Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/AJUZW4wIHBFvP4wT3aBmWpiknBc.roa
File: AJUZW4wIHBFvP4wT3aBmWpiknBc.roa (raw, json)
Hash identifier: Mj3L1ka+qBoIg+4ZgN6o6jrxjD6nC8xpkgMKxnmCmIw=
Subject key identifier: 00:95:19:5B:8C:08:1C:11:6F:3F:8C:13:DD:A0:66:5A:98:A4:9C:17
Certificate issuer: /CN=af5bc49d5f01a235af9289cf4926affef7af92b0
Certificate serial: 018CC94AC389C4B646B5DB8DA785847C94E3
Authority key identifier: AF:5B:C4:9D:5F:01:A2:35:AF:92:89:CF:49:26:AF:FE:F7:AF:92:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r1vEnV8BojWvkonPSSav_vevkrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/AJUZW4wIHBFvP4wT3aBmWpiknBc.roa
Signing time: Tue 02 Jan 2024 08:29:29 +0000
ROA not before: Tue 02 Jan 2024 08:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50673
IP address blocks: 185.254.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:c3:89:c4:b6:46:b5:db:8d:a7:85:84:7c:94:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5bc49d5f01a235af9289cf4926affef7af92b0
Validity
Not Before: Jan 2 08:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0095195b8c081c116f3f8c13dda0665a98a49c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7d:b7:d3:79:4f:86:7a:06:d6:4a:b8:07:95:
ff:80:e9:c9:c5:db:9a:99:c2:f6:2b:01:26:81:bd:
69:ba:c9:ea:f0:e5:43:11:b5:45:a1:b8:16:7c:b5:
83:84:1c:33:ab:55:4b:c1:34:59:47:fa:a0:57:ce:
b6:6f:2c:2b:fb:0b:14:e9:ee:b7:1d:fa:40:45:37:
a6:bc:63:5d:1a:99:d0:91:0e:6d:44:11:40:98:cf:
a4:88:1e:b3:51:b2:8c:27:96:eb:40:7b:a8:eb:b4:
79:43:6b:2c:71:02:ab:f5:89:81:36:d0:6e:5f:d4:
46:66:89:c2:25:3e:a0:53:85:e9:ff:f8:56:ac:d4:
bf:61:ea:e9:a3:84:f2:b3:27:4e:5e:2d:6c:5d:f7:
08:ea:28:8d:c8:ae:51:0a:a7:d9:40:85:a8:1b:2f:
21:80:f2:8d:ec:8d:c5:b1:5b:66:8f:fe:29:79:a7:
07:20:46:a8:88:cc:18:9c:79:cb:23:ee:fe:f8:4a:
0e:af:a6:01:b2:bb:80:48:26:ce:9e:3f:a6:8c:c2:
6a:9a:96:a5:74:dd:c3:b5:45:24:85:be:32:c8:28:
cb:e1:d0:ad:5e:0b:cc:c2:e5:14:ab:04:0d:14:75:
f1:73:e8:e1:1a:03:72:37:a2:10:b5:e6:56:c1:e2:
b5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:95:19:5B:8C:08:1C:11:6F:3F:8C:13:DD:A0:66:5A:98:A4:9C:17
X509v3 Authority Key Identifier:
keyid:AF:5B:C4:9D:5F:01:A2:35:AF:92:89:CF:49:26:AF:FE:F7:AF:92:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r1vEnV8BojWvkonPSSav_vevkrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/AJUZW4wIHBFvP4wT3aBmWpiknBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f2fbd8-d6e1-47ad-aa21-147e4572873a/1/r1vEnV8BojWvkonPSSav_vevkrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.172.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:27:e2:a1:86:ad:ac:e3:76:8f:ed:fc:d6:79:7e:9a:bb:37:
fd:cd:42:70:4f:a6:f2:34:64:d9:e5:99:53:80:c2:ac:7b:51:
05:c4:09:e8:50:8d:cd:15:c2:85:3d:64:22:fe:be:e8:86:7f:
17:0c:ee:26:f4:d5:af:78:f8:f8:48:46:06:9b:6f:3b:25:9a:
1b:5a:ee:f6:bd:66:56:48:59:e9:19:60:f4:b2:e8:80:32:16:
6f:22:d3:12:a6:3a:ea:94:e4:ba:d4:2a:63:6d:af:10:f2:50:
38:6c:a3:fe:6c:8a:11:08:d0:71:e9:ab:d2:3d:66:94:df:60:
91:7e:d1:8b:17:04:46:e2:cd:06:46:70:92:b2:45:ca:2c:2d:
bc:b0:fc:3f:04:40:ba:45:bc:e3:bc:42:ff:f5:82:5f:48:b0:
6a:29:87:0d:16:c8:f6:b9:d5:90:cb:1b:cb:c2:ab:2d:44:1e:
d5:da:6b:54:7e:e2:1c:fa:61:bf:54:82:b6:e7:ab:24:40:20:
e9:96:6f:fd:a1:e5:db:04:1e:80:a1:40:c5:33:58:54:1a:c3:
5d:0b:cd:49:97:0f:2c:26:98:9a:ec:78:31:8a:65:2c:6d:98:
6e:17:01:01:a7:3f:d2:2f:89:20:e4:d3:5d:96:6f:0a:62:c4:
45:8d:b4:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJSsOJxLZGtduNp4WEfJTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWJjNDlkNWYwMWEyMzVhZjkyODljZjQ5MjZhZmZlZjdh
ZjkyYjAwHhcNMjQwMTAyMDgyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDk1MTk1YjhjMDgxYzExNmYzZjhjMTNkZGEwNjY1YTk4YTQ5YzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX2303lPhnoG1kq4B5X/gOnJxdua
mcL2KwEmgb1pusnq8OVDEbVFobgWfLWDhBwzq1VLwTRZR/qgV862bywr+wsU6e63
HfpARTemvGNdGpnQkQ5tRBFAmM+kiB6zUbKMJ5brQHuo67R5Q2sscQKr9YmBNtBu
X9RGZonCJT6gU4Xp//hWrNS/Yerpo4TysydOXi1sXfcI6iiNyK5RCqfZQIWoGy8h
gPKN7I3FsVtmj/4peacHIEaoiMwYnHnLI+7++EoOr6YBsruASCbOnj+mjMJqmpal
dN3DtUUkhb4yyCjL4dCtXgvMwuUUqwQNFHXxc+jhGgNyN6IQteZWweK1GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACVGVuMCBwRbz+ME92gZlqYpJwXMB8GA1UdIwQY
MBaAFK9bxJ1fAaI1r5KJz0kmr/73r5KwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjF2RW5WOEJvald2a29uUFNTYXZfdmV2a3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9mMmZiZDgtZDZlMS00N2FkLWFhMjEt
MTQ3ZTQ1NzI4NzNhLzEvQUpVWlc0d0lIQkZ2UDR3VDNhQm1XcGlrbkJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9mMmZiZDgtZDZlMS00N2FkLWFhMjEtMTQ3ZTQ1NzI4NzNh
LzEvcjF2RW5WOEJvald2a29uUFNTYXZfdmV2a3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf6sMA0G
CSqGSIb3DQEBCwUAA4IBAQA8J+Khhq2s43aP7fzWeX6auzf9zUJwT6byNGTZ5ZlT
gMKse1EFxAnoUI3NFcKFPWQi/r7ohn8XDO4m9NWvePj4SEYGm287JZobWu72vWZW
SFnpGWD0suiAMhZvItMSpjrqlOS61Cpjba8Q8lA4bKP+bIoRCNBx6avSPWaU32CR
ftGLFwRG4s0GRnCSskXKLC28sPw/BEC6RbzjvEL/9YJfSLBqKYcNFsj2udWQyxvL
wqstRB7V2mtUfuIc+mG/VIK256skQCDplm/9oeXbBB6AoUDFM1hUGsNdC81Jlw8s
Jpia7HgximUsbZhuFwEBpz/SL4kg5NNdlm8KYsRFjbQP
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:57 2025 by rpki-client