Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/APShQH84b8klyRUA8FXw9ASSbC0.roa
File: APShQH84b8klyRUA8FXw9ASSbC0.roa (raw, json)
Hash identifier: AR+2t717/ir7wcZ/AmV7HnQMNxF7VLC6kcnYdQwsuDE=
Subject key identifier: 00:F4:A1:40:7F:38:6F:C9:25:C9:15:00:F0:55:F0:F4:04:92:6C:2D
Certificate issuer: /CN=77cc46ade957c8f066a5c6fe25310a4cf5a7e9d4
Certificate serial: 018572DECF87685211A88B8BC1D97AED065C
Authority key identifier: 77:CC:46:AD:E9:57:C8:F0:66:A5:C6:FE:25:31:0A:4C:F5:A7:E9:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/APShQH84b8klyRUA8FXw9ASSbC0.roa
Signing time: Mon 02 Jan 2023 14:24:42 +0000
ROA not before: Mon 02 Jan 2023 14:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35070
IP address blocks: 185.223.228.0/22 maxlen: 24
185.223.228.0/24 maxlen: 24
185.223.231.0/24 maxlen: 24
185.223.230.0/24 maxlen: 24
185.223.229.0/24 maxlen: 24
2a0d:4040::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:cf:87:68:52:11:a8:8b:8b:c1:d9:7a:ed:06:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77cc46ade957c8f066a5c6fe25310a4cf5a7e9d4
Validity
Not Before: Jan 2 14:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00f4a1407f386fc925c91500f055f0f404926c2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:57:42:64:be:68:68:02:a8:c5:b6:88:bf:ef:
65:e4:2a:55:58:7f:42:f8:0b:b9:0c:88:42:61:84:
2e:a6:3f:6d:b5:b5:69:2d:21:bf:6d:a8:78:33:59:
6e:e7:1d:98:a8:51:03:47:0a:89:a3:75:fd:97:d1:
69:e9:ea:eb:77:04:e5:50:40:9d:19:18:3a:cc:1a:
ef:1c:62:af:1e:13:c9:4c:36:72:9f:d6:8f:24:37:
8c:40:5b:20:9f:68:ab:41:09:da:93:06:e5:aa:8e:
23:a9:1f:9a:63:0b:2e:38:92:4e:a1:c3:a6:2d:9a:
c9:54:06:fb:52:04:4f:0b:d1:1d:77:f9:83:fc:6c:
c2:4a:a5:32:af:95:db:60:9c:d4:26:0d:5c:73:b0:
56:d5:ae:e1:f1:b7:99:2f:47:8c:6c:93:6a:ae:72:
05:fa:4f:68:52:3c:27:04:50:59:89:ab:a6:fa:b9:
10:e5:b4:55:5f:56:29:e1:22:f5:8d:a7:da:59:a1:
5e:ea:83:7e:36:41:87:4e:3c:18:a5:55:77:46:5c:
2f:d6:b9:df:63:3a:84:4c:58:d0:ad:fb:d6:a5:01:
ff:02:be:90:22:6f:d2:ab:4f:b1:ec:b8:83:f6:44:
2d:da:2d:de:52:e6:46:01:32:49:71:9e:a7:d3:b9:
23:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F4:A1:40:7F:38:6F:C9:25:C9:15:00:F0:55:F0:F4:04:92:6C:2D
X509v3 Authority Key Identifier:
keyid:77:CC:46:AD:E9:57:C8:F0:66:A5:C6:FE:25:31:0A:4C:F5:A7:E9:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/APShQH84b8klyRUA8FXw9ASSbC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/d8xGrelXyPBmpcb-JTEKTPWn6dQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.228.0/22
IPv6:
2a0d:4040::/29
Signature Algorithm: sha256WithRSAEncryption
b6:bf:33:4b:31:91:bb:ab:81:32:ce:f3:53:68:9a:2b:9e:ad:
50:91:8c:a8:ce:ac:c3:5b:28:41:64:44:2e:ab:49:24:8e:d8:
00:f6:09:0b:f9:89:c6:39:dd:82:39:bb:34:5b:10:fe:be:bc:
16:3a:db:b8:eb:1b:28:44:5d:3b:99:60:18:ee:53:ed:26:b4:
07:30:d1:72:99:aa:40:d0:8e:3a:07:cb:57:1c:8f:59:f5:ec:
75:af:5e:54:ba:95:77:2f:22:22:18:df:c7:33:d7:31:98:83:
95:a0:95:9c:a1:ce:46:cd:dc:bb:ea:fd:fb:2f:73:67:de:bd:
31:96:6d:39:e6:db:9f:cf:2e:46:84:b9:40:c0:1d:95:81:ac:
33:3a:c7:d7:2e:d0:da:35:16:7e:81:4f:18:49:b2:bb:17:1e:
76:f5:d8:0c:80:aa:fe:ac:93:11:29:9b:43:ab:1e:9e:76:16:
20:f7:b2:e7:a7:fd:4f:2e:5d:3a:7f:77:d0:4e:bc:6a:95:30:
9f:c6:06:98:91:a2:1c:db:67:fb:10:88:1a:af:a1:be:5e:ab:
e8:2e:32:c7:55:97:8d:b6:72:8c:5b:9e:df:ed:f7:e4:27:56:
f7:00:26:25:c1:cc:35:bb:38:a2:4a:8e:6c:9f:c3:5a:53:7a:
97:bc:86:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVy3s+HaFIRqIuLwdl67QZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3Y2M0NmFkZTk1N2M4ZjA2NmE1YzZmZTI1MzEwYTRjZjVh
N2U5ZDQwHhcNMjMwMTAyMTQyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGY0YTE0MDdmMzg2ZmM5MjVjOTE1MDBmMDU1ZjBmNDA0OTI2YzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFdCZL5oaAKoxbaIv+9l5CpVWH9C
+Au5DIhCYYQupj9ttbVpLSG/bah4M1lu5x2YqFEDRwqJo3X9l9Fp6errdwTlUECd
GRg6zBrvHGKvHhPJTDZyn9aPJDeMQFsgn2irQQnakwblqo4jqR+aYwsuOJJOocOm
LZrJVAb7UgRPC9Edd/mD/GzCSqUyr5XbYJzUJg1cc7BW1a7h8beZL0eMbJNqrnIF
+k9oUjwnBFBZiaum+rkQ5bRVX1Yp4SL1jafaWaFe6oN+NkGHTjwYpVV3Rlwv1rnf
YzqETFjQrfvWpQH/Ar6QIm/Sq0+x7LiD9kQt2i3eUuZGATJJcZ6n07kjewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAD0oUB/OG/JJckVAPBV8PQEkmwtMB8GA1UdIwQY
MBaAFHfMRq3pV8jwZqXG/iUxCkz1p+nUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDh4R3JlbFh5UEJtcGNiLUpURUtUUFduNmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kNjFiNTQtZWU5Zi00ZTAwLWIxZTMt
ZjdkMDI3NTYwMDU4LzEvQVBTaFFIODRiOGtseVJVQThGWHc5QVNTYkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9kNjFiNTQtZWU5Zi00ZTAwLWIxZTMtZjdkMDI3NTYwMDU4
LzEvZDh4R3JlbFh5UEJtcGNiLUpURUtUUFduNmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud/kMA0E
AgACMAcDBQMqDUBAMA0GCSqGSIb3DQEBCwUAA4IBAQC2vzNLMZG7q4EyzvNTaJor
nq1QkYyozqzDWyhBZEQuq0kkjtgA9gkL+YnGOd2CObs0WxD+vrwWOtu46xsoRF07
mWAY7lPtJrQHMNFymapA0I46B8tXHI9Z9ex1r15UupV3LyIiGN/HM9cxmIOVoJWc
oc5Gzdy76v37L3Nn3r0xlm055tufzy5GhLlAwB2VgawzOsfXLtDaNRZ+gU8YSbK7
Fx529dgMgKr+rJMRKZtDqx6edhYg97Lnp/1PLl06f3fQTrxqlTCfxgaYkaIc22f7
EIgar6G+XqvoLjLHVZeNtnKMW57f7ffkJ1b3ACYlwcw1uziiSo5sn8NaU3qXvIYP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:39 2024 by rpki-client on console-fra.rpki-client.org