Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/KsWzHp1eQRfhe-C3TtJEia7B34c.roa
File: KsWzHp1eQRfhe-C3TtJEia7B34c.roa (raw, json)
Hash identifier: yYyhRhAK3B1yH85hE7sQRemnXEpt1vjzVEjpz9i5Lnc=
Subject key identifier: 2A:C5:B3:1E:9D:5E:41:17:E1:7B:E0:B7:4E:D2:44:89:AE:C1:DF:87
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 0193A14C259F37099CD817D203246F8C207C
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/KsWzHp1eQRfhe-C3TtJEia7B34c.roa
Signing time: Sat 07 Dec 2024 13:25:42 +0000
ROA not before: Sat 07 Dec 2024 13:25:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30344
IP address blocks: 138.124.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a1:4c:25:9f:37:09:9c:d8:17:d2:03:24:6f:8c:20:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Dec 7 13:25:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ac5b31e9d5e4117e17be0b74ed24489aec1df87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d0:be:92:c3:bc:cc:6b:aa:5c:ec:26:da:63:
48:ae:25:22:ed:e0:5a:eb:1a:a7:89:54:41:85:19:
54:12:8c:c6:1f:e4:3a:f0:02:bf:52:c3:07:ec:fe:
c5:31:be:37:94:da:e4:f2:2d:d7:a4:f7:c6:2b:da:
75:24:f7:f2:22:d3:14:b2:25:16:52:02:0b:3e:a3:
4b:c7:c4:0f:90:d1:4e:2b:80:8d:96:1b:5a:f0:6b:
15:bd:0d:07:df:f2:09:d3:07:b0:d3:80:d9:f0:c9:
ed:88:70:14:a0:9f:58:81:76:36:19:e0:34:81:65:
87:42:30:42:aa:ac:e7:c9:27:5e:4e:4f:3d:38:d9:
c2:eb:84:8c:24:1f:db:cc:36:5b:6a:99:b7:3c:6f:
9f:18:29:7c:b0:5a:22:98:99:80:a4:69:20:87:a2:
c1:ee:63:49:79:f8:01:f9:25:32:5c:b0:f9:ec:8c:
2f:17:da:cb:c3:7c:9c:a4:f6:38:92:64:f4:b4:d0:
12:5e:4c:df:b6:5f:70:80:b4:6a:24:fb:48:59:ce:
5d:97:8d:c5:1e:54:e9:f0:fe:74:11:ec:22:27:63:
e8:50:7e:35:f4:83:52:6e:8c:d2:c7:00:27:d8:07:
18:8b:31:87:07:84:df:c7:fc:48:d2:ff:9d:76:65:
00:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C5:B3:1E:9D:5E:41:17:E1:7B:E0:B7:4E:D2:44:89:AE:C1:DF:87
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/KsWzHp1eQRfhe-C3TtJEia7B34c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.187.0/24
Signature Algorithm: sha256WithRSAEncryption
e3:1d:33:a8:2a:be:bd:8c:99:9f:d4:d1:4f:23:72:b6:2b:3d:
3f:3c:23:99:c1:39:39:05:ad:d3:ff:fc:60:24:07:47:e1:6d:
f9:1b:0c:6b:63:b0:39:63:6c:b8:7a:f9:ea:56:b4:a0:24:81:
66:dd:80:cd:02:c9:7c:e3:8b:d5:38:eb:69:85:41:77:e1:24:
f3:ea:55:3f:37:2b:d7:00:65:54:6a:07:76:e8:fb:84:c6:42:
13:30:e1:09:3a:ac:92:a0:75:4a:b7:c4:65:89:4f:5f:9b:39:
23:a3:c2:ab:2c:de:d4:00:12:c7:1f:4c:80:90:a1:4b:e5:e6:
1d:1e:d8:da:32:99:cf:7b:ef:01:1b:04:8f:65:07:0c:a2:9f:
6f:02:02:67:23:83:ed:22:5a:a1:0d:0e:b7:f0:55:81:07:1e:
cf:ac:3f:ef:5e:3e:eb:c9:31:8c:b8:a2:b5:b7:6e:1b:20:29:
a5:d2:c6:7b:50:96:97:06:da:cf:48:99:f3:75:5d:c2:1b:8b:
46:29:2e:6d:d7:66:24:63:a7:09:94:02:9d:4e:e5:b6:d7:7d:
ac:87:dc:b6:75:30:e5:b9:95:3c:0d:ef:8d:87:ec:73:a6:95:
7f:54:91:6b:c7:b0:75:4c:84:a5:34:2d:0e:32:8b:4a:fe:5e:
4e:b2:42:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOhTCWfNwmc2BfSAyRvjCB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQxMjA3MTMyNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWM1YjMxZTlkNWU0MTE3ZTE3YmUwYjc0ZWQyNDQ4OWFlYzFkZjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtC+ksO8zGuqXOwm2mNIriUi7eBa
6xqniVRBhRlUEozGH+Q68AK/UsMH7P7FMb43lNrk8i3XpPfGK9p1JPfyItMUsiUW
UgILPqNLx8QPkNFOK4CNlhta8GsVvQ0H3/IJ0wew04DZ8MntiHAUoJ9YgXY2GeA0
gWWHQjBCqqznySdeTk89ONnC64SMJB/bzDZbapm3PG+fGCl8sFoimJmApGkgh6LB
7mNJefgB+SUyXLD57IwvF9rLw3ycpPY4kmT0tNASXkzftl9wgLRqJPtIWc5dl43F
HlTp8P50EewiJ2PoUH419INSbozSxwAn2AcYizGHB4Tfx/xI0v+ddmUA9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrFsx6dXkEX4Xvgt07SRImuwd+HMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvS3NXekhwMWVRUmZoZS1DM1R0SkVpYTdCMzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAiny7MA0G
CSqGSIb3DQEBCwUAA4IBAQDjHTOoKr69jJmf1NFPI3K2Kz0/PCOZwTk5Ba3T//xg
JAdH4W35GwxrY7A5Y2y4evnqVrSgJIFm3YDNAsl844vVOOtphUF34STz6lU/NyvX
AGVUagd26PuExkITMOEJOqySoHVKt8RliU9fmzkjo8KrLN7UABLHH0yAkKFL5eYd
HtjaMpnPe+8BGwSPZQcMop9vAgJnI4PtIlqhDQ638FWBBx7PrD/vXj7ryTGMuKK1
t24bICml0sZ7UJaXBtrPSJnzdV3CG4tGKS5t12YkY6cJlAKdTuW2132sh9y2dTDl
uZU8De+Nh+xzppV/VJFrx7B1TISlNC0OMotK/l5OskIi
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:12:25 2025 by rpki-client