Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/64bzHiMIGWL3nRf9Pk1Hx2wPHDo.roa
File: 64bzHiMIGWL3nRf9Pk1Hx2wPHDo.roa (raw, json)
Hash identifier: hKYbx28EeyLVz9gA2ZxnXf7qZWGTtfnF2MmWUD78u2k=
Subject key identifier: EB:86:F3:1E:23:08:19:62:F7:9D:17:FD:3E:4D:47:C7:6C:0F:1C:3A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571B636827283B1CC4F2D518FCDEB6959
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/64bzHiMIGWL3nRf9Pk1Hx2wPHDo.roa
Signing time: Mon 02 Jan 2023 09:00:44 +0000
ROA not before: Mon 02 Jan 2023 09:00:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60609
IP address blocks: 185.150.78.0/23 maxlen: 23
185.150.76.0/24 maxlen: 24
194.26.174.0/24 maxlen: 24
194.26.174.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b6:36:82:72:83:b1:cc:4f:2d:51:8f:cd:eb:69:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:00:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb86f31e23081962f79d17fd3e4d47c76c0f1c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e1:d1:e5:01:50:d4:79:a2:68:8f:6e:6b:0d:
f5:bc:78:03:0b:98:f0:60:7d:b3:7d:50:fb:5d:35:
87:e3:1f:a5:55:91:14:65:61:6b:7e:88:d3:e8:c1:
09:ae:e0:16:37:af:fc:0d:ba:bf:99:ef:dd:bb:99:
66:a5:c7:e0:00:47:45:76:9e:48:0b:2b:88:23:50:
42:95:e4:a0:ad:90:0f:8a:2e:2d:07:6b:7c:4d:27:
5f:fe:f6:42:c9:e9:bd:17:ec:9e:2f:b2:80:a7:75:
a4:88:b3:1c:48:c0:55:a9:f3:40:3e:1e:7f:9c:c4:
60:01:9b:83:bd:ca:45:f5:35:3d:44:5e:a7:8c:0b:
74:4f:2a:c9:d7:c1:7b:da:6a:47:9f:a0:fc:47:1f:
b3:33:ad:a1:c8:6f:35:85:d0:f1:59:d9:f3:b0:55:
c8:6d:5d:91:b1:73:c9:ef:c1:30:a0:f2:97:e8:2d:
f5:4b:99:35:8b:b8:7b:47:8a:cb:8f:fe:a6:77:97:
5d:d5:9e:c3:9f:97:39:35:ff:b6:9b:1a:31:33:74:
87:32:31:c3:81:63:59:df:c2:15:71:82:ea:86:5c:
58:37:d6:e1:31:d6:41:3e:e1:b3:99:f7:e5:89:bc:
43:f2:f1:e7:d6:08:fb:76:3b:14:28:91:d6:66:3f:
19:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:86:F3:1E:23:08:19:62:F7:9D:17:FD:3E:4D:47:C7:6C:0F:1C:3A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/64bzHiMIGWL3nRf9Pk1Hx2wPHDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.76.0/24
185.150.78.0/23
194.26.174.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:e0:08:4c:5d:10:1f:e4:a4:73:d2:98:06:70:18:77:4c:dc:
d1:57:07:8b:68:f6:5c:1a:a9:df:f5:1e:00:d6:b6:bd:16:8a:
c2:da:fc:55:3f:ed:14:d2:94:c5:74:1e:b2:ff:86:ae:24:38:
9e:72:b7:e2:c6:8b:21:eb:4e:7d:58:ab:a2:80:a5:c2:bd:d5:
5f:99:13:88:8c:56:b3:e8:70:d1:2f:34:fc:a9:47:38:17:03:
b4:6f:9f:95:6a:5d:cc:9f:9a:47:f1:e9:67:7b:85:94:14:26:
03:be:c0:29:d6:d9:3e:a2:96:32:9d:ec:60:34:72:2c:6b:e7:
56:c3:bb:41:ba:4f:34:95:37:b8:9c:0b:ed:86:1e:31:66:b4:
60:de:1d:b9:3c:9b:98:cd:19:16:5f:38:6c:55:bb:45:52:86:
63:25:a8:86:52:c7:4c:00:f6:3f:6c:9d:1b:8e:30:2d:e1:56:
8c:ef:3c:12:f2:12:86:f5:b1:f3:3a:44:23:e5:68:df:c9:c5:
e2:86:9d:63:dd:dd:10:33:09:4c:c1:15:cf:0d:c6:88:76:ac:
b6:ef:b9:de:1b:a1:d6:96:a5:d1:d1:06:91:60:a5:24:09:1c:
07:5f:53:e6:0a:f7:a0:cf:11:18:6e:81:bb:90:fc:78:34:67:
c6:f9:32:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxtjaCcoOxzE8tUY/N62lZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjg2ZjMxZTIzMDgxOTYyZjc5ZDE3ZmQzZTRkNDdjNzZjMGYxYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieHR5QFQ1HmiaI9uaw31vHgDC5jw
YH2zfVD7XTWH4x+lVZEUZWFrfojT6MEJruAWN6/8Dbq/me/du5lmpcfgAEdFdp5I
CyuII1BCleSgrZAPii4tB2t8TSdf/vZCyem9F+yeL7KAp3WkiLMcSMBVqfNAPh5/
nMRgAZuDvcpF9TU9RF6njAt0TyrJ18F72mpHn6D8Rx+zM62hyG81hdDxWdnzsFXI
bV2RsXPJ78EwoPKX6C31S5k1i7h7R4rLj/6md5dd1Z7Dn5c5Nf+2mxoxM3SHMjHD
gWNZ38IVcYLqhlxYN9bhMdZBPuGzmfflibxD8vHn1gj7djsUKJHWZj8ZgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOuG8x4jCBli950X/T5NR8dsDxw6MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNjRiekhpTUlHV0wzblJmOVBrMUh4MndQSERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuZZMAwQB
uZZOAwQBwhquMA0GCSqGSIb3DQEBCwUAA4IBAQAM4AhMXRAf5KRz0pgGcBh3TNzR
VweLaPZcGqnf9R4A1ra9ForC2vxVP+0U0pTFdB6y/4auJDiecrfixosh6059WKui
gKXCvdVfmROIjFaz6HDRLzT8qUc4FwO0b5+Val3Mn5pH8elne4WUFCYDvsAp1tk+
opYynexgNHIsa+dWw7tBuk80lTe4nAvthh4xZrRg3h25PJuYzRkWXzhsVbtFUoZj
JaiGUsdMAPY/bJ0bjjAt4VaM7zwS8hKG9bHzOkQj5WjfycXihp1j3d0QMwlMwRXP
DcaIdqy277neG6HWlqXR0QaRYKUkCRwHX1PmCvegzxEYboG7kPx4NGfG+TKd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org