Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/623k6gsGXBa4ksVmTwjUipYrUAA.roa
File: 623k6gsGXBa4ksVmTwjUipYrUAA.roa (raw, json)
Hash identifier: SkP0HZnhVeKNbahDYxYQU+FCG2Vk0GYz1Qka/F0GL6w=
Subject key identifier: EB:6D:E4:EA:0B:06:5C:16:B8:92:C5:66:4F:08:D4:8A:96:2B:50:00
Certificate issuer: /CN=30f8e2c0c87e93799e23284f36b8615db78783ab
Certificate serial: 018CC9BCA2DFA77933275F19FEC55501068F
Authority key identifier: 30:F8:E2:C0:C8:7E:93:79:9E:23:28:4F:36:B8:61:5D:B7:87:83:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPjiwMh-k3meIyhPNrhhXbeHg6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/623k6gsGXBa4ksVmTwjUipYrUAA.roa
Signing time: Tue 02 Jan 2024 10:33:52 +0000
ROA not before: Tue 02 Jan 2024 10:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206420
IP address blocks: 185.212.12.0/22 maxlen: 22
185.186.248.0/22 maxlen: 22
2a0b:70c0::/32 maxlen: 32
2a0b:8c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a2:df:a7:79:33:27:5f:19:fe:c5:55:01:06:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f8e2c0c87e93799e23284f36b8615db78783ab
Validity
Not Before: Jan 2 10:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb6de4ea0b065c16b892c5664f08d48a962b5000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:3d:63:9d:c9:e0:91:a3:75:a5:8d:09:d2:80:
ce:7a:af:5b:19:6f:c5:da:9a:c5:97:7e:01:2c:38:
26:b5:54:0e:6e:9d:b4:ca:8d:c0:99:70:91:81:70:
88:6f:f7:63:5e:95:dd:85:df:d9:4a:ab:76:2f:3a:
71:db:41:da:9e:b1:0c:f0:65:97:0e:b8:53:34:3a:
84:04:75:d2:15:3a:d8:19:c7:37:93:34:76:e5:89:
80:90:73:54:58:8b:71:31:f5:36:7d:fe:a9:04:9f:
91:92:b3:b6:d1:a4:40:da:63:4d:37:43:7d:ca:89:
72:09:61:86:fc:d9:1c:85:d1:50:60:7f:ad:da:e5:
9b:40:bf:b3:0f:c0:bf:95:36:04:98:e0:8a:86:2b:
c5:0a:f0:40:52:c6:b8:5f:e5:c5:2a:f4:87:d7:7a:
59:87:ba:54:ff:21:67:27:99:30:28:c8:2c:6d:f6:
87:ae:4d:b4:7d:f3:a1:da:24:56:3c:f4:33:cb:24:
f2:06:b8:64:95:d2:67:93:ed:53:0b:f1:a7:91:a8:
ad:22:64:0e:10:71:ce:b8:41:be:4e:a9:32:36:4b:
0a:7c:03:a5:1a:6a:5e:af:92:34:4f:35:73:02:9d:
9b:d8:f8:1d:88:b7:32:26:fd:f8:9e:5a:5b:05:ec:
19:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6D:E4:EA:0B:06:5C:16:B8:92:C5:66:4F:08:D4:8A:96:2B:50:00
X509v3 Authority Key Identifier:
keyid:30:F8:E2:C0:C8:7E:93:79:9E:23:28:4F:36:B8:61:5D:B7:87:83:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPjiwMh-k3meIyhPNrhhXbeHg6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/623k6gsGXBa4ksVmTwjUipYrUAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/99be4d-f8ec-4430-a9cd-7e12b87d06c2/1/MPjiwMh-k3meIyhPNrhhXbeHg6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.248.0/22
185.212.12.0/22
IPv6:
2a0b:70c0::/32
2a0b:8c80::/29
Signature Algorithm: sha256WithRSAEncryption
74:44:cd:b4:36:9d:f6:7c:c9:40:27:95:49:a1:71:81:76:29:
62:6a:c6:4e:2a:45:82:b4:d9:f0:0c:44:a9:62:86:16:a8:17:
eb:39:07:80:a6:27:b9:d5:b4:37:03:47:2c:26:3f:3a:3e:b0:
cd:dd:8f:4a:19:0d:52:8e:32:c1:8d:5e:09:af:00:d1:47:5d:
63:01:bf:e9:ad:fe:3a:9d:10:d2:a4:af:2b:f0:1a:1d:2f:f0:
c8:4b:34:18:5d:8e:7d:b0:e1:10:af:e7:87:e0:67:1a:d0:b3:
bb:85:61:48:05:05:de:d6:ee:9c:66:c1:8d:01:d6:e1:e8:5e:
64:af:01:c1:10:bb:05:49:52:c0:9a:f5:36:d3:aa:4f:7d:6b:
74:4e:d9:78:9f:0d:05:14:4e:47:ae:8c:b1:14:48:83:77:ea:
73:cd:b6:7f:10:00:66:f5:08:57:99:ad:55:8e:f5:86:f4:f4:
1f:b3:46:f0:80:eb:6a:94:48:83:c2:3a:17:ef:b0:c6:b5:ca:
34:3a:42:07:f5:c6:c5:02:ec:97:3e:f8:20:ce:5c:9b:0e:c0:
74:20:65:f6:fd:c8:35:01:96:53:f1:36:81:34:3a:1c:d4:9d:
d4:df:fa:33:21:d0:a7:10:c5:47:25:2e:50:58:68:9a:68:14:
e9:f3:ee:a1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzJvKLfp3kzJ18Z/sVVAQaPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjhlMmMwYzg3ZTkzNzk5ZTIzMjg0ZjM2Yjg2MTVkYjc4
NzgzYWIwHhcNMjQwMTAyMTAzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjZkZTRlYTBiMDY1YzE2Yjg5MmM1NjY0ZjA4ZDQ4YTk2MmI1MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5z1jncngkaN1pY0J0oDOeq9bGW/F
2prFl34BLDgmtVQObp20yo3AmXCRgXCIb/djXpXdhd/ZSqt2Lzpx20HanrEM8GWX
DrhTNDqEBHXSFTrYGcc3kzR25YmAkHNUWItxMfU2ff6pBJ+RkrO20aRA2mNNN0N9
yolyCWGG/NkchdFQYH+t2uWbQL+zD8C/lTYEmOCKhivFCvBAUsa4X+XFKvSH13pZ
h7pU/yFnJ5kwKMgsbfaHrk20ffOh2iRWPPQzyyTyBrhkldJnk+1TC/GnkaitImQO
EHHOuEG+TqkyNksKfAOlGmper5I0TzVzAp2b2PgdiLcyJv34nlpbBewZqQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOtt5OoLBlwWuJLFZk8I1IqWK1AAMB8GA1UdIwQY
MBaAFDD44sDIfpN5niMoTza4YV23h4OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBqaXdNaC1rM21lSXloUE5yaGhYYmVIZzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85OWJlNGQtZjhlYy00NDMwLWE5Y2Qt
N2UxMmI4N2QwNmMyLzEvNjIzazZnc0dYQmE0a3NWbVR3alVpcFlyVUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85OWJlNGQtZjhlYy00NDMwLWE5Y2QtN2UxMmI4N2QwNmMy
LzEvTVBqaXdNaC1rM21lSXloUE5yaGhYYmVIZzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCubr4AwQC
udQMMBQEAgACMA4DBQAqC3DAAwUDKguMgDANBgkqhkiG9w0BAQsFAAOCAQEAdETN
tDad9nzJQCeVSaFxgXYpYmrGTipFgrTZ8AxEqWKGFqgX6zkHgKYnudW0NwNHLCY/
Oj6wzd2PShkNUo4ywY1eCa8A0UddYwG/6a3+Op0Q0qSvK/AaHS/wyEs0GF2OfbDh
EK/nh+BnGtCzu4VhSAUF3tbunGbBjQHW4eheZK8BwRC7BUlSwJr1NtOqT31rdE7Z
eJ8NBRROR66MsRRIg3fqc822fxAAZvUIV5mtVY71hvT0H7NG8IDrapRIg8I6F++w
xrXKNDpCB/XGxQLslz74IM5cmw7AdCBl9v3INQGWU/E2gTQ6HNSd1N/6MyHQpxDF
RyUuUFhommgU6fPuoQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:16 2025 by rpki-client