Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/o5mgP-zWQRJaEBEnqhlbh1r0Chw.roa
File: o5mgP-zWQRJaEBEnqhlbh1r0Chw.roa (raw, json)
Hash identifier: VTEyoX052M7Zsj2DDWKUAxJPmwIxa/0kqaKXN9Qe1qc=
Subject key identifier: A3:99:A0:3F:EC:D6:41:12:5A:10:11:27:AA:19:5B:87:5A:F4:0A:1C
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0192FBAB9EEDF2E085CC559B458FF0789D7B
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/o5mgP-zWQRJaEBEnqhlbh1r0Chw.roa
Signing time: Tue 05 Nov 2024 09:33:01 +0000
ROA not before: Tue 05 Nov 2024 09:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.8.0/23 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 06:28:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fb:ab:9e:ed:f2:e0:85:cc:55:9b:45:8f:f0:78:9d:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Nov 5 09:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a399a03fecd641125a101127aa195b875af40a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f2:f0:cc:1d:ef:ae:4f:45:21:cf:96:41:c4:
71:ab:61:5a:a8:97:72:eb:13:e9:4b:51:c6:e1:07:
b8:a3:74:66:98:ab:b8:c9:21:6c:31:b4:8c:e0:1d:
be:1b:bf:32:df:01:f0:f1:d7:85:03:ec:71:e9:65:
94:49:f1:4e:8b:9b:6f:14:47:79:42:0e:39:70:26:
93:cb:4f:ac:e7:1d:d0:06:45:68:77:07:76:57:f9:
fd:83:51:82:fc:2d:b4:e3:a1:6f:df:ac:eb:e2:9e:
72:d4:53:dd:fb:d5:00:f6:f3:ac:4d:eb:9e:6a:92:
8e:a3:65:65:70:72:23:f8:9e:73:07:4b:f5:3b:a7:
10:4c:d0:31:38:9a:40:36:a3:11:ab:cf:bb:a6:80:
c7:61:38:1c:db:84:1a:d8:7d:73:b2:ea:7e:40:a3:
9d:c2:9a:34:74:20:32:c0:86:f6:65:aa:c4:43:a6:
66:d0:e7:a9:21:ba:c2:f0:82:79:89:30:31:1d:ba:
3a:4f:c1:86:b6:49:7d:ad:b1:a6:90:75:8f:2e:7f:
19:fb:82:2e:bb:04:b6:3b:30:89:37:69:f1:6a:d2:
df:1a:ca:96:a9:46:3b:43:62:de:be:7d:51:a7:76:
cf:00:51:de:74:85:31:cc:c0:87:93:58:52:0e:47:
b9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:99:A0:3F:EC:D6:41:12:5A:10:11:27:AA:19:5B:87:5A:F4:0A:1C
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/o5mgP-zWQRJaEBEnqhlbh1r0Chw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0-140.150.9.255
140.150.12.0/24
140.150.18.0/23
140.150.21.0/24
140.150.24.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:b1:fe:20:88:e1:1e:5e:9a:5b:1e:e6:1f:bd:39:30:eb:f5:
d8:a9:de:18:72:11:ef:2f:ea:18:6f:7b:70:12:7f:f8:24:33:
2e:ed:af:ed:f5:9c:b6:6c:6e:d1:64:0f:84:96:6f:d9:97:71:
20:cd:3d:db:4f:33:3f:d1:e0:bb:03:b4:2e:7e:d9:b1:b3:f9:
bc:39:d9:61:35:d3:b7:0a:4d:b0:f0:e3:70:66:7c:f2:40:1d:
80:f6:76:8a:5f:6e:29:16:c4:96:50:58:ec:db:8f:34:0e:b9:
dc:5b:13:4b:28:6e:63:bc:35:e7:db:48:01:39:8a:ba:9e:ea:
19:42:a5:e8:01:13:0c:fe:c6:1a:24:55:6e:91:4d:52:c3:53:
20:52:f4:1d:8e:59:ae:96:25:6a:18:81:a3:9e:50:55:e3:56:
ef:3d:43:c8:f3:d9:4c:8c:9b:80:72:14:3f:02:5e:a8:a0:82:
8c:16:f4:7c:d4:c0:10:fb:a4:2e:58:f1:54:5b:a2:b7:b1:bd:
b0:78:f3:5c:d1:a6:a8:25:9d:b2:da:ab:46:26:5a:47:4e:c0:
01:79:70:51:81:7a:98:52:b5:5c:d4:f8:b2:8e:c6:f9:5a:38:
ba:00:98:83:d4:02:eb:97:43:4f:54:af:5b:f7:12:00:e3:e9:
b0:93:ab:01
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZL7q57t8uCFzFWbRY/weJ17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjQxMTA1MDkzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzk5YTAzZmVjZDY0MTEyNWExMDExMjdhYTE5NWI4NzVhZjQwYTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvLwzB3vrk9FIc+WQcRxq2FaqJdy
6xPpS1HG4Qe4o3RmmKu4ySFsMbSM4B2+G78y3wHw8deFA+xx6WWUSfFOi5tvFEd5
Qg45cCaTy0+s5x3QBkVodwd2V/n9g1GC/C2046Fv36zr4p5y1FPd+9UA9vOsTeue
apKOo2VlcHIj+J5zB0v1O6cQTNAxOJpANqMRq8+7poDHYTgc24Qa2H1zsup+QKOd
wpo0dCAywIb2ZarEQ6Zm0OepIbrC8IJ5iTAxHbo6T8GGtkl9rbGmkHWPLn8Z+4Iu
uwS2OzCJN2nxatLfGsqWqUY7Q2Levn1Rp3bPAFHedIUxzMCHk1hSDke5qwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFKOZoD/s1kESWhARJ6oZW4da9AocMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvbzVtZ1AteldRUkphRUJFbnFobGJoMXIwQ2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlMAsDAwGMlgME
AYyWCAMEAIyWDAMEAYyWEgMEAIyWFQMEAYyWGDANBgkqhkiG9w0BAQsFAAOCAQEA
xrH+IIjhHl6aWx7mH705MOv12KneGHIR7y/qGG97cBJ/+CQzLu2v7fWctmxu0WQP
hJZv2ZdxIM09208zP9HguwO0Ln7ZsbP5vDnZYTXTtwpNsPDjcGZ88kAdgPZ2il9u
KRbEllBY7NuPNA653FsTSyhuY7w159tIATmKup7qGUKl6AETDP7GGiRVbpFNUsNT
IFL0HY5ZrpYlahiBo55QVeNW7z1DyPPZTIybgHIUPwJeqKCCjBb0fNTAEPukLljx
VFuit7G9sHjzXNGmqCWdstqrRiZaR07AAXlwUYF6mFK1XNT4so7G+Vo4ugCYg9QC
65dDT1SvW/cSAOPpsJOrAQ==
-----END CERTIFICATE-----
Generated at Mon Nov 18 08:29:21 2024 by rpki-client on console-fra.rpki-client.org