Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6ed20e-2159-47d5-9b1d-41d509f8b155/1/gO5APDHDRHhULfiMA30yjbQLUN0.roa
File: gO5APDHDRHhULfiMA30yjbQLUN0.roa (raw, json)
Hash identifier: TQa1umlH1sJI2tcjvJ5/6ntGmFU6vf3BuqoEdyv648A=
Subject key identifier: 80:EE:40:3C:31:C3:44:78:54:2D:F8:8C:03:7D:32:8D:B4:0B:50:DD
Certificate issuer: /CN=335c3336e2ce3bd75ab29ce81e54ff81ec56f1da
Certificate serial: 01856C9CB724E75CDC7D5A934F2C10C37545
Authority key identifier: 33:5C:33:36:E2:CE:3B:D7:5A:B2:9C:E8:1E:54:FF:81:EC:56:F1:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1wzNuLOO9daspzoHlT_gexW8do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/6ed20e-2159-47d5-9b1d-41d509f8b155/1/gO5APDHDRHhULfiMA30yjbQLUN0.roa
Signing time: Sun 01 Jan 2023 09:14:47 +0000
ROA not before: Sun 01 Jan 2023 09:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202823
IP address blocks: 185.150.221.0/24 maxlen: 24
185.150.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:b7:24:e7:5c:dc:7d:5a:93:4f:2c:10:c3:75:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335c3336e2ce3bd75ab29ce81e54ff81ec56f1da
Validity
Not Before: Jan 1 09:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80ee403c31c34478542df88c037d328db40b50dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7f:f7:c4:4c:ad:41:c3:f3:f2:92:bf:38:5e:
18:e6:17:c2:8a:f4:e8:cf:e9:64:65:12:cd:fe:f6:
66:a1:ca:e9:49:64:2d:30:44:b1:19:c1:a0:bd:19:
d4:57:66:e0:39:8a:2b:23:62:4b:81:b7:dc:46:18:
3e:ff:0b:d2:ab:e2:4b:38:00:41:9d:e8:ed:cf:35:
51:4c:a2:4b:94:f3:3a:9a:c4:e1:8c:98:5a:8c:ee:
1e:60:f5:6c:90:c1:71:d9:7f:6e:c9:6c:04:64:c2:
26:4e:d1:80:9f:63:bc:3c:0c:90:ae:7b:d8:47:60:
b3:a1:82:15:62:fa:fc:2d:f5:63:2c:d6:8d:a3:0a:
d1:cd:e4:37:32:ec:13:0b:32:14:d4:c6:66:dd:fb:
62:8f:8b:0c:36:83:b4:2c:9c:9d:c6:93:6b:ac:4d:
6f:7a:92:71:b0:72:6a:48:3e:d3:7d:30:e3:cc:ad:
c3:81:4c:99:71:47:04:fc:63:2f:df:e3:d5:1f:ea:
14:6b:c9:54:85:1a:a5:3e:1a:b4:42:a2:d5:63:23:
55:a9:fd:d5:0f:a7:43:81:f4:99:07:5f:25:0d:f3:
c7:79:c2:1f:7a:df:7d:69:e3:74:74:e9:61:f8:17:
ba:5e:cf:5d:bc:e3:5e:c5:4e:33:dd:96:4c:42:3c:
fe:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:EE:40:3C:31:C3:44:78:54:2D:F8:8C:03:7D:32:8D:B4:0B:50:DD
X509v3 Authority Key Identifier:
keyid:33:5C:33:36:E2:CE:3B:D7:5A:B2:9C:E8:1E:54:FF:81:EC:56:F1:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1wzNuLOO9daspzoHlT_gexW8do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6ed20e-2159-47d5-9b1d-41d509f8b155/1/gO5APDHDRHhULfiMA30yjbQLUN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6ed20e-2159-47d5-9b1d-41d509f8b155/1/M1wzNuLOO9daspzoHlT_gexW8do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.220.0/23
Signature Algorithm: sha256WithRSAEncryption
02:bf:a2:b1:29:be:bd:30:ea:42:72:5f:d8:66:e0:f6:3d:4c:
77:51:67:ac:c1:58:d0:ba:31:ea:95:a3:a3:38:3f:46:21:8d:
57:36:18:af:31:75:83:bf:e7:6a:33:6b:b9:d6:ad:1b:58:b7:
b3:37:f5:44:5b:7c:92:40:c6:72:05:d6:86:ed:99:95:0d:71:
ce:03:55:50:fc:76:45:4e:58:b3:41:50:cf:ca:cb:4d:ff:f1:
cb:5d:01:57:c8:f3:22:40:74:0b:e7:fb:bb:4d:2a:e6:6a:23:
fe:54:36:bf:39:98:51:1b:c7:eb:28:d1:2f:7c:70:e0:63:8e:
1f:05:98:f2:a8:9b:38:c8:68:a1:de:5e:cf:5b:59:db:f2:06:
90:84:9c:f7:83:e8:0f:3d:b7:76:2a:68:3c:4e:09:62:56:99:
94:77:86:f8:6c:d5:ec:0c:28:fe:a3:61:eb:93:da:10:90:6d:
28:db:64:ba:a7:1f:19:cb:11:51:9f:64:71:eb:67:da:0b:91:
a8:78:5c:42:ec:e4:c6:41:b0:9f:a9:bd:4a:7d:a2:40:53:1c:
36:58:18:c6:e2:71:64:e2:57:34:8d:f5:35:e4:3d:b2:fb:63:
87:e5:72:e7:d9:dd:ea:5c:97:c4:bb:27:cb:3e:00:93:6a:43:
62:62:11:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnLck51zcfVqTTywQw3VFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNWMzMzM2ZTJjZTNiZDc1YWIyOWNlODFlNTRmZjgxZWM1
NmYxZGEwHhcNMjMwMTAxMDkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGVlNDAzYzMxYzM0NDc4NTQyZGY4OGMwMzdkMzI4ZGI0MGI1MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX/3xEytQcPz8pK/OF4Y5hfCivTo
z+lkZRLN/vZmocrpSWQtMESxGcGgvRnUV2bgOYorI2JLgbfcRhg+/wvSq+JLOABB
nejtzzVRTKJLlPM6msThjJhajO4eYPVskMFx2X9uyWwEZMImTtGAn2O8PAyQrnvY
R2CzoYIVYvr8LfVjLNaNowrRzeQ3MuwTCzIU1MZm3ftij4sMNoO0LJydxpNrrE1v
epJxsHJqSD7TfTDjzK3DgUyZcUcE/GMv3+PVH+oUa8lUhRqlPhq0QqLVYyNVqf3V
D6dDgfSZB18lDfPHecIfet99aeN0dOlh+Be6Xs9dvONexU4z3ZZMQjz+TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDuQDwxw0R4VC34jAN9Mo20C1DdMB8GA1UdIwQY
MBaAFDNcMzbizjvXWrKc6B5U/4HsVvHaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTF3ek51TE9POWRhc3B6b0hsVF9nZXhXOGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZWQyMGUtMjE1OS00N2Q1LTliMWQt
NDFkNTA5ZjhiMTU1LzEvZ081QVBESERSSGhVTGZpTUEzMHlqYlFMVU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZWQyMGUtMjE1OS00N2Q1LTliMWQtNDFkNTA5ZjhiMTU1
LzEvTTF3ek51TE9POWRhc3B6b0hsVF9nZXhXOGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZbcMA0G
CSqGSIb3DQEBCwUAA4IBAQACv6KxKb69MOpCcl/YZuD2PUx3UWeswVjQujHqlaOj
OD9GIY1XNhivMXWDv+dqM2u51q0bWLezN/VEW3ySQMZyBdaG7ZmVDXHOA1VQ/HZF
TlizQVDPystN//HLXQFXyPMiQHQL5/u7TSrmaiP+VDa/OZhRG8frKNEvfHDgY44f
BZjyqJs4yGih3l7PW1nb8gaQhJz3g+gPPbd2Kmg8TgliVpmUd4b4bNXsDCj+o2Hr
k9oQkG0o22S6px8ZyxFRn2Rx62faC5GoeFxC7OTGQbCfqb1KfaJAUxw2WBjG4nFk
4lc0jfU15D2y+2OH5XLn2d3qXJfEuyfLPgCTakNiYhGp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:37 2024 by rpki-client on console-ams.rpki-client.org