Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/9s19jZz_9yr7f5f2ATSOoimtfc4.roa
File: 9s19jZz_9yr7f5f2ATSOoimtfc4.roa (raw, json)
Hash identifier: CHM1P8k0m8bIetcKYH60swIUaStxMpiNEPy18Q1D66E=
Subject key identifier: F6:CD:7D:8D:9C:FF:F7:2A:FB:7F:97:F6:01:34:8E:A2:29:AD:7D:CE
Certificate issuer: /CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Certificate serial: 019424B3B046A0B61CCBDDFE76AEF3C2F821
Authority key identifier: 6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/9s19jZz_9yr7f5f2ATSOoimtfc4.roa
Signing time: Thu 02 Jan 2025 01:49:03 +0000
ROA not before: Thu 02 Jan 2025 01:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204908
IP address blocks: 185.124.12.0/24 maxlen: 24
185.124.13.0/24 maxlen: 24
185.236.28.0/22 maxlen: 22
2a03:9000:100::/40 maxlen: 40
2a03:9000:300::/40 maxlen: 40
2a03:9000:400::/40 maxlen: 40
Validation: Failed, certificate revoked on Sat 11 Jan 2025 19:04:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b0:46:a0:b6:1c:cb:dd:fe:76:ae:f3:c2:f8:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Validity
Not Before: Jan 2 01:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6cd7d8d9cfff72afb7f97f601348ea229ad7dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ed:4f:09:17:8e:d5:7e:53:b3:31:43:60:e1:
48:ba:d5:a3:19:d9:95:f4:ea:e8:1f:1c:f3:bf:25:
3c:04:cf:4a:d0:bd:0c:4b:12:df:53:fb:f8:93:78:
a8:49:6c:c0:9c:bb:73:1b:0b:8e:5e:21:e5:85:50:
02:51:c0:f3:35:e2:b5:1b:1b:78:31:66:f0:91:08:
e8:07:bd:4a:dd:7e:c2:2b:34:b5:14:38:b4:48:93:
66:91:7f:03:e5:c2:42:fe:55:3e:3b:32:5f:ae:37:
d4:9f:7b:73:29:3d:26:f8:d1:26:87:dc:fa:9b:07:
8d:f9:3e:b2:89:52:40:f5:c9:8e:b2:94:38:45:d1:
cf:aa:a8:99:8d:b1:b3:25:a3:26:5b:c5:0b:33:91:
d6:15:5f:16:47:8b:04:73:98:70:14:24:2a:f0:fa:
de:85:fa:9d:2b:9f:b8:99:2d:80:fb:50:2e:ce:a5:
61:2f:28:7f:2e:ba:4c:34:76:b1:89:d9:59:d2:fc:
1c:6d:cc:21:a5:21:ac:56:3a:fb:d9:25:99:5d:67:
1b:5b:88:cb:b9:42:78:a2:ab:65:27:8c:be:1d:f9:
4e:77:fe:e5:eb:ff:e8:30:03:01:ae:c7:0a:e8:c4:
96:03:d4:19:ef:e9:2d:3e:22:7e:ce:5b:62:39:56:
8d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:CD:7D:8D:9C:FF:F7:2A:FB:7F:97:F6:01:34:8E:A2:29:AD:7D:CE
X509v3 Authority Key Identifier:
keyid:6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/9s19jZz_9yr7f5f2ATSOoimtfc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.12.0/23
185.236.28.0/22
IPv6:
2a03:9000:100::/40
2a03:9000:300::-2a03:9000:4ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7c:e1:b2:86:8e:d2:85:3e:7e:08:3c:22:cc:a9:3b:fd:19:24:
29:c0:2f:32:75:f1:d9:a8:81:48:ad:48:84:7b:a3:02:fc:1b:
48:65:ad:30:4a:74:89:a4:5c:6f:51:c2:80:92:47:f6:bf:12:
46:6a:fa:87:2c:25:b5:02:a0:7e:64:1e:26:6b:33:8d:87:0a:
3a:20:7a:aa:e0:e2:e0:10:9a:5a:7b:1e:3a:a1:ae:c7:71:13:
d2:e5:03:7c:47:52:1a:66:bc:99:43:34:da:02:af:64:b4:39:
b5:c0:87:8d:ed:32:17:d6:14:cf:c4:5a:8d:55:00:d2:ff:c2:
90:91:e4:95:0d:85:7b:cf:e4:d1:97:a5:48:30:3c:06:f3:4d:
50:65:f1:1d:3d:5c:74:9e:0b:92:01:bc:12:64:7d:af:ee:c7:
d3:c0:c7:0a:08:7f:5f:c3:e7:fb:00:ce:be:e5:b2:dd:89:65:
04:16:15:a0:3b:c7:63:62:aa:d0:ac:bc:99:18:0e:16:8a:da:
7f:ba:0a:12:fb:0f:6b:b6:a8:a1:da:c3:0b:a0:67:6e:67:e9:
50:c1:60:67:4a:7f:eb:d0:82:77:8d:14:9a:b3:02:fe:0c:49:
26:0e:68:4c:7d:1a:93:2e:61:38:e0:86:7b:0f:84:6a:6d:6c:
b2:ca:a2:3f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQks7BGoLYcy93+dq7zwvghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMWJhNmUxNGQ4M2E4YjE0YjA1MDI2ZTcxMGM4NmM0NmI3
M2MzYTYwHhcNMjUwMTAyMDE0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmNkN2Q4ZDljZmZmNzJhZmI3Zjk3ZjYwMTM0OGVhMjI5YWQ3ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO1PCReO1X5TszFDYOFIutWjGdmV
9OroHxzzvyU8BM9K0L0MSxLfU/v4k3ioSWzAnLtzGwuOXiHlhVACUcDzNeK1Gxt4
MWbwkQjoB71K3X7CKzS1FDi0SJNmkX8D5cJC/lU+OzJfrjfUn3tzKT0m+NEmh9z6
mweN+T6yiVJA9cmOspQ4RdHPqqiZjbGzJaMmW8ULM5HWFV8WR4sEc5hwFCQq8Pre
hfqdK5+4mS2A+1AuzqVhLyh/LrpMNHaxidlZ0vwcbcwhpSGsVjr72SWZXWcbW4jL
uUJ4oqtlJ4y+HflOd/7l6//oMAMBrscK6MSWA9QZ7+ktPiJ+zltiOVaNHwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPbNfY2c//cq+3+X9gE0jqIprX3OMB8GA1UdIwQY
MBaAFG8bpuFNg6ixSwUCbnEMhsRrc8OmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmIt
ZGFlOWZiOGJmMGIxLzEvOXMxOWpael85eXI3ZjVmMkFUU09vaW10ZmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmItZGFlOWZiOGJmMGIx
LzEvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjASBAIAATAMAwQBuXwMAwQC
uewcMCAEAgACMBoDBgAqA5AAATAQAwYAKgOQAAMDBgAqA5AABDANBgkqhkiG9w0B
AQsFAAOCAQEAfOGyho7ShT5+CDwizKk7/RkkKcAvMnXx2aiBSK1IhHujAvwbSGWt
MEp0iaRcb1HCgJJH9r8SRmr6hywltQKgfmQeJmszjYcKOiB6quDi4BCaWnseOqGu
x3ET0uUDfEdSGma8mUM02gKvZLQ5tcCHje0yF9YUz8RajVUA0v/CkJHklQ2Fe8/k
0ZelSDA8BvNNUGXxHT1cdJ4LkgG8EmR9r+7H08DHCgh/X8Pn+wDOvuWy3YllBBYV
oDvHY2Kq0Ky8mRgOForaf7oKEvsPa7aoodrDC6BnbmfpUMFgZ0p/69CCd40UmrMC
/gxJJg5oTH0aky5hOOCGew+Eam1sssqiPw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:20:35 2025 by rpki-client