Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/AFNvdpTozU-HSpE2Z117hQEmUAY.roa
File: AFNvdpTozU-HSpE2Z117hQEmUAY.roa (raw, json)
Hash identifier: YPwhydqe5oJGCjoiGw7evElKiJE69427BiZ6370kXq8=
Subject key identifier: 00:53:6F:76:94:E8:CD:4F:87:4A:91:36:67:5D:7B:85:01:26:50:06
Certificate issuer: /CN=a1b4dd83fc5ecd210f4f684fb6bf40fb3160db21
Certificate serial: 018CCA9A19C543CE1F5DC1729CDB672906B4
Authority key identifier: A1:B4:DD:83:FC:5E:CD:21:0F:4F:68:4F:B6:BF:40:FB:31:60:DB:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obTdg_xezSEPT2hPtr9A-zFg2yE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/AFNvdpTozU-HSpE2Z117hQEmUAY.roa
Signing time: Tue 02 Jan 2024 14:35:45 +0000
ROA not before: Tue 02 Jan 2024 14:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198545
IP address blocks: 185.57.220.0/22 maxlen: 22
2a02:5fa0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:9a:19:c5:43:ce:1f:5d:c1:72:9c:db:67:29:06:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1b4dd83fc5ecd210f4f684fb6bf40fb3160db21
Validity
Not Before: Jan 2 14:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00536f7694e8cd4f874a9136675d7b8501265006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8c:60:e7:00:09:7f:c0:23:46:5b:85:23:9b:
7b:7c:7b:a6:38:14:72:eb:7a:21:18:b8:c2:d1:df:
7b:da:ab:96:37:6b:2e:66:b2:f6:e5:66:6c:57:ba:
c2:96:69:f0:ac:58:ca:7e:3a:4d:73:d2:c2:71:8e:
02:0c:50:59:64:8f:97:92:ee:0b:c9:36:07:0d:4d:
4f:25:37:7b:a0:64:83:56:8a:9d:b0:b6:6e:17:74:
38:45:57:81:4d:27:47:67:b4:4c:58:7a:d4:55:04:
dd:23:6a:e4:07:e6:0f:f5:9d:41:00:9b:65:a6:9e:
bf:b2:1c:5e:a7:0c:4e:8f:bc:3f:c7:1d:ca:bc:b1:
73:59:b6:47:96:ad:17:7a:4b:17:c8:4f:21:f8:b5:
66:83:d0:ac:ae:7a:07:5f:d0:27:84:b7:8d:07:b0:
de:ab:37:4d:db:36:02:8b:46:2f:06:4a:3d:8a:12:
71:bd:85:a4:4e:12:9c:6f:e7:74:d2:69:ea:cb:2a:
f8:69:3a:82:47:b6:ae:4f:fd:b9:8f:f5:fb:21:08:
a5:0b:69:82:d8:50:c9:68:e0:94:c6:18:04:8f:7e:
b5:aa:ed:5b:16:ea:93:93:e6:6b:bf:24:d8:51:9a:
9f:9f:e9:af:fa:c2:d2:b7:82:d8:5a:f6:26:7c:d3:
42:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:53:6F:76:94:E8:CD:4F:87:4A:91:36:67:5D:7B:85:01:26:50:06
X509v3 Authority Key Identifier:
keyid:A1:B4:DD:83:FC:5E:CD:21:0F:4F:68:4F:B6:BF:40:FB:31:60:DB:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obTdg_xezSEPT2hPtr9A-zFg2yE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/AFNvdpTozU-HSpE2Z117hQEmUAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/obTdg_xezSEPT2hPtr9A-zFg2yE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.220.0/22
IPv6:
2a02:5fa0::/32
Signature Algorithm: sha256WithRSAEncryption
34:53:39:ef:b2:7c:06:3a:a5:79:93:bb:07:48:d9:22:41:70:
8a:97:69:48:0d:04:77:51:93:5f:96:76:25:2d:d7:8a:7c:52:
95:95:19:4a:6a:fa:15:62:51:7b:39:54:4e:3d:8c:a9:d7:00:
1a:59:5c:19:f5:14:8f:88:2d:f8:04:d7:10:eb:07:9c:b4:7b:
2b:8c:92:22:01:7f:f5:e4:ef:c3:c1:c8:32:6b:36:23:08:25:
5c:8a:56:df:74:55:4c:91:54:1a:26:d2:01:d7:4d:ff:06:97:
6a:71:40:5e:74:c6:3e:db:d1:c3:ab:d9:bb:b9:2e:ad:3b:b4:
0e:3e:9c:c5:cb:82:9c:be:4a:ff:dd:b3:79:43:d7:08:40:ad:
61:08:fc:ab:9b:0c:b7:ff:c2:09:f1:84:a8:20:3a:88:09:d8:
30:84:e9:d5:00:21:4c:c2:cb:cb:4e:5e:cc:41:6a:c9:ae:20:
3c:be:7a:d1:b6:99:ea:25:ea:d8:58:14:47:63:fc:40:23:48:
c5:ca:e2:04:fa:0b:5c:fa:0e:04:66:7a:70:cb:cf:02:2c:9a:
fd:7d:4d:3b:23:04:55:d0:c1:13:dc:f7:6f:c9:0f:7f:a3:84:
dc:25:7e:cd:10:cb:3a:27:b5:66:fd:46:51:51:5d:da:d4:1c:
78:b1:ec:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKmhnFQ84fXcFynNtnKQa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjRkZDgzZmM1ZWNkMjEwZjRmNjg0ZmI2YmY0MGZiMzE2
MGRiMjEwHhcNMjQwMTAyMTQzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDUzNmY3Njk0ZThjZDRmODc0YTkxMzY2NzVkN2I4NTAxMjY1MDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Yxg5wAJf8AjRluFI5t7fHumOBRy
63ohGLjC0d972quWN2suZrL25WZsV7rClmnwrFjKfjpNc9LCcY4CDFBZZI+Xku4L
yTYHDU1PJTd7oGSDVoqdsLZuF3Q4RVeBTSdHZ7RMWHrUVQTdI2rkB+YP9Z1BAJtl
pp6/shxepwxOj7w/xx3KvLFzWbZHlq0XeksXyE8h+LVmg9CsrnoHX9AnhLeNB7De
qzdN2zYCi0YvBko9ihJxvYWkThKcb+d00mnqyyr4aTqCR7auT/25j/X7IQilC2mC
2FDJaOCUxhgEj361qu1bFuqTk+ZrvyTYUZqfn+mv+sLSt4LYWvYmfNNCYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFABTb3aU6M1Ph0qRNmdde4UBJlAGMB8GA1UdIwQY
MBaAFKG03YP8Xs0hD09oT7a/QPsxYNshMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JUZGdfeGV6U0VQVDJoUHRyOUEtekZnMnlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xNDZmOGEtZTA2OC00OGNhLWEzODgt
ZmIxODZiOTQzMzRmLzEvQUZOdmRwVG96VS1IU3BFMloxMTdoUUVtVUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xNDZmOGEtZTA2OC00OGNhLWEzODgtZmIxODZiOTQzMzRm
LzEvb2JUZGdfeGV6U0VQVDJoUHRyOUEtekZnMnlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTncMA0E
AgACMAcDBQAqAl+gMA0GCSqGSIb3DQEBCwUAA4IBAQA0UznvsnwGOqV5k7sHSNki
QXCKl2lIDQR3UZNflnYlLdeKfFKVlRlKavoVYlF7OVROPYyp1wAaWVwZ9RSPiC34
BNcQ6wectHsrjJIiAX/15O/DwcgyazYjCCVcilbfdFVMkVQaJtIB103/BpdqcUBe
dMY+29HDq9m7uS6tO7QOPpzFy4Kcvkr/3bN5Q9cIQK1hCPyrmwy3/8IJ8YSoIDqI
CdgwhOnVACFMwsvLTl7MQWrJriA8vnrRtpnqJerYWBRHY/xAI0jFyuIE+gtc+g4E
Znpwy88CLJr9fU07IwRV0MET3PdvyQ9/o4TcJX7NEMs6J7Vm/UZRUV3a1Bx4seyB
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:05:14 2025 by rpki-client