Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/5IIILtEzJV_wWe7r48DLz67rUrU.roa
File: 5IIILtEzJV_wWe7r48DLz67rUrU.roa (raw, json)
Hash identifier: oMjKeQQSCuJdhok3wObLM5ANqB9SFNMaNcQ8ZcxePUs=
Subject key identifier: E4:82:08:2E:D1:33:25:5F:F0:59:EE:EB:E3:C0:CB:CF:AE:EB:52:B5
Certificate issuer: /CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Certificate serial: 0193CF08B34EB8C5F6F70476188DB3D116A5
Authority key identifier: B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/5IIILtEzJV_wWe7r48DLz67rUrU.roa
Signing time: Mon 16 Dec 2024 10:34:34 +0000
ROA not before: Mon 16 Dec 2024 10:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202196
IP address blocks: 185.150.60.0/22 maxlen: 22
185.150.60.0/23 maxlen: 23
185.150.60.0/24 maxlen: 24
185.150.61.0/24 maxlen: 24
185.150.62.0/23 maxlen: 23
185.150.62.0/24 maxlen: 24
185.150.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:08:b3:4e:b8:c5:f6:f7:04:76:18:8d:b3:d1:16:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Validity
Not Before: Dec 16 10:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e482082ed133255ff059eeebe3c0cbcfaeeb52b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9f:1c:6d:7d:da:2c:86:12:1b:8b:6a:87:2c:
66:1f:4b:21:5f:68:7d:f6:f8:c3:26:bc:09:07:fa:
80:1d:ae:60:fa:6b:32:4f:f2:e4:bd:6f:e6:39:7c:
4c:ff:e5:9d:ff:16:c9:d9:a9:7e:45:02:0d:e2:3e:
6f:f6:75:59:18:82:79:e3:cf:0b:d4:ed:54:70:35:
43:4a:48:af:0c:e8:23:1a:8c:f8:7e:9f:d3:56:92:
20:69:1d:f4:21:91:58:a9:06:18:53:c0:2d:e1:d0:
37:41:1d:84:ed:12:13:c5:a8:3c:b4:a0:0b:b9:47:
08:cc:4f:ab:57:86:78:c8:17:49:2b:04:19:35:c4:
a3:f4:91:0b:69:fa:65:6c:9f:71:44:1d:0e:58:19:
3f:b4:2d:79:4a:7f:1b:2e:0f:b2:34:10:85:4c:b9:
28:17:11:0f:49:c1:9a:5a:10:db:74:d3:00:20:a0:
b1:eb:16:48:f5:88:b3:b5:f8:37:1b:66:cc:63:2e:
c2:d6:a9:fd:f1:bc:ae:a9:f5:69:45:33:4f:74:af:
85:53:96:a5:77:66:45:11:fd:f6:8f:96:3c:ea:30:
6f:e0:a7:d9:f6:ac:9e:d5:60:44:05:17:ce:0e:08:
66:df:11:37:56:58:d8:4b:ff:99:40:b0:bd:cc:54:
16:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:82:08:2E:D1:33:25:5F:F0:59:EE:EB:E3:C0:CB:CF:AE:EB:52:B5
X509v3 Authority Key Identifier:
keyid:B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/5IIILtEzJV_wWe7r48DLz67rUrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/tKkPaJZnhEKvruG6qqayot7KzTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.60.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:4e:3f:57:74:d2:d2:97:33:da:a9:26:b6:11:58:1c:e6:7c:
2f:58:fe:09:ad:5d:b6:f1:47:df:99:50:ea:67:e2:5d:c9:5e:
44:28:1a:06:c1:a7:aa:ef:37:93:47:29:ef:1c:af:64:5e:14:
fd:25:05:98:b3:9a:fd:ff:26:f9:d6:76:99:ff:65:e0:ea:2a:
4b:4a:14:f8:84:d8:3f:e5:14:56:cb:1c:f7:a6:8f:d2:aa:2e:
4f:70:46:97:f8:cb:e6:34:57:ed:48:f6:9b:d0:37:9b:ca:f6:
b9:e2:a0:cd:2f:e7:d4:59:f9:7a:94:0f:aa:06:cb:28:0f:43:
4e:90:93:05:25:59:e1:39:43:77:9f:a3:48:60:67:60:7c:16:
47:05:62:ac:0b:8f:bb:98:8e:18:6c:3c:fe:71:d1:b9:e6:c4:
ef:11:2a:3b:4f:6b:28:10:93:58:c0:31:ce:38:24:2a:ab:07:
37:36:e6:73:9d:5e:89:51:31:38:9b:79:68:f2:c2:53:e3:72:
6b:03:71:94:e6:19:f9:52:bf:39:54:00:94:b5:2b:21:6f:9d:
4b:b2:20:a0:70:3c:4e:ea:f8:94:46:5f:bb:a1:29:12:f7:11:
44:92:a6:f7:2f:66:4e:a9:45:ef:21:15:95:db:b3:fd:67:a8:
f6:b2:6c:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPPCLNOuMX29wR2GI2z0RalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTkwZjY4OTY2Nzg0NDJhZmFlZTFiYWFhYTZiMmEyZGVj
YWNkM2IwHhcNMjQxMjE2MTAzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDgyMDgyZWQxMzMyNTVmZjA1OWVlZWJlM2MwY2JjZmFlZWI1MmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk58cbX3aLIYSG4tqhyxmH0shX2h9
9vjDJrwJB/qAHa5g+msyT/LkvW/mOXxM/+Wd/xbJ2al+RQIN4j5v9nVZGIJ5488L
1O1UcDVDSkivDOgjGoz4fp/TVpIgaR30IZFYqQYYU8At4dA3QR2E7RITxag8tKAL
uUcIzE+rV4Z4yBdJKwQZNcSj9JELafplbJ9xRB0OWBk/tC15Sn8bLg+yNBCFTLko
FxEPScGaWhDbdNMAIKCx6xZI9Yiztfg3G2bMYy7C1qn98byuqfVpRTNPdK+FU5al
d2ZFEf32j5Y86jBv4KfZ9qye1WBEBRfODghm3xE3VljYS/+ZQLC9zFQWUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOSCCC7RMyVf8Fnu6+PAy8+u61K1MB8GA1UdIwQY
MBaAFLSpD2iWZ4RCr67huqqmsqLeys07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAt
OWQxODEyOTk5YTM1LzEvNUlJSUx0RXpKVl93V2U3cjQ4REx6NjdyVXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAtOWQxODEyOTk5YTM1
LzEvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZY8MA0G
CSqGSIb3DQEBCwUAA4IBAQBtTj9XdNLSlzPaqSa2EVgc5nwvWP4JrV228UffmVDq
Z+JdyV5EKBoGwaeq7zeTRynvHK9kXhT9JQWYs5r9/yb51naZ/2Xg6ipLShT4hNg/
5RRWyxz3po/Sqi5PcEaX+MvmNFftSPab0Debyva54qDNL+fUWfl6lA+qBssoD0NO
kJMFJVnhOUN3n6NIYGdgfBZHBWKsC4+7mI4YbDz+cdG55sTvESo7T2soEJNYwDHO
OCQqqwc3NuZznV6JUTE4m3lo8sJT43JrA3GU5hn5Ur85VACUtSshb51LsiCgcDxO
6viURl+7oSkS9xFEkqb3L2ZOqUXvIRWV27P9Z6j2smyw
-----END CERTIFICATE-----
Generated at Tue Apr 15 07:35:57 2025 by rpki-client