Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/Gt0OWWd9chc3ucr0Lke1oUn4Ves.roa
File: Gt0OWWd9chc3ucr0Lke1oUn4Ves.roa (raw, json)
Hash identifier: yHDqM+MIk3tjIS/GeldDvWuPiUFE8q2frcPHslhd2tY=
Subject key identifier: 1A:DD:0E:59:67:7D:72:17:37:B9:CA:F4:2E:47:B5:A1:49:F8:55:EB
Certificate issuer: /CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Certificate serial: 01856F94A97FAE97C5B06C285907A591561E
Authority key identifier: B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/Gt0OWWd9chc3ucr0Lke1oUn4Ves.roa
Signing time: Sun 01 Jan 2023 23:04:51 +0000
ROA not before: Sun 01 Jan 2023 23:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203164
IP address blocks: 185.150.62.0/23 maxlen: 23
185.150.62.0/24 maxlen: 24
185.150.63.0/24 maxlen: 24
185.150.61.0/24 maxlen: 24
185.150.60.0/23 maxlen: 23
185.150.60.0/24 maxlen: 24
185.150.60.0/22 maxlen: 22
2a07:6e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:a9:7f:ae:97:c5:b0:6c:28:59:07:a5:91:56:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Validity
Not Before: Jan 1 23:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1add0e59677d721737b9caf42e47b5a149f855eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:82:c8:24:ca:e0:c5:0b:f3:11:66:2b:88:cb:
15:41:09:8b:fe:c4:24:33:b7:41:93:7d:3b:6a:5e:
d2:e4:28:d5:75:7b:bf:12:9f:83:3a:eb:ef:d3:82:
ee:1e:5e:0b:88:c1:00:43:6d:52:1d:2b:8b:ab:1c:
d9:52:ab:6c:89:23:6b:ae:03:d1:84:a8:fe:bc:73:
03:5d:ee:7a:1e:2b:cc:74:0f:16:b8:08:5b:9f:3c:
f4:7d:20:78:42:75:00:64:9e:1e:89:8a:9e:61:21:
4a:80:b7:2e:6c:28:dc:8e:71:7f:b0:01:4b:4d:10:
9d:32:19:10:48:47:66:fb:0b:78:d1:e9:3a:a3:c2:
57:aa:f5:13:18:ce:85:d7:06:36:e2:65:8f:84:98:
d4:49:36:c8:d6:9d:2c:9f:23:30:0b:d7:f1:dc:c2:
aa:7e:5f:a4:bb:f7:67:87:94:f1:0a:14:84:bb:05:
d4:30:3e:63:ec:90:7c:48:56:6b:9d:5a:0e:70:8e:
b2:8b:65:0d:79:09:c7:73:b5:8f:bc:9b:72:56:71:
47:4d:39:f2:cb:b7:46:33:17:df:fb:10:f7:aa:fa:
6f:52:f6:83:9a:14:33:e7:b3:1e:4c:55:81:c2:d3:
08:a0:03:ec:9c:88:ef:36:c6:b5:89:85:55:50:f1:
8e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:DD:0E:59:67:7D:72:17:37:B9:CA:F4:2E:47:B5:A1:49:F8:55:EB
X509v3 Authority Key Identifier:
keyid:B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/Gt0OWWd9chc3ucr0Lke1oUn4Ves.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/tKkPaJZnhEKvruG6qqayot7KzTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.60.0/22
IPv6:
2a07:6e00::/29
Signature Algorithm: sha256WithRSAEncryption
2c:a0:91:d3:e4:b3:3f:a4:11:d3:94:50:f9:b7:01:1b:ef:15:
cd:70:07:f9:cc:3d:1e:f1:ce:7e:57:01:3b:57:47:90:52:22:
b7:83:79:f3:90:ba:08:80:9d:d3:9a:fe:a4:4c:84:94:15:1d:
c6:57:d4:a2:d1:13:eb:b8:ee:4d:d7:b9:82:84:a1:90:69:a0:
56:99:51:14:1e:b5:8e:c7:e3:bf:48:69:36:94:d8:ef:13:c4:
4e:2f:a2:bf:3f:28:33:87:7c:93:e5:f4:e7:ba:13:09:eb:9e:
65:ae:8b:be:f2:ff:9d:50:98:f0:6f:24:63:d9:cb:c8:5b:d3:
c2:4c:c6:4d:a6:03:fc:a3:a6:fc:08:95:fe:fc:58:26:5a:eb:
26:e7:65:89:c5:0d:5c:d7:37:cb:bf:ed:27:cc:a4:08:50:e8:
1e:e2:3a:a0:ab:d1:3c:ff:44:8b:1f:b6:bf:b6:04:c4:0b:2a:
b9:a4:d3:ec:b4:50:b6:c8:db:71:f4:73:b8:96:58:d4:ff:1f:
f9:42:c9:39:b7:90:d5:9f:2d:4c:52:fb:b2:88:a3:a5:55:4a:
a8:fa:38:fa:57:ca:b3:d2:d4:0b:a5:8d:87:fc:10:10:d6:ad:
72:bf:e7:8e:df:69:bf:85:2d:93:1f:78:ff:39:02:c0:a0:55:
f0:db:14:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvlKl/rpfFsGwoWQelkVYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTkwZjY4OTY2Nzg0NDJhZmFlZTFiYWFhYTZiMmEyZGVj
YWNkM2IwHhcNMjMwMTAxMjMwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWRkMGU1OTY3N2Q3MjE3MzdiOWNhZjQyZTQ3YjVhMTQ5Zjg1NWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14LIJMrgxQvzEWYriMsVQQmL/sQk
M7dBk307al7S5CjVdXu/Ep+DOuvv04LuHl4LiMEAQ21SHSuLqxzZUqtsiSNrrgPR
hKj+vHMDXe56HivMdA8WuAhbnzz0fSB4QnUAZJ4eiYqeYSFKgLcubCjcjnF/sAFL
TRCdMhkQSEdm+wt40ek6o8JXqvUTGM6F1wY24mWPhJjUSTbI1p0snyMwC9fx3MKq
fl+ku/dnh5TxChSEuwXUMD5j7JB8SFZrnVoOcI6yi2UNeQnHc7WPvJtyVnFHTTny
y7dGMxff+xD3qvpvUvaDmhQz57MeTFWBwtMIoAPsnIjvNsa1iYVVUPGOQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBrdDllnfXIXN7nK9C5HtaFJ+FXrMB8GA1UdIwQY
MBaAFLSpD2iWZ4RCr67huqqmsqLeys07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAt
OWQxODEyOTk5YTM1LzEvR3QwT1dXZDljaGMzdWNyMExrZTFvVW40VmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAtOWQxODEyOTk5YTM1
LzEvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZY8MA0E
AgACMAcDBQMqB24AMA0GCSqGSIb3DQEBCwUAA4IBAQAsoJHT5LM/pBHTlFD5twEb
7xXNcAf5zD0e8c5+VwE7V0eQUiK3g3nzkLoIgJ3Tmv6kTISUFR3GV9Si0RPruO5N
17mChKGQaaBWmVEUHrWOx+O/SGk2lNjvE8ROL6K/Pygzh3yT5fTnuhMJ655lrou+
8v+dUJjwbyRj2cvIW9PCTMZNpgP8o6b8CJX+/FgmWusm52WJxQ1c1zfLv+0nzKQI
UOge4jqgq9E8/0SLH7a/tgTECyq5pNPstFC2yNtx9HO4lljU/x/5Qsk5t5DVny1M
UvuyiKOlVUqo+jj6V8qz0tQLpY2H/BAQ1q1yv+eO32m/hS2TH3j/OQLAoFXw2xRb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org