Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/uR6XzIe7pT-WrbKGYuR-8lGBTw4.roa
File: uR6XzIe7pT-WrbKGYuR-8lGBTw4.roa (raw, json)
Hash identifier: aqChazoTlyABeniv/BFLc7Ko1X89vzAvOhGPUj3KOwE=
Subject key identifier: B9:1E:97:CC:87:BB:A5:3F:96:AD:B2:86:62:E4:7E:F2:51:81:4F:0E
Certificate issuer: /CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Certificate serial: 01856F94A7DEB7112D1B4AF58D722139EED4
Authority key identifier: B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/uR6XzIe7pT-WrbKGYuR-8lGBTw4.roa
Signing time: Sun 01 Jan 2023 23:04:51 +0000
ROA not before: Sun 01 Jan 2023 23:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 185.150.60.0/24 maxlen: 24
185.150.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:a7:de:b7:11:2d:1b:4a:f5:8d:72:21:39:ee:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Validity
Not Before: Jan 1 23:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b91e97cc87bba53f96adb28662e47ef251814f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:98:6c:70:78:58:03:03:47:4e:cd:a6:57:9b:
2a:6d:90:43:83:d9:55:e0:18:6b:96:11:48:5a:bd:
6c:53:3d:2d:13:a9:fe:07:0f:5c:e8:12:47:fc:2d:
4a:1f:81:45:28:d4:b5:b2:e2:19:98:cb:78:bd:e7:
16:6b:20:90:b5:19:cf:0a:4e:bd:c4:28:de:7a:96:
da:80:db:84:55:5a:f1:09:67:0b:e2:6c:40:b3:43:
07:a1:64:5d:be:5a:20:a2:2b:43:8e:bc:3e:24:88:
42:ac:29:fd:4c:d8:7e:3a:f7:91:b1:de:8e:c5:4e:
7a:b1:d1:59:c5:7f:0e:8d:08:d8:20:e1:72:98:a7:
62:b2:14:9b:26:24:d4:83:5f:1f:66:0c:94:88:ef:
f0:76:79:a1:a3:8c:9f:96:c9:87:92:b7:b9:d0:c0:
3b:d3:4e:db:6b:d3:b3:90:26:04:f2:94:20:80:57:
86:81:05:20:5a:9d:df:c0:1e:36:e2:e6:19:ee:1a:
c1:2a:c6:f0:83:52:d8:ef:ef:ab:92:27:9e:2d:2c:
27:4e:5d:7c:38:52:6b:ca:d2:ec:45:96:10:90:a2:
c3:14:dc:1d:37:1d:52:d7:c0:a8:c1:16:d7:b6:4c:
3b:9f:b6:9d:ea:46:52:d2:26:13:db:8c:c0:64:da:
0c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1E:97:CC:87:BB:A5:3F:96:AD:B2:86:62:E4:7E:F2:51:81:4F:0E
X509v3 Authority Key Identifier:
keyid:B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/uR6XzIe7pT-WrbKGYuR-8lGBTw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/tKkPaJZnhEKvruG6qqayot7KzTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.60.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:f1:f7:91:53:04:b8:c7:62:54:10:49:64:8e:a4:be:cb:43:
4f:41:50:c1:b7:9c:e4:83:67:dd:45:00:d4:c0:16:03:4d:e8:
8f:be:cf:fc:4b:3b:41:69:91:9b:6c:a7:2c:bb:d7:17:a8:c7:
4a:c4:01:4b:04:a7:f7:08:02:81:d4:ab:37:30:cc:62:c0:ce:
c4:a6:45:52:52:13:36:c8:ed:17:32:eb:5e:a8:4b:22:19:d0:
a8:69:f9:61:f4:44:d7:e4:7b:18:6c:58:29:8b:73:10:97:43:
a9:9d:d3:d6:36:2b:c7:f4:0e:b7:94:a5:d1:4a:6b:32:60:16:
c6:5c:c0:27:7f:2e:09:3f:5f:c8:a7:55:7c:2e:52:f7:96:09:
c7:dd:ed:49:d9:e0:c4:35:ec:df:d0:0e:b0:e5:f1:6e:80:c9:
dd:3f:98:16:dc:91:46:f8:5d:4d:e7:b1:9f:ac:14:71:97:ba:
74:51:e2:fe:7a:a4:59:a8:a5:fd:38:b1:58:5c:fd:1e:ac:72:
ef:a8:78:89:e9:24:3b:06:bf:e6:2e:8f:39:d9:84:ca:67:97:
5b:60:e8:52:6c:6e:82:fc:b7:06:7c:74:3f:f4:06:54:12:8f:
8b:40:4b:06:9b:e4:e6:7f:b4:a0:82:82:cf:e3:90:42:76:e9:
1d:3f:6e:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlKfetxEtG0r1jXIhOe7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTkwZjY4OTY2Nzg0NDJhZmFlZTFiYWFhYTZiMmEyZGVj
YWNkM2IwHhcNMjMwMTAxMjMwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFlOTdjYzg3YmJhNTNmOTZhZGIyODY2MmU0N2VmMjUxODE0ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhphscHhYAwNHTs2mV5sqbZBDg9lV
4BhrlhFIWr1sUz0tE6n+Bw9c6BJH/C1KH4FFKNS1suIZmMt4vecWayCQtRnPCk69
xCjeepbagNuEVVrxCWcL4mxAs0MHoWRdvlogoitDjrw+JIhCrCn9TNh+OveRsd6O
xU56sdFZxX8OjQjYIOFymKdishSbJiTUg18fZgyUiO/wdnmho4yflsmHkre50MA7
007ba9OzkCYE8pQggFeGgQUgWp3fwB424uYZ7hrBKsbwg1LY7++rkieeLSwnTl18
OFJrytLsRZYQkKLDFNwdNx1S18CowRbXtkw7n7ad6kZS0iYT24zAZNoMiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLkel8yHu6U/lq2yhmLkfvJRgU8OMB8GA1UdIwQY
MBaAFLSpD2iWZ4RCr67huqqmsqLeys07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAt
OWQxODEyOTk5YTM1LzEvdVI2WHpJZTdwVC1XcmJLR1l1Ui04bEdCVHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAtOWQxODEyOTk5YTM1
LzEvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZY8MA0G
CSqGSIb3DQEBCwUAA4IBAQCu8feRUwS4x2JUEElkjqS+y0NPQVDBt5zkg2fdRQDU
wBYDTeiPvs/8SztBaZGbbKcsu9cXqMdKxAFLBKf3CAKB1Ks3MMxiwM7EpkVSUhM2
yO0XMuteqEsiGdCoaflh9ETX5HsYbFgpi3MQl0OpndPWNivH9A63lKXRSmsyYBbG
XMAnfy4JP1/Ip1V8LlL3lgnH3e1J2eDENezf0A6w5fFugMndP5gW3JFG+F1N57Gf
rBRxl7p0UeL+eqRZqKX9OLFYXP0erHLvqHiJ6SQ7Br/mLo852YTKZ5dbYOhSbG6C
/LcGfHQ/9AZUEo+LQEsGm+Tmf7SggoLP45BCdukdP26N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org