Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/810d29-0c85-4057-b626-af0e417d4c3a/1/s6453JcU14HxiqkNMzYQgQcNuuM.roa
File: s6453JcU14HxiqkNMzYQgQcNuuM.roa (raw, json)
Hash identifier: 1+Aeiu/sQJuNnseGbUs8K6PX7F/BkVGIKIVl30DtvfE=
Subject key identifier: B3:AE:39:DC:97:14:D7:81:F1:8A:A9:0D:33:36:10:81:07:0D:BA:E3
Certificate issuer: /CN=2f75bc7379f115b0671552c9baf2bed85bde8189
Certificate serial: 01856E2FA2BAB40F3082ACFAA736D76EF045
Authority key identifier: 2F:75:BC:73:79:F1:15:B0:67:15:52:C9:BA:F2:BE:D8:5B:DE:81:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3W8c3nxFbBnFVLJuvK-2FvegYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/810d29-0c85-4057-b626-af0e417d4c3a/1/s6453JcU14HxiqkNMzYQgQcNuuM.roa
Signing time: Sun 01 Jan 2023 16:34:53 +0000
ROA not before: Sun 01 Jan 2023 16:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201832
IP address blocks: 185.62.149.0/24 maxlen: 24
185.62.148.0/24 maxlen: 24
2a03:560::/48 maxlen: 48
2a03:560:148::/48 maxlen: 48
2a03:560:1::/48 maxlen: 48
2a03:560:149::/48 maxlen: 48
2a03:561::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:a2:ba:b4:0f:30:82:ac:fa:a7:36:d7:6e:f0:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f75bc7379f115b0671552c9baf2bed85bde8189
Validity
Not Before: Jan 1 16:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3ae39dc9714d781f18aa90d33361081070dbae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ed:fa:29:78:76:33:c8:2e:81:74:98:89:a8:
d4:f3:72:60:a6:fe:a8:4c:9f:25:e8:f5:f3:fd:bc:
10:38:3e:c6:ae:3a:ac:df:ec:83:66:5b:22:af:38:
3e:4f:4f:1e:d0:b1:fb:73:a8:3d:80:5e:f4:68:4d:
53:3b:98:ac:3f:8c:f0:58:d6:bb:69:dc:49:00:9c:
5e:47:1c:43:da:54:6a:a5:fe:ce:1e:c6:2f:ce:12:
e7:e1:b3:4d:be:22:7c:7d:fd:8d:f3:37:da:2c:4a:
75:cb:5e:bc:54:ef:5a:70:c0:e4:8c:34:ab:8b:4e:
01:b8:f5:e9:4a:e2:45:39:12:ff:9a:8c:56:0d:bf:
3c:c9:86:b1:a4:51:b1:8e:7e:6d:76:cc:31:52:56:
bd:82:26:70:b7:97:81:01:e0:a2:40:ef:54:bf:8b:
cd:ad:a6:17:28:4e:be:47:3d:25:50:52:26:e5:04:
6c:7f:46:47:7b:c8:61:ee:e7:64:ca:42:d4:c7:f2:
06:4e:3d:cf:77:de:77:8b:5f:82:9a:49:2f:3d:20:
1b:9d:c4:21:99:ca:40:26:b6:65:0a:7e:ea:27:b1:
85:79:68:5f:f6:d4:88:78:63:0e:fe:5d:d2:bd:19:
65:62:31:fe:11:f7:1c:0d:51:c4:2b:2d:3e:9f:21:
f4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AE:39:DC:97:14:D7:81:F1:8A:A9:0D:33:36:10:81:07:0D:BA:E3
X509v3 Authority Key Identifier:
keyid:2F:75:BC:73:79:F1:15:B0:67:15:52:C9:BA:F2:BE:D8:5B:DE:81:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3W8c3nxFbBnFVLJuvK-2FvegYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/810d29-0c85-4057-b626-af0e417d4c3a/1/s6453JcU14HxiqkNMzYQgQcNuuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/810d29-0c85-4057-b626-af0e417d4c3a/1/L3W8c3nxFbBnFVLJuvK-2FvegYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.148.0/23
IPv6:
2a03:560::/47
2a03:560:148::/47
2a03:561::/32
Signature Algorithm: sha256WithRSAEncryption
ad:0f:5b:37:5c:3a:12:eb:55:0d:14:29:87:47:d1:b0:6f:c2:
9a:6c:50:4a:77:a5:1b:e7:19:91:85:fe:d9:90:18:d6:69:7c:
43:13:b9:6f:c0:92:6f:ef:31:c9:f0:3c:68:56:67:ec:dd:02:
c6:fa:31:a0:ad:c9:26:9f:a8:1e:f4:3e:61:db:62:88:fc:25:
af:89:c0:f1:64:17:c9:dc:d0:a1:8a:12:0f:de:a5:62:5e:b5:
d3:65:fd:d2:ef:63:6b:fe:e4:90:46:0f:81:dd:53:61:9a:8c:
06:d5:9e:b0:95:9e:64:5d:b1:46:eb:a4:c2:e6:46:b5:f8:6d:
a7:6f:b9:9e:e7:86:42:33:7d:d9:7c:da:b9:b2:37:63:26:54:
bc:16:a3:a5:12:3a:45:01:91:03:c8:9f:28:d7:6c:14:1b:d2:
3d:9f:f3:ab:e5:d6:5d:dc:2b:d9:3f:4c:a4:c6:dd:58:b0:33:
1d:70:2f:6f:f5:89:fc:b1:71:31:93:07:55:a6:5b:8b:fa:15:
9d:5d:7b:90:4f:83:9d:d5:d8:51:aa:0f:a8:57:db:95:fb:2a:
1a:69:02:79:73:e6:2f:3a:5d:d0:6d:60:2d:c5:db:b5:d9:ae:
49:af:5b:a3:74:48:57:2a:ed:99:bd:03:c6:5c:15:fb:63:b9:
48:04:23:e4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVuL6K6tA8wgqz6pzbXbvBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNzViYzczNzlmMTE1YjA2NzE1NTJjOWJhZjJiZWQ4NWJk
ZTgxODkwHhcNMjMwMTAxMTYzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2FlMzlkYzk3MTRkNzgxZjE4YWE5MGQzMzM2MTA4MTA3MGRiYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgu36KXh2M8gugXSYiajU83Jgpv6o
TJ8l6PXz/bwQOD7Grjqs3+yDZlsirzg+T08e0LH7c6g9gF70aE1TO5isP4zwWNa7
adxJAJxeRxxD2lRqpf7OHsYvzhLn4bNNviJ8ff2N8zfaLEp1y168VO9acMDkjDSr
i04BuPXpSuJFORL/moxWDb88yYaxpFGxjn5tdswxUla9giZwt5eBAeCiQO9Uv4vN
raYXKE6+Rz0lUFIm5QRsf0ZHe8hh7udkykLUx/IGTj3Pd953i1+CmkkvPSAbncQh
mcpAJrZlCn7qJ7GFeWhf9tSIeGMO/l3SvRllYjH+EfccDVHEKy0+nyH0cQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLOuOdyXFNeB8YqpDTM2EIEHDbrjMB8GA1UdIwQY
MBaAFC91vHN58RWwZxVSybryvthb3oGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNXOGMzbnhGYkJuRlZMSnV2Sy0yRnZlZ1lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MTBkMjktMGM4NS00MDU3LWI2MjYt
YWYwZTQxN2Q0YzNhLzEvczY0NTNKY1UxNEh4aXFrTk16WVFnUWNOdXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MTBkMjktMGM4NS00MDU3LWI2MjYtYWYwZTQxN2Q0YzNh
LzEvTDNXOGMzbnhGYkJuRlZMSnV2Sy0yRnZlZ1lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQBuT6UMB8E
AgACMBkDBwEqAwVgAAADBwEqAwVgAUgDBQAqAwVhMA0GCSqGSIb3DQEBCwUAA4IB
AQCtD1s3XDoS61UNFCmHR9Gwb8KabFBKd6Ub5xmRhf7ZkBjWaXxDE7lvwJJv7zHJ
8DxoVmfs3QLG+jGgrckmn6ge9D5h22KI/CWvicDxZBfJ3NChihIP3qViXrXTZf3S
72Nr/uSQRg+B3VNhmowG1Z6wlZ5kXbFG66TC5ka1+G2nb7me54ZCM33ZfNq5sjdj
JlS8FqOlEjpFAZEDyJ8o12wUG9I9n/Or5dZd3CvZP0ykxt1YsDMdcC9v9Yn8sXEx
kwdVpluL+hWdXXuQT4Od1dhRqg+oV9uV+yoaaQJ5c+YvOl3QbWAtxdu12a5Jr1uj
dEhXKu2ZvQPGXBX7Y7lIBCPk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:22 2024 by rpki-client on console-ams.rpki-client.org