Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/uF9U4A3Iae5B05-EDU6aS1_tTls.roa
File: uF9U4A3Iae5B05-EDU6aS1_tTls.roa (raw, json)
Hash identifier: 1PI8A4o7TX+gFJiIwnGHAqdLRbYlW9+Ur6w+xsNir9Y=
Subject key identifier: B8:5F:54:E0:0D:C8:69:EE:41:D3:9F:84:0D:4E:9A:4B:5F:ED:4E:5B
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01857082C253F04BF845AECB8A68A5F39CAC
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/uF9U4A3Iae5B05-EDU6aS1_tTls.roa
Signing time: Mon 02 Jan 2023 03:24:55 +0000
ROA not before: Mon 02 Jan 2023 03:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 185.199.150.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Mar 2023 09:58:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:c2:53:f0:4b:f8:45:ae:cb:8a:68:a5:f3:9c:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 2 03:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b85f54e00dc869ee41d39f840d4e9a4b5fed4e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f3:c8:91:27:13:df:ac:1d:a8:a1:36:1b:84:
43:ec:fc:93:c5:95:73:1c:15:af:fa:6c:8e:2a:0f:
30:58:be:31:e6:37:a6:c8:4f:8f:b4:cd:0f:62:df:
96:b8:36:e2:48:91:28:f6:13:1e:ad:8e:a2:93:0f:
95:8f:c7:02:2a:af:ab:9a:bd:34:40:c0:85:4f:4a:
45:f7:8a:19:fc:8d:34:83:f6:00:20:4c:da:9e:dc:
ed:41:e8:5f:24:41:72:71:70:d5:d0:5d:eb:74:2e:
b9:3b:af:8a:43:55:eb:63:25:a3:f1:36:1d:0e:87:
76:87:60:ce:03:12:ca:5b:a3:b4:59:af:2b:48:ed:
b0:48:d4:fd:0e:86:fd:94:f6:77:e5:2e:b3:31:cd:
38:11:ed:f5:27:b9:cc:13:d2:1a:69:d7:b0:6d:76:
d0:7c:3c:ec:5e:a7:b6:20:29:d4:76:cb:0c:be:96:
8c:c9:bf:16:71:65:d8:20:a1:24:66:a8:08:0a:7c:
c0:68:0e:2b:3a:03:ae:6d:04:bb:94:7e:b5:82:8e:
9a:23:f7:d4:06:f0:bd:35:d8:b0:ed:8c:fe:5c:3b:
2e:33:fc:28:ba:31:48:f8:ac:bc:d8:de:25:87:37:
24:7a:c5:9f:72:47:41:a4:8d:61:7c:ab:21:e6:97:
5a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5F:54:E0:0D:C8:69:EE:41:D3:9F:84:0D:4E:9A:4B:5F:ED:4E:5B
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/uF9U4A3Iae5B05-EDU6aS1_tTls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.150.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:4b:ff:d2:6d:2e:22:4e:f7:0c:fa:d5:de:87:09:26:74:b2:
43:91:9d:32:c5:4e:76:a6:5b:cc:81:c7:52:7a:a3:d5:36:ac:
59:e4:d0:63:cd:e5:3d:0f:67:8c:b0:1e:e9:43:eb:ac:e6:ab:
48:e0:8e:e0:6c:15:fe:2a:d8:be:a5:b9:e4:d5:f7:c5:74:16:
d3:8f:7f:d8:8f:7e:93:6e:9e:29:26:57:e2:fc:f6:3e:68:7e:
1b:2c:02:a2:e7:1e:12:13:f2:26:34:73:10:a9:12:fa:4b:f5:
88:c6:43:49:95:3c:2d:71:e6:9f:cc:73:0a:af:d4:98:2c:20:
34:3b:f8:ab:6c:a9:5d:0b:d0:bc:ae:93:cd:52:67:8d:b7:6f:
2f:3c:98:d6:a9:f6:53:bc:f8:47:63:94:e6:86:78:ad:c6:32:
67:a1:9a:bd:25:8d:0b:48:97:00:cc:3d:f7:62:65:ec:d7:fa:
a7:7b:fd:86:0a:11:08:fa:50:3d:28:29:c0:b1:79:c1:8f:35:
49:69:38:cc:87:68:a3:bb:9e:b3:e7:ef:89:2e:0c:3f:c9:dd:
84:ff:65:a8:96:14:dc:74:1f:a7:29:08:50:c7:ee:b5:e5:97:
9d:67:b2:ca:96:46:93:8e:2b:89:c9:2c:01:0b:7a:08:6c:a7:
0f:a7:0f:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgsJT8Ev4Ra7Limil85ysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwMTAyMDMyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODVmNTRlMDBkYzg2OWVlNDFkMzlmODQwZDRlOWE0YjVmZWQ0ZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/PIkScT36wdqKE2G4RD7PyTxZVz
HBWv+myOKg8wWL4x5jemyE+PtM0PYt+WuDbiSJEo9hMerY6ikw+Vj8cCKq+rmr00
QMCFT0pF94oZ/I00g/YAIEzantztQehfJEFycXDV0F3rdC65O6+KQ1XrYyWj8TYd
Dod2h2DOAxLKW6O0Wa8rSO2wSNT9Dob9lPZ35S6zMc04Ee31J7nME9IaadewbXbQ
fDzsXqe2ICnUdssMvpaMyb8WcWXYIKEkZqgICnzAaA4rOgOubQS7lH61go6aI/fU
BvC9Ndiw7Yz+XDsuM/woujFI+Ky82N4lhzckesWfckdBpI1hfKsh5pdaiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhfVOANyGnuQdOfhA1Omktf7U5bMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvdUY5VTRBM0lhZTVCMDUtRURVNmFTMV90VGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuceWMA0G
CSqGSIb3DQEBCwUAA4IBAQAeS//SbS4iTvcM+tXehwkmdLJDkZ0yxU52plvMgcdS
eqPVNqxZ5NBjzeU9D2eMsB7pQ+us5qtI4I7gbBX+Kti+pbnk1ffFdBbTj3/Yj36T
bp4pJlfi/PY+aH4bLAKi5x4SE/ImNHMQqRL6S/WIxkNJlTwtceafzHMKr9SYLCA0
O/irbKldC9C8rpPNUmeNt28vPJjWqfZTvPhHY5TmhnitxjJnoZq9JY0LSJcAzD33
YmXs1/qne/2GChEI+lA9KCnAsXnBjzVJaTjMh2iju56z5++JLgw/yd2E/2WolhTc
dB+nKQhQx+615ZedZ7LKlkaTjiuJySwBC3oIbKcPpw/p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:36 2024 by rpki-client on console-ams.rpki-client.org