Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/K7bjqtLFW6RKZBF88-0uIyrF8wA.roa
File: K7bjqtLFW6RKZBF88-0uIyrF8wA.roa (raw, json)
Hash identifier: 4cBEf83s+tNL5fsH1GM8H6HIsibxz483Cz5rwOq230g=
Subject key identifier: 2B:B6:E3:AA:D2:C5:5B:A4:4A:64:11:7C:F3:ED:2E:23:2A:C5:F3:00
Certificate issuer: /CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Certificate serial: 019145D4E18787B7B3DBD76806A303078DFE
Authority key identifier: 6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/K7bjqtLFW6RKZBF88-0uIyrF8wA.roa
Signing time: Mon 12 Aug 2024 09:04:24 +0000
ROA not before: Mon 12 Aug 2024 09:04:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204908
IP address blocks: 185.124.13.0/24 maxlen: 24
185.236.28.0/22 maxlen: 22
2a03:9000::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 23 Aug 2024 20:51:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:d4:e1:87:87:b7:b3:db:d7:68:06:a3:03:07:8d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Validity
Not Before: Aug 12 09:04:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bb6e3aad2c55ba44a64117cf3ed2e232ac5f300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:b3:7f:0f:5b:dd:82:c2:97:d3:53:9e:76:
a3:2f:5b:63:16:8b:88:38:77:e4:77:fb:22:b5:80:
f3:0c:8b:ab:8b:70:0e:7a:2a:19:ba:70:07:52:6f:
9b:66:e9:51:e7:db:c0:27:be:a4:71:4f:b5:88:95:
45:3e:01:20:55:ca:f5:2e:c4:1a:88:f0:e7:39:d6:
cc:8b:97:9f:ce:92:7a:6e:c8:85:b2:53:8f:71:50:
a4:8e:f4:a7:ad:1f:cf:29:13:0b:2a:39:a8:a0:80:
ec:cf:16:1c:c8:5b:1a:5b:01:36:77:9f:0f:10:5c:
2a:a2:08:67:d3:d6:39:74:73:c3:b1:5a:9b:77:ff:
c8:cc:08:93:46:93:c1:26:9f:1f:cb:70:55:ff:b1:
64:de:45:6c:75:00:fb:d6:f4:e4:29:91:33:40:a6:
37:58:7a:5a:dd:5b:aa:41:06:35:91:6f:6a:53:6a:
c3:f8:a9:fb:12:30:89:4c:58:00:25:0c:a2:44:8c:
a4:5e:25:51:cd:5e:87:a2:cf:c8:a7:ac:83:65:24:
d2:dd:7c:12:e0:ee:2d:6d:a6:0d:2a:07:4f:66:2d:
b6:de:dd:fa:c2:b7:0f:01:0f:3c:94:b7:cc:36:f3:
7c:0c:3f:e0:2b:c6:94:73:ea:82:06:5f:25:6d:49:
cc:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B6:E3:AA:D2:C5:5B:A4:4A:64:11:7C:F3:ED:2E:23:2A:C5:F3:00
X509v3 Authority Key Identifier:
keyid:6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/K7bjqtLFW6RKZBF88-0uIyrF8wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.13.0/24
185.236.28.0/22
IPv6:
2a03:9000::/32
Signature Algorithm: sha256WithRSAEncryption
30:5e:12:85:e4:04:4e:b1:87:59:58:de:4a:cb:d1:c1:77:1b:
6f:40:da:e6:be:96:3f:fa:db:8f:57:4d:74:5b:6b:75:2c:84:
d2:d6:c0:7d:06:8e:ec:b9:88:84:eb:2a:2d:84:69:c5:41:f8:
50:75:ef:7d:5b:74:97:a6:af:34:4b:6e:08:87:9c:91:c7:72:
b7:81:a3:39:10:78:55:d4:14:8c:c9:48:08:9b:b6:a7:37:43:
5d:e4:81:e3:f0:ec:69:4e:69:c2:01:24:a6:11:75:41:02:8b:
64:3a:2f:c9:19:86:29:6b:ac:9e:14:58:8d:6e:82:dd:8a:a1:
da:b2:27:7e:85:dc:e3:ba:fa:92:00:bb:b8:14:e9:be:15:89:
9b:cb:2b:6c:8c:89:d7:24:de:65:6f:7e:b8:c5:b9:75:20:be:
ea:db:b9:66:60:99:61:37:e4:4e:36:5a:d7:ac:9b:39:2c:f3:
5d:d1:72:53:e7:4d:d3:30:38:12:f8:8f:dc:1b:15:10:80:fa:
05:d1:d9:fe:ef:f9:a0:12:82:47:04:ca:e8:e6:c0:d5:ba:00:
01:9e:e7:30:9b:c5:2d:ec:c9:dc:20:48:89:6e:85:05:8f:1b:
4d:94:5a:a3:a3:de:e8:50:6b:2e:67:dc:b4:64:cd:29:75:8c:
48:9c:f9:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZFF1OGHh7ez29doBqMDB43+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMWJhNmUxNGQ4M2E4YjE0YjA1MDI2ZTcxMGM4NmM0NmI3
M2MzYTYwHhcNMjQwODEyMDkwNDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmI2ZTNhYWQyYzU1YmE0NGE2NDExN2NmM2VkMmUyMzJhYzVmMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkWzfw9b3YLCl9NTnnajL1tjFouI
OHfkd/sitYDzDIuri3AOeioZunAHUm+bZulR59vAJ76kcU+1iJVFPgEgVcr1LsQa
iPDnOdbMi5efzpJ6bsiFslOPcVCkjvSnrR/PKRMLKjmooIDszxYcyFsaWwE2d58P
EFwqoghn09Y5dHPDsVqbd//IzAiTRpPBJp8fy3BV/7Fk3kVsdQD71vTkKZEzQKY3
WHpa3VuqQQY1kW9qU2rD+Kn7EjCJTFgAJQyiRIykXiVRzV6Hos/Ip6yDZSTS3XwS
4O4tbaYNKgdPZi223t36wrcPAQ88lLfMNvN8DD/gK8aUc+qCBl8lbUnMHQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCu246rSxVukSmQRfPPtLiMqxfMAMB8GA1UdIwQY
MBaAFG8bpuFNg6ixSwUCbnEMhsRrc8OmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmIt
ZGFlOWZiOGJmMGIxLzEvSzdianF0TEZXNlJLWkJGODgtMHVJeXJGOHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmItZGFlOWZiOGJmMGIx
LzEvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuXwNAwQC
uewcMA0EAgACMAcDBQAqA5AAMA0GCSqGSIb3DQEBCwUAA4IBAQAwXhKF5AROsYdZ
WN5Ky9HBdxtvQNrmvpY/+tuPV010W2t1LITS1sB9Bo7suYiE6yothGnFQfhQde99
W3SXpq80S24Ih5yRx3K3gaM5EHhV1BSMyUgIm7anN0Nd5IHj8OxpTmnCASSmEXVB
AotkOi/JGYYpa6yeFFiNboLdiqHasid+hdzjuvqSALu4FOm+FYmbyytsjInXJN5l
b364xbl1IL7q27lmYJlhN+RONlrXrJs5LPNd0XJT503TMDgS+I/cGxUQgPoF0dn+
7/mgEoJHBMro5sDVugABnucwm8Ut7MncIEiJboUFjxtNlFqjo97oUGsuZ9y0ZM0p
dYxInPn+
-----END CERTIFICATE-----
Generated at Sat Aug 24 03:07:10 2024 by rpki-client on console-ams.rpki-client.org