Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AGaCv-sTMnE5vF9Aiuu1DGuqlYM.roa
File: AGaCv-sTMnE5vF9Aiuu1DGuqlYM.roa (raw, json)
Hash identifier: 0GguH90W6xN+KMteJYFuq5CX5fWtnzeTqS83Z7SeQB0=
Subject key identifier: 00:66:82:BF:EB:13:32:71:39:BC:5F:40:8A:EB:B5:0C:6B:AA:95:83
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0194282760F2852D0141580E01E920784BC7
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AGaCv-sTMnE5vF9Aiuu1DGuqlYM.roa
Signing time: Thu 02 Jan 2025 17:54:16 +0000
ROA not before: Thu 02 Jan 2025 17:54:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 212.192.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 12 Jan 2025 16:29:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:60:f2:85:2d:01:41:58:0e:01:e9:20:78:4b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 17:54:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=006682bfeb13327139bc5f408aebb50c6baa9583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2b:44:03:49:9a:c3:8e:4f:11:93:24:6e:15:
03:39:f4:8f:2b:2b:40:66:68:82:27:fc:b8:21:a7:
a1:ef:d1:f6:c7:36:f2:79:05:66:ed:ea:7c:a9:b7:
0a:b9:01:11:fa:bd:9a:c5:b7:47:d8:83:65:70:ab:
dd:e8:91:cd:77:18:f1:72:f4:ba:6a:8b:59:53:4d:
88:7f:5f:ed:af:a1:50:fa:ca:0d:7c:de:0d:b7:9a:
f0:ef:42:a6:e5:07:46:4a:aa:05:34:aa:b0:ba:1b:
e8:d5:6a:7c:28:48:1d:61:10:5d:a5:66:65:15:a2:
f4:19:04:98:8f:9d:a6:8e:98:09:46:d3:b2:09:de:
14:30:2a:67:97:54:a5:4d:7d:70:47:ce:b6:a7:25:
be:c6:4c:ea:10:46:be:4e:cf:f6:30:75:52:3a:91:
e6:66:a7:7c:ce:d6:5c:f5:03:9a:1d:09:7d:52:3c:
58:67:bf:53:79:0a:78:78:73:1a:fe:38:ed:e7:6e:
00:49:43:be:cf:2c:64:f7:0b:04:cf:81:f2:53:41:
95:14:5d:bc:e6:b9:71:8f:df:ff:57:b2:45:59:55:
1b:2b:e6:af:42:63:a3:41:b1:13:a3:01:ac:60:80:
60:48:5f:da:b7:02:e8:ef:98:20:ed:2a:d7:65:6f:
2d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:66:82:BF:EB:13:32:71:39:BC:5F:40:8A:EB:B5:0C:6B:AA:95:83
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AGaCv-sTMnE5vF9Aiuu1DGuqlYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.16.0/22
Signature Algorithm: sha256WithRSAEncryption
10:26:98:ba:65:e0:5b:bf:60:63:fb:29:73:32:63:28:24:ff:
33:12:8b:ab:6b:14:38:7e:76:99:7f:fc:a8:99:a2:ef:3c:48:
0b:db:cd:2a:b9:d4:20:31:90:7b:24:9b:81:ea:15:bd:c8:fb:
17:7e:21:3a:a9:c1:c7:ab:5b:8c:3c:78:67:f9:a1:bc:7f:d4:
1b:01:98:68:0b:cf:af:96:80:3b:92:96:2c:47:99:db:14:2e:
00:03:0e:68:03:6f:a7:9b:35:2c:ac:25:99:1b:f7:23:13:59:
42:6a:9c:eb:42:92:6f:78:21:0b:32:05:cd:c5:85:be:46:be:
11:56:a8:0f:30:2a:7b:57:bf:1a:bb:b9:2b:3d:a7:cb:b9:84:
40:eb:57:c9:f5:4c:c5:7e:97:b3:c3:44:9c:3f:00:0c:39:c0:
72:8c:a2:03:05:75:dd:76:62:3e:6c:f4:75:3d:0b:91:c5:8d:
16:6a:eb:b5:36:1a:0a:a9:ec:75:18:c5:e1:9f:e4:1a:61:d3:
df:95:cd:c2:f0:03:73:3b:d0:f7:b4:b8:a2:e5:3f:84:68:7d:
ef:ab:1d:64:87:c4:4e:41:ae:cc:d4:9b:75:25:4f:5c:b6:b3:
56:87:ce:9f:d0:fd:ac:76:35:c0:98:14:32:72:62:47:34:b9:
74:6e:03:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ2DyhS0BQVgOAekgeEvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMTc1NDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDY2ODJiZmViMTMzMjcxMzliYzVmNDA4YWViYjUwYzZiYWE5NTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoitEA0maw45PEZMkbhUDOfSPKytA
ZmiCJ/y4Iaeh79H2xzbyeQVm7ep8qbcKuQER+r2axbdH2INlcKvd6JHNdxjxcvS6
aotZU02If1/tr6FQ+soNfN4Nt5rw70Km5QdGSqoFNKqwuhvo1Wp8KEgdYRBdpWZl
FaL0GQSYj52mjpgJRtOyCd4UMCpnl1SlTX1wR862pyW+xkzqEEa+Ts/2MHVSOpHm
Zqd8ztZc9QOaHQl9UjxYZ79TeQp4eHMa/jjt524ASUO+zyxk9wsEz4HyU0GVFF28
5rlxj9//V7JFWVUbK+avQmOjQbETowGsYIBgSF/atwLo75gg7SrXZW8t3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABmgr/rEzJxObxfQIrrtQxrqpWDMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvQUdhQ3Ytc1RNbkU1dkY5QWl1dTFER3VxbFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1MAQMA0G
CSqGSIb3DQEBCwUAA4IBAQAQJpi6ZeBbv2Bj+ylzMmMoJP8zEouraxQ4fnaZf/yo
maLvPEgL280qudQgMZB7JJuB6hW9yPsXfiE6qcHHq1uMPHhn+aG8f9QbAZhoC8+v
loA7kpYsR5nbFC4AAw5oA2+nmzUsrCWZG/cjE1lCapzrQpJveCELMgXNxYW+Rr4R
VqgPMCp7V78au7krPafLuYRA61fJ9UzFfpezw0ScPwAMOcByjKIDBXXddmI+bPR1
PQuRxY0Wauu1NhoKqex1GMXhn+QaYdPflc3C8ANzO9D3tLii5T+EaH3vqx1kh8RO
Qa7M1Jt1JU9ctrNWh86f0P2sdjXAmBQycmJHNLl0bgOj
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:43 2025 by rpki-client