Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/jHITfoZmLXUwLdsMRO2W3XYhc1I.roa
File: jHITfoZmLXUwLdsMRO2W3XYhc1I.roa (raw, json)
Hash identifier: +URAlDvCyBa3UuC3klG16wUc0qMXsRqboNXiDDl0XR8=
Subject key identifier: 8C:72:13:7E:86:66:2D:75:30:2D:DB:0C:44:ED:96:DD:76:21:73:52
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 0193A14C2724F16C2CB5233BDA64E25B8A88
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/jHITfoZmLXUwLdsMRO2W3XYhc1I.roa
Signing time: Sat 07 Dec 2024 13:25:42 +0000
ROA not before: Sat 07 Dec 2024 13:25:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39238
IP address blocks: 138.124.185.0/24 maxlen: 24
138.124.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a1:4c:27:24:f1:6c:2c:b5:23:3b:da:64:e2:5b:8a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Dec 7 13:25:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c72137e86662d75302ddb0c44ed96dd76217352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a4:b9:90:57:14:94:eb:ab:b2:e3:e5:c6:8d:
fa:1a:5a:66:f2:37:5e:89:81:a0:e1:29:27:8a:06:
6a:a5:98:8f:5f:29:4c:25:1d:f4:dd:aa:49:71:cf:
7f:a3:01:b7:90:4b:97:e3:61:7f:8d:d0:d7:ce:df:
a7:46:81:d3:71:7a:ba:ba:0c:f4:75:a5:46:ac:7b:
6a:b6:6f:5c:fb:c8:a7:40:4c:99:29:bf:5f:29:fd:
fa:42:88:26:93:ad:8a:52:40:56:2d:43:fb:a8:cf:
51:13:3f:c5:ce:f3:24:78:dc:38:9e:fb:f3:c7:e0:
bc:43:2f:29:78:fc:96:a2:19:6b:32:24:ce:54:d9:
b0:ab:60:36:e4:d4:0f:65:c0:bd:55:e1:4e:8a:5a:
1b:e1:1f:b0:16:f3:dc:9d:32:27:80:54:f0:de:fa:
c7:80:ae:d4:5a:2b:11:24:67:a1:2f:09:d3:b2:99:
8b:bb:9d:9b:7d:41:77:8c:bc:16:1f:de:c6:22:eb:
45:bd:da:27:cf:aa:3d:ca:0e:73:30:2f:fc:3c:f7:
51:ec:6b:f2:dd:29:c5:d5:a0:c6:a1:57:23:64:df:
4d:31:21:71:6c:6a:ca:e7:6f:8f:df:d5:31:3a:10:
9d:7d:1a:cb:db:c0:2d:f7:26:cb:eb:1b:f5:3a:2a:
7b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:72:13:7E:86:66:2D:75:30:2D:DB:0C:44:ED:96:DD:76:21:73:52
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/jHITfoZmLXUwLdsMRO2W3XYhc1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.185.0-138.124.186.255
Signature Algorithm: sha256WithRSAEncryption
36:85:4f:36:ed:a6:2f:65:9a:83:dc:c8:8b:27:72:d0:21:35:
66:f0:2a:49:8e:7e:7f:c9:64:ec:cb:a2:ef:02:29:59:06:c8:
00:7d:28:3f:9a:51:73:f0:2e:24:bf:40:b3:fa:f9:f4:1a:c8:
e9:bb:67:0d:ff:89:bb:79:73:17:7b:7f:b5:4b:62:7e:1f:f0:
e0:86:fb:02:b8:34:da:8c:35:22:a2:d6:7a:ef:3c:21:af:0c:
2a:1c:18:db:39:96:5a:1f:68:1e:f2:1f:3d:58:12:84:45:6d:
dd:33:ac:a9:67:98:7e:7f:6a:02:83:ae:d5:de:1a:3e:ed:bd:
78:e4:8d:f2:08:e5:77:b6:74:34:4b:2d:37:16:c6:f9:6c:9b:
63:40:e3:c6:3a:3a:66:59:b8:28:99:89:44:22:4b:95:c3:1f:
e5:19:05:ef:da:b2:c9:6d:dd:21:d4:f7:f8:91:67:6b:88:76:
11:6b:c1:26:a8:84:1c:36:1c:0b:4a:19:b2:b6:55:6b:fc:30:
b5:29:c3:91:eb:0d:93:d8:2c:73:9c:64:4b:b7:6f:10:b7:9a:
ac:2d:2f:1c:cf:fe:6b:53:54:bd:a3:32:41:10:a9:a9:ff:f9:
31:55:70:9c:e9:0d:36:51:35:a3:34:2b:2c:b5:5b:72:26:fb:
7b:48:33:68
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZOhTCck8WwstSM72mTiW4qIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQxMjA3MTMyNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzcyMTM3ZTg2NjYyZDc1MzAyZGRiMGM0NGVkOTZkZDc2MjE3MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqS5kFcUlOursuPlxo36Glpm8jde
iYGg4SknigZqpZiPXylMJR303apJcc9/owG3kEuX42F/jdDXzt+nRoHTcXq6ugz0
daVGrHtqtm9c+8inQEyZKb9fKf36Qogmk62KUkBWLUP7qM9REz/FzvMkeNw4nvvz
x+C8Qy8pePyWohlrMiTOVNmwq2A25NQPZcC9VeFOilob4R+wFvPcnTIngFTw3vrH
gK7UWisRJGehLwnTspmLu52bfUF3jLwWH97GIutFvdonz6o9yg5zMC/8PPdR7Gvy
3SnF1aDGoVcjZN9NMSFxbGrK52+P39UxOhCdfRrL28At9ybL6xv1Oip71QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIxyE36GZi11MC3bDETtlt12IXNSMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvakhJVGZvWm1MWFV3TGRzTVJPMlczWFloYzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACKfLkD
BACKfLowDQYJKoZIhvcNAQELBQADggEBADaFTzbtpi9lmoPcyIsnctAhNWbwKkmO
fn/JZOzLou8CKVkGyAB9KD+aUXPwLiS/QLP6+fQayOm7Zw3/ibt5cxd7f7VLYn4f
8OCG+wK4NNqMNSKi1nrvPCGvDCocGNs5llofaB7yHz1YEoRFbd0zrKlnmH5/agKD
rtXeGj7tvXjkjfII5Xe2dDRLLTcWxvlsm2NA48Y6OmZZuCiZiUQiS5XDH+UZBe/a
sslt3SHU9/iRZ2uIdhFrwSaohBw2HAtKGbK2VWv8MLUpw5HrDZPYLHOcZEu3bxC3
mqwtLxzP/mtTVL2jMkEQqan/+TFVcJzpDTZRNaM0Kyy1W3Im+3tIM2g=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:25:51 2025 by rpki-client