Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/sfAY3e5ECmV0nWVyub258AANNEk.roa
File: sfAY3e5ECmV0nWVyub258AANNEk.roa (raw, json)
Hash identifier: 5P/hbJdILTYahDBSZbtwuLSdeuvZMKmbo+mEEqHLauM=
Subject key identifier: B1:F0:18:DD:EE:44:0A:65:74:9D:65:72:B9:BD:B9:F0:00:0D:34:49
Certificate issuer: /CN=61d39d74b17e691dd1b05221c6098caf5ee93a36
Certificate serial: 0192B698728B50EE87238682901AE19E1243
Authority key identifier: 61:D3:9D:74:B1:7E:69:1D:D1:B0:52:21:C6:09:8C:AF:5E:E9:3A:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YdOddLF-aR3RsFIhxgmMr17pOjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/sfAY3e5ECmV0nWVyub258AANNEk.roa
Signing time: Tue 22 Oct 2024 23:38:17 +0000
ROA not before: Tue 22 Oct 2024 23:38:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212253
IP address blocks: 185.222.22.0/24 maxlen: 24
2a12:e5c0::/46 maxlen: 48
2a12:e5c0:10::/46 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b6:98:72:8b:50:ee:87:23:86:82:90:1a:e1:9e:12:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61d39d74b17e691dd1b05221c6098caf5ee93a36
Validity
Not Before: Oct 22 23:38:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1f018ddee440a65749d6572b9bdb9f0000d3449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d8:be:6c:88:f4:91:0f:e4:b1:d2:ec:38:65:
39:42:03:02:22:a5:bd:a6:1f:44:92:c1:03:f9:62:
cf:59:ec:c0:10:29:02:4e:0f:4e:08:fa:3f:b2:81:
9e:f5:19:a5:bf:78:08:b0:8f:dc:56:86:af:8c:4f:
c9:a8:f2:bf:3d:83:9c:80:fb:54:21:ac:fc:a7:63:
cd:0f:7a:1f:81:07:d5:01:a4:3a:67:ff:09:d5:ba:
aa:d7:31:e8:ac:a0:c6:a5:e4:5a:1d:7e:50:54:74:
d9:e0:d2:58:d0:d8:d6:46:16:6e:82:81:bc:0a:b0:
06:a6:1c:94:4f:95:75:c2:42:4b:2d:1b:12:0e:f4:
fd:bd:d6:8c:1c:70:86:10:b2:64:64:87:d6:d2:5d:
b1:62:b1:85:d7:91:02:d4:d2:e1:cc:fd:42:8f:c5:
9e:1c:cd:46:12:e4:ad:e3:b1:1b:eb:f6:f7:1d:40:
12:28:9e:e9:0a:85:1f:12:57:79:62:0d:15:25:35:
85:97:7d:7a:b5:a7:a0:3d:be:2a:8f:01:63:c7:03:
35:e4:c6:18:4a:1a:a9:29:10:17:7a:c4:4e:71:7c:
2e:37:a3:97:7b:2d:1d:7f:ad:bd:55:d0:9d:fe:57:
29:bd:22:9d:98:8b:19:14:35:07:27:d8:d8:ed:20:
8b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F0:18:DD:EE:44:0A:65:74:9D:65:72:B9:BD:B9:F0:00:0D:34:49
X509v3 Authority Key Identifier:
keyid:61:D3:9D:74:B1:7E:69:1D:D1:B0:52:21:C6:09:8C:AF:5E:E9:3A:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YdOddLF-aR3RsFIhxgmMr17pOjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/sfAY3e5ECmV0nWVyub258AANNEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/YdOddLF-aR3RsFIhxgmMr17pOjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.22.0/24
IPv6:
2a12:e5c0::/46
2a12:e5c0:10::/46
Signature Algorithm: sha256WithRSAEncryption
3f:7b:81:76:a2:cf:4f:aa:2c:59:0f:54:b7:a1:9c:de:de:c6:
98:c1:e9:e0:87:10:9e:c7:68:25:b4:63:a7:a6:c5:63:bc:4f:
8e:58:ec:a6:db:64:3d:86:de:13:b2:8d:d4:6f:fb:2b:32:ad:
8a:c6:9e:1b:d7:9f:b0:4b:90:ca:35:a9:6c:b9:4e:72:13:88:
8b:e3:75:ec:b7:a3:6b:4b:42:93:f8:79:72:00:27:1c:30:51:
b5:7d:b1:6d:64:85:e3:ce:38:45:f0:1d:66:2b:db:3a:e2:c1:
7b:80:d9:79:db:4f:a0:ac:ac:8c:1c:b8:c2:89:8a:4f:81:9d:
a0:cd:66:42:93:a5:24:8e:fd:67:53:04:24:95:3b:a8:9c:be:
66:49:80:87:d1:3e:dc:55:76:21:ae:77:c9:aa:88:31:ea:b9:
f2:54:f6:39:21:5e:98:d2:28:f0:91:12:0e:47:42:cd:54:b8:
f5:27:d7:e9:02:ac:a8:98:f2:2f:34:1b:69:a0:2a:b7:77:d0:
22:eb:65:ac:07:4f:14:d8:77:9b:53:ff:15:58:c0:4f:4f:a8:
2c:28:a4:97:28:4b:9e:93:1d:18:88:95:9a:2b:44:61:d6:ff:
4d:9e:bc:a0:f3:d4:1d:54:cd:9d:52:db:d1:93:94:a7:4e:1a:
b1:3b:12:0e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZK2mHKLUO6HI4aCkBrhnhJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZDM5ZDc0YjE3ZTY5MWRkMWIwNTIyMWM2MDk4Y2FmNWVl
OTNhMzYwHhcNMjQxMDIyMjMzODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWYwMThkZGVlNDQwYTY1NzQ5ZDY1NzJiOWJkYjlmMDAwMGQzNDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArti+bIj0kQ/ksdLsOGU5QgMCIqW9
ph9EksED+WLPWezAECkCTg9OCPo/soGe9Rmlv3gIsI/cVoavjE/JqPK/PYOcgPtU
Iaz8p2PND3ofgQfVAaQ6Z/8J1bqq1zHorKDGpeRaHX5QVHTZ4NJY0NjWRhZugoG8
CrAGphyUT5V1wkJLLRsSDvT9vdaMHHCGELJkZIfW0l2xYrGF15EC1NLhzP1Cj8We
HM1GEuSt47Eb6/b3HUASKJ7pCoUfEld5Yg0VJTWFl316taegPb4qjwFjxwM15MYY
ShqpKRAXesROcXwuN6OXey0df629VdCd/lcpvSKdmIsZFDUHJ9jY7SCLywIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLHwGN3uRApldJ1lcrm9ufAADTRJMB8GA1UdIwQY
MBaAFGHTnXSxfmkd0bBSIcYJjK9e6To2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWRPZGRMRi1hUjNSc0ZJaHhnbU1yMTdwT2pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS83Y2EyZjItYmYxMy00ZDE4LWE4ZGQt
OTgwNTExZGMwNWFlLzEvc2ZBWTNlNUVDbVYwbldWeXViMjU4QUFOTkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS83Y2EyZjItYmYxMy00ZDE4LWE4ZGQtOTgwNTExZGMwNWFl
LzEvWWRPZGRMRi1hUjNSc0ZJaHhnbU1yMTdwT2pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAud4WMBgE
AgACMBIDBwIqEuXAAAADBwIqEuXAABAwDQYJKoZIhvcNAQELBQADggEBAD97gXai
z0+qLFkPVLehnN7expjB6eCHEJ7HaCW0Y6emxWO8T45Y7KbbZD2G3hOyjdRv+ysy
rYrGnhvXn7BLkMo1qWy5TnITiIvjdey3o2tLQpP4eXIAJxwwUbV9sW1khePOOEXw
HWYr2zriwXuA2XnbT6CsrIwcuMKJik+BnaDNZkKTpSSO/WdTBCSVO6icvmZJgIfR
PtxVdiGud8mqiDHqufJU9jkhXpjSKPCREg5HQs1UuPUn1+kCrKiY8i80G2mgKrd3
0CLrZawHTxTYd5tT/xVYwE9PqCwopJcoS56THRiIlZorRGHW/02evKDz1B1UzZ1S
29GTlKdOGrE7Eg4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:32:29 2025 by rpki-client