Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/duEtrhJRtVAAzxumQpxYDM2wcDI.roa
File: duEtrhJRtVAAzxumQpxYDM2wcDI.roa (raw, json)
Hash identifier: c8cxF/3pupCJDEFm6Xpbki3NdkyseP9jwhuS0Vyet7Y=
Subject key identifier: 76:E1:2D:AE:12:51:B5:50:00:CF:1B:A6:42:9C:58:0C:CD:B0:70:32
Certificate issuer: /CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Certificate serial: 0191C1CBC4B9C7A5E13C4EF0FA978A225F60
Authority key identifier: 6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/duEtrhJRtVAAzxumQpxYDM2wcDI.roa
Signing time: Thu 05 Sep 2024 10:47:22 +0000
ROA not before: Thu 05 Sep 2024 10:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204908
IP address blocks: 185.124.12.0/24 maxlen: 24
185.124.13.0/24 maxlen: 24
185.236.28.0/22 maxlen: 22
2a03:9000:300::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 01 Nov 2024 10:25:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:cb:c4:b9:c7:a5:e1:3c:4e:f0:fa:97:8a:22:5f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Validity
Not Before: Sep 5 10:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76e12dae1251b55000cf1ba6429c580ccdb07032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c2:42:08:aa:57:ba:6f:5a:be:9a:a3:f0:bb:
38:bd:bc:66:fe:e2:cb:87:2d:0e:77:72:52:a2:26:
55:c3:6f:42:05:d0:81:47:1b:b4:8a:4d:aa:5b:a9:
ff:49:e0:c0:62:f1:35:5e:2f:4a:38:a7:a1:4f:43:
a6:89:30:90:69:19:a6:c7:1a:74:60:dd:e6:4e:37:
37:e8:99:30:a6:24:ec:64:b8:7d:35:56:bd:79:0b:
68:80:d5:63:82:32:e3:46:e2:52:4b:7b:a3:69:23:
01:c3:2f:dd:50:8f:f8:65:7c:9a:e7:e9:2a:85:31:
33:ee:07:d3:dc:09:8e:85:75:3b:96:aa:64:8f:60:
96:6a:d6:07:1e:36:31:36:1a:d6:09:94:28:53:90:
dc:2f:89:68:95:2d:f3:41:03:82:e2:73:d1:8e:00:
88:f1:82:9d:b4:c8:51:93:27:47:72:52:aa:51:c4:
56:22:a6:cd:7c:df:24:ee:40:a2:62:f2:b4:69:f0:
a9:45:3b:7b:61:e8:5b:dc:b9:ca:89:f5:d3:a8:e0:
07:5b:00:29:13:80:5c:f2:bf:e6:0f:dd:83:af:46:
0a:19:af:29:a9:1e:8a:db:4e:a3:68:59:af:ca:65:
24:c3:c6:ca:1d:7b:32:23:9b:ad:5b:90:b5:4c:fa:
59:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E1:2D:AE:12:51:B5:50:00:CF:1B:A6:42:9C:58:0C:CD:B0:70:32
X509v3 Authority Key Identifier:
keyid:6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/duEtrhJRtVAAzxumQpxYDM2wcDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.12.0/23
185.236.28.0/22
IPv6:
2a03:9000:300::/40
Signature Algorithm: sha256WithRSAEncryption
78:89:28:c7:44:1c:c8:ed:0f:d3:e1:b9:bc:99:20:8c:dc:ae:
38:b6:3c:40:70:a1:0d:f2:2b:01:52:8d:a0:a2:ef:a6:f4:e5:
63:3f:6a:a1:68:e0:61:81:b2:9a:aa:2a:9d:b9:26:f1:19:28:
ae:e0:9a:50:50:cc:e8:5e:04:6b:6f:cd:c6:f0:0f:88:0b:04:
4e:68:08:58:b6:2a:b5:41:a0:01:a0:40:47:93:0f:e4:8a:75:
e8:6a:6a:38:95:23:16:1b:64:99:9e:8e:05:db:d5:f2:a9:6b:
64:12:5d:34:aa:90:7c:d7:8c:ee:ee:83:54:9d:6e:67:31:01:
23:75:38:d6:4d:e4:01:2c:79:11:f9:6f:9e:d7:8b:0f:fb:1a:
4d:5c:f1:26:4d:23:8f:fd:8d:40:7e:63:fc:87:7c:ab:44:26:
49:e9:12:16:c2:85:7e:62:18:fb:f7:31:a2:2b:41:12:9b:02:
4c:db:31:95:35:b0:ed:1e:12:a3:ad:25:5f:92:ea:ca:d4:b7:
12:1b:84:d8:92:7b:d5:f0:c7:dc:2e:ec:08:ae:7b:a8:74:b3:
9b:93:29:3d:d4:eb:02:9a:fc:5f:ee:65:1a:e5:ec:63:ca:7d:
50:47:84:34:88:97:5d:61:f9:e1:1e:b2:07:39:3a:f2:0c:5a:
2c:8c:95:50
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZHBy8S5x6XhPE7w+peKIl9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMWJhNmUxNGQ4M2E4YjE0YjA1MDI2ZTcxMGM4NmM0NmI3
M2MzYTYwHhcNMjQwOTA1MTA0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmUxMmRhZTEyNTFiNTUwMDBjZjFiYTY0MjljNTgwY2NkYjA3MDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcJCCKpXum9avpqj8Ls4vbxm/uLL
hy0Od3JSoiZVw29CBdCBRxu0ik2qW6n/SeDAYvE1Xi9KOKehT0OmiTCQaRmmxxp0
YN3mTjc36JkwpiTsZLh9NVa9eQtogNVjgjLjRuJSS3ujaSMBwy/dUI/4ZXya5+kq
hTEz7gfT3AmOhXU7lqpkj2CWatYHHjYxNhrWCZQoU5DcL4lolS3zQQOC4nPRjgCI
8YKdtMhRkydHclKqUcRWIqbNfN8k7kCiYvK0afCpRTt7Yehb3LnKifXTqOAHWwAp
E4Bc8r/mD92Dr0YKGa8pqR6K206jaFmvymUkw8bKHXsyI5utW5C1TPpZhQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHbhLa4SUbVQAM8bpkKcWAzNsHAyMB8GA1UdIwQY
MBaAFG8bpuFNg6ixSwUCbnEMhsRrc8OmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmIt
ZGFlOWZiOGJmMGIxLzEvZHVFdHJoSlJ0VkFBenh1bVFweFlETTJ3Y0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmItZGFlOWZiOGJmMGIx
LzEvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQBuXwMAwQC
uewcMA4EAgACMAgDBgAqA5AAAzANBgkqhkiG9w0BAQsFAAOCAQEAeIkox0QcyO0P
0+G5vJkgjNyuOLY8QHChDfIrAVKNoKLvpvTlYz9qoWjgYYGymqoqnbkm8RkoruCa
UFDM6F4Ea2/NxvAPiAsETmgIWLYqtUGgAaBAR5MP5Ip16GpqOJUjFhtkmZ6OBdvV
8qlrZBJdNKqQfNeM7u6DVJ1uZzEBI3U41k3kASx5EflvnteLD/saTVzxJk0jj/2N
QH5j/Id8q0QmSekSFsKFfmIY+/cxoitBEpsCTNsxlTWw7R4So60lX5LqytS3EhuE
2JJ71fDH3C7sCK57qHSzm5MpPdTrApr8X+5lGuXsY8p9UEeENIiXXWH54R6yBzk6
8gxaLIyVUA==
-----END CERTIFICATE-----
Generated at Fri Nov 1 13:22:30 2024 by rpki-client on console-ams.rpki-client.org