Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/a7Wcxj8SX1xid5NUAru3x1FjDoM.roa
File: a7Wcxj8SX1xid5NUAru3x1FjDoM.roa (raw, json)
Hash identifier: jevIlnTFcy0DNdrJgmZQ6rwLoUSruvxvPpFu96lK2ss=
Subject key identifier: 6B:B5:9C:C6:3F:12:5F:5C:62:77:93:54:02:BB:B7:C7:51:63:0E:83
Certificate issuer: /CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Certificate serial: 0195092C2494C5D8F679FF8F82095C828FDC
Authority key identifier: 6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/a7Wcxj8SX1xid5NUAru3x1FjDoM.roa
Signing time: Sat 15 Feb 2025 10:34:02 +0000
ROA not before: Sat 15 Feb 2025 10:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213704
IP address blocks: 185.124.12.0/24 maxlen: 24
185.124.13.0/24 maxlen: 24
185.124.14.0/24 maxlen: 24
2a03:9000:100::/40 maxlen: 40
2a03:9000:300::/40 maxlen: 40
2a03:9000:400::/40 maxlen: 40
Validation: Failed, certificate revoked on Sat 15 Feb 2025 10:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:09:2c:24:94:c5:d8:f6:79:ff:8f:82:09:5c:82:8f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Validity
Not Before: Feb 15 10:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bb59cc63f125f5c6277935402bbb7c751630e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:5f:77:d2:2a:af:a8:ce:54:25:5c:ae:97:2f:
8f:4d:ea:7b:42:40:d0:e3:2e:77:17:47:af:97:f9:
90:dc:64:9a:53:f8:f3:62:fc:f0:14:82:06:91:bf:
6f:34:e4:11:bb:9c:3a:f8:07:b4:d0:5c:a2:5b:5e:
1e:8d:c2:cc:97:3d:32:1b:04:be:45:38:41:eb:f6:
68:5b:59:f2:5c:ad:44:38:86:e4:d8:c5:24:63:4d:
c4:71:1c:5d:71:4c:cd:1d:94:74:23:8a:ef:c4:37:
95:e9:6d:9a:dd:7b:85:8b:78:57:56:fa:fb:ad:4b:
b9:92:b4:7a:38:0a:c2:14:3e:1f:7e:ef:63:6e:dc:
c8:e6:79:08:01:61:5a:2b:d3:c5:6d:8e:bf:77:e2:
07:e5:b0:1d:84:bf:e9:8c:f6:26:b6:6d:37:87:c8:
38:6d:0e:04:3f:88:83:64:47:89:ac:df:c8:3f:64:
ef:8e:93:9c:35:73:5a:24:e9:f2:6c:8c:b6:04:7b:
0c:97:af:43:bc:f9:bf:20:0f:41:e0:00:ca:87:44:
15:90:db:f7:66:08:b0:db:e3:a0:3c:60:66:5d:7e:
ce:24:5a:f1:71:a8:68:47:ef:37:79:8a:2a:3c:fe:
76:ab:f3:ff:46:5e:ef:c7:8e:f9:7f:c8:97:b9:ac:
9c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B5:9C:C6:3F:12:5F:5C:62:77:93:54:02:BB:B7:C7:51:63:0E:83
X509v3 Authority Key Identifier:
keyid:6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/a7Wcxj8SX1xid5NUAru3x1FjDoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.12.0-185.124.14.255
IPv6:
2a03:9000:100::/40
2a03:9000:300::-2a03:9000:4ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:75:a6:b4:fa:f1:6b:8b:e7:d8:b5:d9:ba:c2:bf:6d:b3:9a:
c5:5b:92:4e:d7:f7:5f:c8:61:3e:40:a3:35:5f:74:4c:3c:bc:
09:5b:75:df:06:6d:8a:4e:b2:7b:c4:64:79:10:cd:0a:41:ec:
7b:b9:c6:7b:5a:6c:5c:5f:35:b5:56:47:47:c8:0a:7c:23:33:
62:1a:c6:19:60:bc:b2:4f:65:53:b8:02:86:28:f5:3f:40:52:
d9:98:d5:c6:bf:ed:e4:ff:2d:86:19:db:bd:7a:69:14:00:8a:
ac:ae:99:4c:98:c2:9e:9c:93:16:80:e6:73:7c:82:aa:be:6a:
af:9a:d4:5f:f0:70:7e:19:dd:a5:8a:a8:ad:d4:1d:03:1c:61:
eb:f5:13:4d:d6:70:81:4f:4c:4c:a0:2f:ce:41:68:02:03:5c:
4b:6b:17:a1:24:e2:71:e0:f6:98:36:64:32:67:3a:71:a6:a0:
82:4e:a3:eb:c7:30:a5:06:f9:63:88:fe:5a:64:8c:bb:7c:51:
f4:85:cd:09:56:1b:9d:4d:53:f7:c8:72:7d:e9:61:cc:fc:66:
66:a2:ed:49:91:b0:06:a9:1d:55:d2:a4:44:30:46:3c:0d:74:
b9:4d:0c:21:bc:c2:11:75:55:48:d0:69:0b:05:09:4f:8d:72:
13:98:e1:da
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZUJLCSUxdj2ef+Pgglcgo/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMWJhNmUxNGQ4M2E4YjE0YjA1MDI2ZTcxMGM4NmM0NmI3
M2MzYTYwHhcNMjUwMjE1MTAzNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmI1OWNjNjNmMTI1ZjVjNjI3NzkzNTQwMmJiYjdjNzUxNjMwZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2F930iqvqM5UJVyuly+PTep7QkDQ
4y53F0evl/mQ3GSaU/jzYvzwFIIGkb9vNOQRu5w6+Ae00FyiW14ejcLMlz0yGwS+
RThB6/ZoW1nyXK1EOIbk2MUkY03EcRxdcUzNHZR0I4rvxDeV6W2a3XuFi3hXVvr7
rUu5krR6OArCFD4ffu9jbtzI5nkIAWFaK9PFbY6/d+IH5bAdhL/pjPYmtm03h8g4
bQ4EP4iDZEeJrN/IP2TvjpOcNXNaJOnybIy2BHsMl69DvPm/IA9B4ADKh0QVkNv3
Zgiw2+OgPGBmXX7OJFrxcahoR+83eYoqPP52q/P/Rl7vx475f8iXuaycrwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGu1nMY/El9cYneTVAK7t8dRYw6DMB8GA1UdIwQY
MBaAFG8bpuFNg6ixSwUCbnEMhsRrc8OmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmIt
ZGFlOWZiOGJmMGIxLzEvYTdXY3hqOFNYMXhpZDVOVUFydTN4MUZqRG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmItZGFlOWZiOGJmMGIx
LzEvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAUBAIAATAOMAwDBAK5fAwD
BAC5fA4wIAQCAAIwGgMGACoDkAABMBADBgAqA5AAAwMGACoDkAAEMA0GCSqGSIb3
DQEBCwUAA4IBAQBcdaa0+vFri+fYtdm6wr9ts5rFW5JO1/dfyGE+QKM1X3RMPLwJ
W3XfBm2KTrJ7xGR5EM0KQex7ucZ7WmxcXzW1VkdHyAp8IzNiGsYZYLyyT2VTuAKG
KPU/QFLZmNXGv+3k/y2GGdu9emkUAIqsrplMmMKenJMWgOZzfIKqvmqvmtRf8HB+
Gd2liqit1B0DHGHr9RNN1nCBT0xMoC/OQWgCA1xLaxehJOJx4PaYNmQyZzpxpqCC
TqPrxzClBvljiP5aZIy7fFH0hc0JVhudTVP3yHJ96WHM/GZmou1JkbAGqR1V0qRE
MEY8DXS5TQwhvMIRdVVI0GkLBQlPjXITmOHa
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:25:31 2025 by rpki-client