwDAMEAYyWEgMEAYyWFDANBgkqhkiG9w0BAQsFAAOCAQEASoa/Hx/ELlTz
Gu06uA45y9qR/3z4wu3pUSHg/kqyfQWVXg4Ziy4Mqyd3Hw2jgW7Yo1WHLBoQnPlg
zwkrSRSz/1aYbs+f8IHZxhQheGT/bhb0hRwBo+s0N4vwMayDtWOAVu9Y2i3M1qS7
e+K4NEpBtZG5sfXqNNwJ026czgr3omc5evFShS9nsZqtuNNi7aEzCjdBmWAGkoru
6JpcmYmJQ99uUoq+r3Z/l9Biaq7tbpiACKdSffXCYdTPqU5sEwh2wnfW6yeob25t
LwAVrz6cPni3wpqe9V71af53S7e/aN2rH4yWI2hgzwFW3KPe/77EzQD0lntPwLoe
tEfuDUo7aQ==
Generated at Thu Oct 10 06:23:12 2024 by rpki-client on console-fra.rpki-client.org