Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/9AEB5aQECGUkSj3w9bNxy_cflb4.roa
File: 9AEB5aQECGUkSj3w9bNxy_cflb4.roa (raw, json)
Hash identifier: pM5PNxdfzOX5XYKlAFwvGgn6CfPpOlN3zii+cszYh/A=
Subject key identifier: F4:01:01:E5:A4:04:08:65:24:4A:3D:F0:F5:B3:71:CB:F7:1F:95:BE
Certificate issuer: /CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Certificate serial: 01856F94A913A23219C0C77823227B201AE4
Authority key identifier: B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/9AEB5aQECGUkSj3w9bNxy_cflb4.roa
Signing time: Sun 01 Jan 2023 23:04:51 +0000
ROA not before: Sun 01 Jan 2023 23:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202196
IP address blocks: 185.150.60.0/22 maxlen: 22
185.150.60.0/23 maxlen: 23
185.150.60.0/24 maxlen: 24
185.150.61.0/24 maxlen: 24
185.150.62.0/24 maxlen: 24
185.150.62.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:a9:13:a2:32:19:c0:c7:78:23:22:7b:20:1a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Validity
Not Before: Jan 1 23:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f40101e5a4040865244a3df0f5b371cbf71f95be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cb:ad:26:e7:86:33:3f:4b:8b:4b:b7:7d:22:
43:8b:ff:90:50:da:25:26:36:dd:97:77:93:37:7e:
a3:3b:02:6f:a4:86:ac:c7:b9:d4:1b:af:c8:5b:78:
81:73:4f:30:be:8e:0e:9b:30:6b:16:69:f5:90:2b:
64:38:18:2e:03:75:7c:4b:67:cc:ac:8f:74:20:c1:
f2:ac:e2:56:e5:35:d3:23:2b:0d:9a:53:06:95:54:
18:c5:2e:95:e1:3a:29:c4:22:94:ff:42:ef:b6:98:
c1:69:06:b4:98:40:59:e6:27:12:d3:0b:5a:ac:a9:
53:cf:aa:e3:09:43:f3:71:1b:21:7f:fb:ca:23:b1:
62:17:8d:8f:fe:a5:ed:32:c0:46:00:6b:02:d7:86:
31:26:b7:42:8a:06:37:04:64:1d:be:0a:83:2c:fe:
5f:b8:70:14:4d:e3:79:2d:08:aa:81:ef:85:9e:65:
28:4f:68:16:fe:c2:15:35:23:91:1e:be:5a:36:f6:
3c:fb:4a:27:f8:d5:b4:5e:f9:f1:6e:7c:99:89:59:
79:0b:92:d8:1a:d5:a2:2b:a4:9d:3a:d1:3e:d2:8a:
1d:09:6d:76:c8:9d:0a:90:51:a1:9b:a4:12:79:a1:
d6:f3:5f:94:0d:3d:6b:31:f2:34:35:33:c6:00:4f:
cd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:01:01:E5:A4:04:08:65:24:4A:3D:F0:F5:B3:71:CB:F7:1F:95:BE
X509v3 Authority Key Identifier:
keyid:B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/9AEB5aQECGUkSj3w9bNxy_cflb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/tKkPaJZnhEKvruG6qqayot7KzTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.60.0/22
Signature Algorithm: sha256WithRSAEncryption
12:21:7a:24:70:aa:9a:a7:e9:b6:25:38:20:fa:c4:d6:2b:c6:
de:c2:a9:b0:6d:fc:bb:56:9c:49:ac:bf:46:51:ff:2e:43:b6:
64:58:7b:e5:a9:72:44:86:4f:9c:0d:7b:58:e6:9f:12:f7:54:
09:d1:48:14:7e:19:b2:8e:6f:16:dd:26:84:a5:9e:ec:35:0b:
c7:3e:d9:a9:ef:b6:55:bf:68:c0:c2:14:2e:bf:b0:d5:a3:88:
d7:fe:e2:4e:a9:f7:d1:bd:45:58:24:8d:5e:57:84:02:9a:bd:
82:4e:c5:20:5b:85:7c:c3:47:16:13:81:14:64:74:60:a1:7f:
6a:89:e6:56:1d:18:0e:ec:da:fd:d1:eb:0f:ac:6d:b9:5d:7a:
df:52:2f:5b:2f:4a:ae:a4:8e:34:21:08:e0:04:79:0b:79:53:
31:b3:2b:80:c4:d0:6b:50:53:14:9c:2b:6b:6b:99:79:e5:c6:
b4:d1:ad:ca:02:d7:e7:89:35:83:b4:b1:f1:5c:d4:81:4a:73:
17:2f:01:9b:a6:94:2b:ae:c9:6a:7b:ac:dd:d1:2d:fe:dd:55:
06:b8:84:2c:35:77:a7:5f:ed:f5:b0:32:df:97:ce:94:28:c4:
19:cb:aa:8f:88:09:79:b3:aa:94:2c:ab:83:06:23:dd:76:7f:
20:86:49:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlKkTojIZwMd4IyJ7IBrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTkwZjY4OTY2Nzg0NDJhZmFlZTFiYWFhYTZiMmEyZGVj
YWNkM2IwHhcNMjMwMTAxMjMwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDAxMDFlNWE0MDQwODY1MjQ0YTNkZjBmNWIzNzFjYmY3MWY5NWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsutJueGMz9Li0u3fSJDi/+QUNol
Jjbdl3eTN36jOwJvpIasx7nUG6/IW3iBc08wvo4OmzBrFmn1kCtkOBguA3V8S2fM
rI90IMHyrOJW5TXTIysNmlMGlVQYxS6V4TopxCKU/0LvtpjBaQa0mEBZ5icS0wta
rKlTz6rjCUPzcRshf/vKI7FiF42P/qXtMsBGAGsC14YxJrdCigY3BGQdvgqDLP5f
uHAUTeN5LQiqge+FnmUoT2gW/sIVNSORHr5aNvY8+0on+NW0XvnxbnyZiVl5C5LY
GtWiK6SdOtE+0oodCW12yJ0KkFGhm6QSeaHW81+UDT1rMfI0NTPGAE/NTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPQBAeWkBAhlJEo98PWzccv3H5W+MB8GA1UdIwQY
MBaAFLSpD2iWZ4RCr67huqqmsqLeys07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAt
OWQxODEyOTk5YTM1LzEvOUFFQjVhUUVDR1VrU2ozdzliTnh5X2NmbGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAtOWQxODEyOTk5YTM1
LzEvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZY8MA0G
CSqGSIb3DQEBCwUAA4IBAQASIXokcKqap+m2JTgg+sTWK8bewqmwbfy7VpxJrL9G
Uf8uQ7ZkWHvlqXJEhk+cDXtY5p8S91QJ0UgUfhmyjm8W3SaEpZ7sNQvHPtmp77ZV
v2jAwhQuv7DVo4jX/uJOqffRvUVYJI1eV4QCmr2CTsUgW4V8w0cWE4EUZHRgoX9q
ieZWHRgO7Nr90esPrG25XXrfUi9bL0qupI40IQjgBHkLeVMxsyuAxNBrUFMUnCtr
a5l55ca00a3KAtfniTWDtLHxXNSBSnMXLwGbppQrrslqe6zd0S3+3VUGuIQsNXen
X+31sDLfl86UKMQZy6qPiAl5s6qULKuDBiPddn8ghklA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org