Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/e2b494-c0b2-43f4-bc4d-a6f4f0f4f72d/1/ICwiR2uTtX-pSM6PZQTXiqvxJDo.roa
File: ICwiR2uTtX-pSM6PZQTXiqvxJDo.roa (raw, json)
Hash identifier: KNJ2db0M6AZ07CuBGou/uBeJnLatd+TIDEwiMNPym28=
Subject key identifier: 20:2C:22:47:6B:93:B5:7F:A9:48:CE:8F:65:04:D7:8A:AB:F1:24:3A
Certificate issuer: /CN=afb04b1355e5d6ed2223249630ac8b9f7439aee1
Certificate serial: 018CC4253267E01449342F0E969F7695C6B4
Authority key identifier: AF:B0:4B:13:55:E5:D6:ED:22:23:24:96:30:AC:8B:9F:74:39:AE:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7BLE1Xl1u0iIySWMKyLn3Q5ruE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/e2b494-c0b2-43f4-bc4d-a6f4f0f4f72d/1/ICwiR2uTtX-pSM6PZQTXiqvxJDo.roa
Signing time: Mon 01 Jan 2024 08:30:21 +0000
ROA not before: Mon 01 Jan 2024 08:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50304
IP address blocks: 185.247.12.0/23 maxlen: 24
185.247.12.0/22 maxlen: 22
2a0d:b680::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:32:67:e0:14:49:34:2f:0e:96:9f:76:95:c6:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afb04b1355e5d6ed2223249630ac8b9f7439aee1
Validity
Not Before: Jan 1 08:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=202c22476b93b57fa948ce8f6504d78aabf1243a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e3:c1:de:7d:ea:b2:6c:8a:92:60:20:7f:50:
1c:6e:88:2e:ee:d7:40:85:43:66:5c:af:c0:d1:49:
c1:a4:d1:47:a6:2e:be:d6:8f:58:c7:53:ca:4f:b1:
0e:29:6f:71:d3:52:11:23:c2:b8:1a:e5:71:fc:5a:
3f:fd:d8:c6:4a:b5:07:2b:8e:14:06:dd:ac:e2:6f:
a8:ca:07:05:50:61:4a:0a:f2:6d:17:29:ba:dd:70:
0a:cc:86:e2:ad:7e:97:29:1a:1d:da:c3:82:15:02:
b1:bf:82:59:fa:ca:92:bb:f3:f6:b0:03:3a:bb:55:
ab:16:8c:a4:6a:0a:b3:2c:d0:75:a0:69:93:c1:c8:
2b:6e:02:ec:19:53:d8:50:a2:72:9d:b5:27:b8:b4:
5c:12:c4:aa:b9:2c:28:5a:c9:d7:5d:8e:5b:54:d5:
d8:c2:fe:74:d5:bd:57:e1:99:72:fe:7f:86:2a:24:
35:64:a7:9f:12:8a:d2:99:41:fb:5e:c1:37:2d:fa:
55:5a:0d:63:1e:f9:ca:91:5b:a4:87:46:89:90:61:
43:67:46:a8:aa:67:a6:7f:12:73:48:9c:cb:ba:28:
1b:cb:ce:df:ae:c9:eb:ea:35:bb:d6:5e:3f:bb:64:
f2:61:2b:12:7d:e2:b2:ce:94:47:a5:25:71:fa:55:
d6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2C:22:47:6B:93:B5:7F:A9:48:CE:8F:65:04:D7:8A:AB:F1:24:3A
X509v3 Authority Key Identifier:
keyid:AF:B0:4B:13:55:E5:D6:ED:22:23:24:96:30:AC:8B:9F:74:39:AE:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7BLE1Xl1u0iIySWMKyLn3Q5ruE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/e2b494-c0b2-43f4-bc4d-a6f4f0f4f72d/1/ICwiR2uTtX-pSM6PZQTXiqvxJDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/e2b494-c0b2-43f4-bc4d-a6f4f0f4f72d/1/r7BLE1Xl1u0iIySWMKyLn3Q5ruE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.12.0/22
IPv6:
2a0d:b680::/29
Signature Algorithm: sha256WithRSAEncryption
93:ad:10:e3:dc:dd:48:56:58:56:a7:45:8c:90:83:7b:af:0a:
a0:e8:1e:fd:21:21:f6:08:5a:d9:60:79:6b:c6:86:54:79:cb:
08:f4:af:ab:49:c6:15:42:e2:e6:3a:e9:fd:7b:dc:df:ca:5a:
13:2b:12:bf:f7:27:ca:d6:d7:93:5d:77:d9:d4:60:ce:1d:37:
73:84:18:b8:d3:41:34:2d:0f:1a:7c:ef:f0:bb:9a:56:b1:92:
20:df:a5:ee:6e:53:10:8b:dd:62:9c:a4:30:46:88:de:b2:9f:
6c:9d:55:79:cd:5b:f0:99:dd:79:e7:c1:30:63:48:04:16:c3:
25:6f:f7:38:2e:b1:f3:de:d8:a5:9a:e7:2c:02:a5:0d:e0:8a:
d1:d4:5f:db:19:7e:6a:cb:16:48:8a:fc:0d:ac:40:b0:a0:ea:
95:0f:2e:36:3a:30:97:6e:54:95:1f:d4:4b:0f:93:ec:33:40:
33:44:61:33:a3:40:e4:23:b7:86:95:6c:99:18:98:4d:20:05:
db:a6:e2:69:a4:cb:ed:f3:11:a1:37:78:39:a3:06:af:04:a3:
5d:2f:84:94:53:70:5c:a8:c2:f9:2a:70:01:83:b7:52:bf:df:
e4:52:9c:b1:a1:91:73:74:23:e2:07:d7:f2:12:f9:14:6c:49:
ad:66:4a:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJTJn4BRJNC8Olp92lca0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYjA0YjEzNTVlNWQ2ZWQyMjIzMjQ5NjMwYWM4YjlmNzQz
OWFlZTEwHhcNMjQwMTAxMDgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDJjMjI0NzZiOTNiNTdmYTk0OGNlOGY2NTA0ZDc4YWFiZjEyNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOPB3n3qsmyKkmAgf1Acbogu7tdA
hUNmXK/A0UnBpNFHpi6+1o9Yx1PKT7EOKW9x01IRI8K4GuVx/Fo//djGSrUHK44U
Bt2s4m+oygcFUGFKCvJtFym63XAKzIbirX6XKRod2sOCFQKxv4JZ+sqSu/P2sAM6
u1WrFoykagqzLNB1oGmTwcgrbgLsGVPYUKJynbUnuLRcEsSquSwoWsnXXY5bVNXY
wv501b1X4Zly/n+GKiQ1ZKefEorSmUH7XsE3LfpVWg1jHvnKkVukh0aJkGFDZ0ao
qmemfxJzSJzLuigby87frsnr6jW71l4/u2TyYSsSfeKyzpRHpSVx+lXWiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCAsIkdrk7V/qUjOj2UE14qr8SQ6MB8GA1UdIwQY
MBaAFK+wSxNV5dbtIiMkljCsi590Oa7hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdCTEUxWGwxdTBpSXlTV01LeUxuM1E1cnVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9lMmI0OTQtYzBiMi00M2Y0LWJjNGQt
YTZmNGYwZjRmNzJkLzEvSUN3aVIydVR0WC1wU002UFpRVFhpcXZ4SkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9lMmI0OTQtYzBiMi00M2Y0LWJjNGQtYTZmNGYwZjRmNzJk
LzEvcjdCTEUxWGwxdTBpSXlTV01LeUxuM1E1cnVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufcMMA0E
AgACMAcDBQMqDbaAMA0GCSqGSIb3DQEBCwUAA4IBAQCTrRDj3N1IVlhWp0WMkIN7
rwqg6B79ISH2CFrZYHlrxoZUecsI9K+rScYVQuLmOun9e9zfyloTKxK/9yfK1teT
XXfZ1GDOHTdzhBi400E0LQ8afO/wu5pWsZIg36XublMQi91inKQwRojesp9snVV5
zVvwmd1558EwY0gEFsMlb/c4LrHz3tilmucsAqUN4IrR1F/bGX5qyxZIivwNrECw
oOqVDy42OjCXblSVH9RLD5PsM0AzRGEzo0DkI7eGlWyZGJhNIAXbpuJppMvt8xGh
N3g5owavBKNdL4SUU3BcqML5KnABg7dSv9/kUpyxoZFzdCPiB9fyEvkUbEmtZkob
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:10:58 2025 by rpki-client