Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/KOqopano3SIcPeK7ePjfO1lQXgo.roa
File: KOqopano3SIcPeK7ePjfO1lQXgo.roa (raw, json)
Hash identifier: LYUtQK5QQYfiFUr/tuDfEp3cl22wudqPHfLtlHR8grc=
Subject key identifier: 28:EA:A8:A5:A9:E8:DD:22:1C:3D:E2:BB:78:F8:DF:3B:59:50:5E:0A
Certificate issuer: /CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Certificate serial: 019424B3AF8B0AE66DA986CA71D4FD25DD70
Authority key identifier: 6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/KOqopano3SIcPeK7ePjfO1lQXgo.roa
Signing time: Thu 02 Jan 2025 01:49:03 +0000
ROA not before: Thu 02 Jan 2025 01:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49371
IP address blocks: 185.124.12.0/24 maxlen: 24
185.124.13.0/24 maxlen: 24
185.124.14.0/24 maxlen: 24
185.124.15.0/24 maxlen: 24
185.236.28.0/22 maxlen: 22
2a03:9000::/40 maxlen: 40
2a03:9000:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Sat 11 Jan 2025 19:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:af:8b:0a:e6:6d:a9:86:ca:71:d4:fd:25:dd:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Validity
Not Before: Jan 2 01:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28eaa8a5a9e8dd221c3de2bb78f8df3b59505e0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fb:89:24:33:1b:fc:ba:34:7c:43:2a:5a:07:
23:f5:78:49:ff:a4:e5:0d:8a:e3:f2:28:df:9e:92:
5a:14:c0:f3:06:35:b4:43:47:3f:af:f4:1f:0b:36:
4b:3e:ca:32:f6:b5:b6:2c:fb:1f:60:5b:cb:35:da:
8d:e0:0b:8c:49:32:98:3c:6f:2a:c9:e5:5e:ad:60:
10:a8:a9:57:96:80:b3:9b:76:68:a5:2b:17:09:a3:
a0:22:74:76:23:77:be:dc:99:72:d9:44:65:97:b3:
54:cd:b4:43:6c:e8:a9:b1:cd:30:f2:08:ed:ef:16:
aa:06:34:d2:2e:d5:35:fa:e7:b0:12:f3:76:83:2e:
16:41:c6:44:eb:a7:e5:b3:7b:df:7b:9d:78:10:e5:
2b:18:09:83:43:3b:58:44:f5:7a:ba:55:58:57:c7:
c9:66:a4:65:84:f6:79:10:92:aa:db:d6:7e:52:d8:
03:bb:4f:4e:49:67:6c:09:69:6b:34:c8:e0:47:d1:
2f:83:8d:97:85:fd:96:54:91:48:11:c9:96:7b:48:
12:ab:a8:bb:8a:c7:01:1a:fe:ed:56:93:0e:55:4c:
26:e8:1c:c7:a0:94:7a:e1:96:f2:53:bc:c1:d2:55:
34:ac:43:b9:21:35:95:45:04:af:0d:fa:f3:61:87:
4e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:EA:A8:A5:A9:E8:DD:22:1C:3D:E2:BB:78:F8:DF:3B:59:50:5E:0A
X509v3 Authority Key Identifier:
keyid:6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/KOqopano3SIcPeK7ePjfO1lQXgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.12.0/22
185.236.28.0/22
IPv6:
2a03:9000::/40
2a03:9000:200::/40
Signature Algorithm: sha256WithRSAEncryption
66:30:fa:55:fe:d4:d7:85:aa:af:06:b6:16:cd:72:45:24:05:
f7:54:ac:12:76:30:fe:27:3f:d9:b0:15:2c:00:b4:29:34:44:
f7:53:6d:25:b9:8f:ce:b5:e6:d8:3c:ca:7c:1a:46:87:76:ed:
7d:b1:08:38:a3:bf:53:6c:ae:51:b8:22:36:b1:0c:18:4e:64:
43:41:da:e8:64:d5:9b:5a:37:ad:d7:5b:05:28:9f:fd:18:d2:
e8:4e:ca:e3:b1:17:8d:1f:40:21:d7:f9:19:3b:6e:19:7a:39:
e4:a3:87:c4:0b:93:b9:4f:b0:45:5e:a2:f6:79:dd:bb:a9:69:
68:28:57:d6:7d:1e:10:21:a3:46:31:47:04:02:21:e4:db:a1:
1c:5a:c3:f7:b6:3b:0a:5c:d1:dd:4f:ef:b4:81:c6:9b:a7:72:
e4:77:70:6d:c6:46:16:ef:ef:47:29:89:25:1e:58:26:ed:37:
1f:c4:2f:7e:a5:35:41:c5:9e:3c:67:74:ea:49:48:6c:03:79:
57:c2:4a:74:74:b5:ca:13:07:60:96:ff:3d:67:52:85:ae:31:
d6:22:07:10:d8:dd:6b:12:a5:29:aa:9d:38:97:bd:ec:c7:95:
d3:77:c3:2e:ac:9e:1c:ae:0e:1b:1b:dd:ea:e8:1f:19:c3:d1:
a8:d9:f6:e3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQks6+LCuZtqYbKcdT9Jd1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMWJhNmUxNGQ4M2E4YjE0YjA1MDI2ZTcxMGM4NmM0NmI3
M2MzYTYwHhcNMjUwMTAyMDE0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGVhYThhNWE5ZThkZDIyMWMzZGUyYmI3OGY4ZGYzYjU5NTA1ZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvuJJDMb/Lo0fEMqWgcj9XhJ/6Tl
DYrj8ijfnpJaFMDzBjW0Q0c/r/QfCzZLPsoy9rW2LPsfYFvLNdqN4AuMSTKYPG8q
yeVerWAQqKlXloCzm3ZopSsXCaOgInR2I3e+3Jly2URll7NUzbRDbOipsc0w8gjt
7xaqBjTSLtU1+uewEvN2gy4WQcZE66fls3vfe514EOUrGAmDQztYRPV6ulVYV8fJ
ZqRlhPZ5EJKq29Z+UtgDu09OSWdsCWlrNMjgR9Evg42Xhf2WVJFIEcmWe0gSq6i7
iscBGv7tVpMOVUwm6BzHoJR64ZbyU7zB0lU0rEO5ITWVRQSvDfrzYYdOBQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCjqqKWp6N0iHD3iu3j43ztZUF4KMB8GA1UdIwQY
MBaAFG8bpuFNg6ixSwUCbnEMhsRrc8OmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmIt
ZGFlOWZiOGJmMGIxLzEvS09xb3Bhbm8zU0ljUGVLN2VQamZPMWxRWGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmItZGFlOWZiOGJmMGIx
LzEvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuXwMAwQC
uewcMBYEAgACMBADBgAqA5AAAAMGACoDkAACMA0GCSqGSIb3DQEBCwUAA4IBAQBm
MPpV/tTXhaqvBrYWzXJFJAX3VKwSdjD+Jz/ZsBUsALQpNET3U20luY/OtebYPMp8
GkaHdu19sQg4o79TbK5RuCI2sQwYTmRDQdroZNWbWjet11sFKJ/9GNLoTsrjsReN
H0Ah1/kZO24Zejnko4fEC5O5T7BFXqL2ed27qWloKFfWfR4QIaNGMUcEAiHk26Ec
WsP3tjsKXNHdT++0gcabp3Lkd3BtxkYW7+9HKYklHlgm7TcfxC9+pTVBxZ48Z3Tq
SUhsA3lXwkp0dLXKEwdglv89Z1KFrjHWIgcQ2N1rEqUpqp04l73sx5XTd8MurJ4c
rg4bG93q6B8Zw9Go2fbj
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:32:40 2025 by rpki-client