Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/0aHFz3hpYkFsvtkOL03xad8tLJE.roa
File: 0aHFz3hpYkFsvtkOL03xad8tLJE.roa (raw, json)
Hash identifier: 0XCi+vA77n44C6woKy5ghDLnwsfxVuOZrigwXmyVyYk=
Subject key identifier: D1:A1:C5:CF:78:69:62:41:6C:BE:D9:0E:2F:4D:F1:69:DF:2D:2C:91
Certificate issuer: /CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Certificate serial: 0191810214288477BE7B5F284622B735E5B0
Authority key identifier: 6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/0aHFz3hpYkFsvtkOL03xad8tLJE.roa
Signing time: Fri 23 Aug 2024 20:51:22 +0000
ROA not before: Fri 23 Aug 2024 20:51:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204908
IP address blocks: 185.124.12.0/24 maxlen: 24
185.124.13.0/24 maxlen: 24
185.236.28.0/22 maxlen: 22
2a03:9000::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 05 Sep 2024 10:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:81:02:14:28:84:77:be:7b:5f:28:46:22:b7:35:e5:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Validity
Not Before: Aug 23 20:51:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1a1c5cf786962416cbed90e2f4df169df2d2c91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a9:17:72:88:72:b8:e9:a1:7f:f2:26:44:4d:
ba:c9:e4:51:72:58:ca:cf:cf:46:dc:98:27:be:59:
15:7c:e9:d4:46:62:86:96:2f:a0:30:56:81:ee:6d:
9f:50:90:8c:6f:9e:61:21:f4:59:c4:20:a6:9d:7a:
44:4a:aa:d1:47:12:9a:3d:c3:e7:ba:fd:9b:96:4c:
2e:b5:a6:52:5d:32:50:b4:58:af:ec:0b:f6:84:57:
1a:d1:8a:24:4f:db:f8:d2:83:97:4c:f1:1d:00:2d:
ef:44:63:39:95:0b:49:97:7f:d6:0c:d4:fc:e8:51:
67:76:9f:7d:a7:61:9b:47:05:43:f6:bd:72:8b:45:
d8:c9:7e:8a:d6:2e:e0:19:1b:52:e7:ce:1a:8b:dd:
1b:f4:1c:33:f5:75:2e:3a:c1:8e:e5:4c:5e:a4:4b:
30:28:a9:35:d1:43:91:84:c0:3c:fc:d4:04:2d:39:
b2:1c:52:c0:08:3b:b6:51:09:93:98:2f:33:9c:a4:
63:aa:89:c3:77:3d:29:f8:d8:45:fc:54:4d:2c:5c:
88:4f:3d:c7:13:d9:7e:29:41:19:81:13:e5:10:72:
79:6d:08:c1:ac:87:b1:36:b6:0e:4a:7a:e2:33:df:
8a:08:19:25:b6:dd:ef:10:a8:3b:8b:4f:c0:6f:76:
a6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A1:C5:CF:78:69:62:41:6C:BE:D9:0E:2F:4D:F1:69:DF:2D:2C:91
X509v3 Authority Key Identifier:
keyid:6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/0aHFz3hpYkFsvtkOL03xad8tLJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.12.0/23
185.236.28.0/22
IPv6:
2a03:9000::/32
Signature Algorithm: sha256WithRSAEncryption
6a:5f:71:29:cf:64:6d:08:0d:8a:4e:62:0e:a5:18:2d:e1:b8:
c7:aa:e5:84:69:bf:a6:09:d1:68:da:8f:2c:3d:61:01:d7:dc:
31:a9:73:54:91:2a:8c:ca:10:c6:15:25:42:d8:ca:c6:ce:0e:
33:dc:97:0c:c7:ce:3b:9e:11:52:18:47:8c:af:b4:dc:e1:73:
5e:10:ff:44:d1:e0:7c:a8:55:be:51:0f:98:4e:1c:b2:87:78:
7a:aa:e4:8c:42:a4:c0:dc:53:61:a6:9f:4c:f2:15:a8:fd:e8:
eb:29:7b:b4:19:89:40:5f:e0:91:05:bf:db:1d:78:69:33:34:
b2:f0:fc:8e:01:bb:b6:72:25:19:f5:50:25:4c:bf:8b:d6:45:
d9:88:15:35:75:00:b0:cb:0b:32:84:cc:9d:63:39:1c:0d:01:
c0:95:14:96:31:0d:1c:d8:02:80:37:29:ed:31:d2:86:6d:d8:
d6:0f:ec:2a:b8:d5:ae:df:e5:2c:84:7d:2f:7a:a5:21:02:30:
35:14:64:de:43:3b:54:21:8b:2e:c1:0c:bb:38:42:c4:28:e3:
e3:63:af:1a:1c:0c:68:a7:a3:9c:3e:4e:f9:6d:21:39:f1:e1:
b7:7f:a8:e3:59:bb:2a:d8:c0:f6:7c:87:ad:74:7f:a5:d9:da:
d3:a2:b8:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZGBAhQohHe+e18oRiK3NeWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMWJhNmUxNGQ4M2E4YjE0YjA1MDI2ZTcxMGM4NmM0NmI3
M2MzYTYwHhcNMjQwODIzMjA1MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWExYzVjZjc4Njk2MjQxNmNiZWQ5MGUyZjRkZjE2OWRmMmQyYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKkXcohyuOmhf/ImRE26yeRRcljK
z89G3JgnvlkVfOnURmKGli+gMFaB7m2fUJCMb55hIfRZxCCmnXpESqrRRxKaPcPn
uv2blkwutaZSXTJQtFiv7Av2hFca0YokT9v40oOXTPEdAC3vRGM5lQtJl3/WDNT8
6FFndp99p2GbRwVD9r1yi0XYyX6K1i7gGRtS584ai90b9Bwz9XUuOsGO5UxepEsw
KKk10UORhMA8/NQELTmyHFLACDu2UQmTmC8znKRjqonDdz0p+NhF/FRNLFyITz3H
E9l+KUEZgRPlEHJ5bQjBrIexNrYOSnriM9+KCBkltt3vEKg7i0/Ab3am1QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNGhxc94aWJBbL7ZDi9N8WnfLSyRMB8GA1UdIwQY
MBaAFG8bpuFNg6ixSwUCbnEMhsRrc8OmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmIt
ZGFlOWZiOGJmMGIxLzEvMGFIRnozaHBZa0ZzdnRrT0wwM3hhZDh0TEpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmItZGFlOWZiOGJmMGIx
LzEvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuXwMAwQC
uewcMA0EAgACMAcDBQAqA5AAMA0GCSqGSIb3DQEBCwUAA4IBAQBqX3Epz2RtCA2K
TmIOpRgt4bjHquWEab+mCdFo2o8sPWEB19wxqXNUkSqMyhDGFSVC2MrGzg4z3JcM
x847nhFSGEeMr7Tc4XNeEP9E0eB8qFW+UQ+YThyyh3h6quSMQqTA3FNhpp9M8hWo
/ejrKXu0GYlAX+CRBb/bHXhpMzSy8PyOAbu2ciUZ9VAlTL+L1kXZiBU1dQCwywsy
hMydYzkcDQHAlRSWMQ0c2AKANyntMdKGbdjWD+wquNWu3+UshH0veqUhAjA1FGTe
QztUIYsuwQy7OELEKOPjY68aHAxop6OcPk75bSE58eG3f6jjWbsq2MD2fIetdH+l
2drTorjV
-----END CERTIFICATE-----
Generated at Thu Sep 5 13:05:01 2024 by rpki-client on console-fra.rpki-client.org