Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/1-DwiKgQlxol9v-ckIH1uH5I66kE.roa
File: 1-DwiKgQlxol9v-ckIH1uH5I66kE.roa (raw, json)
Hash identifier: 4rG1yFuaD75q2bM6FBkWb++vQCso33efC4O8VHMIh0o=
Subject key identifier: F8:3C:22:2A:04:25:C6:89:7D:BF:E7:24:20:7D:6E:1F:92:3A:EA:41
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 019377F428085ABF02827185AD922A2102C0
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/1-DwiKgQlxol9v-ckIH1uH5I66kE.roa
Signing time: Fri 29 Nov 2024 12:45:09 +0000
ROA not before: Fri 29 Nov 2024 12:45:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 138.124.124.0/24 maxlen: 24
138.124.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Dec 2024 09:58:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:f4:28:08:5a:bf:02:82:71:85:ad:92:2a:21:02:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Nov 29 12:45:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f83c222a0425c6897dbfe724207d6e1f923aea41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6a:46:7a:b8:72:f1:67:8e:7e:e3:44:b5:a6:
1b:b3:85:8c:66:18:ae:8e:94:93:2e:61:a1:f8:e3:
13:a5:f2:86:d4:fb:43:1d:32:a8:63:3a:ae:21:39:
2c:bc:71:75:2a:d9:a5:e9:d1:ad:b1:55:e5:11:00:
e9:8c:0d:c5:8c:a5:45:eb:ae:ee:3b:bd:bc:38:d4:
42:83:08:e2:29:10:6f:27:56:28:2e:b6:7c:1e:ad:
10:6d:05:89:65:39:e0:1e:34:a2:a9:16:6b:07:54:
38:d8:8e:89:1d:37:28:83:ac:ec:17:4a:1e:c0:2a:
27:79:c3:97:de:c4:72:d8:0a:ba:e0:2b:2c:34:a7:
10:da:b4:28:b9:dd:bc:c0:52:e1:83:8f:dd:89:90:
ec:44:cc:ad:fa:e8:1d:de:17:f4:f5:54:06:03:c5:
eb:2f:09:3a:bf:dc:e0:6a:3e:6a:6e:1a:2b:42:82:
6f:ac:00:11:9c:c7:a5:3d:c6:e0:ad:58:ac:80:e0:
58:1f:a2:0d:1d:90:65:2d:c9:e0:fc:dd:3d:88:48:
32:fb:7a:86:36:e3:8d:52:c9:fa:32:25:c8:84:2b:
20:ea:6c:1e:7f:78:a1:f1:94:12:28:3e:08:31:e2:
27:88:93:6e:c3:31:23:07:9b:80:7a:4f:3c:90:98:
0c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:3C:22:2A:04:25:C6:89:7D:BF:E7:24:20:7D:6E:1F:92:3A:EA:41
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/1-DwiKgQlxol9v-ckIH1uH5I66kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.124.0/24
138.124.127.0/24
Signature Algorithm: sha256WithRSAEncryption
17:33:09:86:43:41:a9:29:70:62:b3:83:00:e9:f4:6d:ac:9b:
f6:dd:17:6f:12:78:5c:05:64:41:7f:27:c4:9c:d6:34:db:a9:
f0:3a:aa:b7:98:1c:38:00:8f:54:8c:c5:07:a4:be:33:9c:5b:
95:ac:17:df:f8:75:e2:ef:af:9f:d9:b2:5a:04:87:35:09:87:
fd:e8:83:cd:f6:34:1c:14:fe:f9:c9:55:b3:64:77:38:e4:c1:
b2:c8:70:46:82:2f:96:54:77:9b:af:6c:3b:05:02:3c:78:ea:
26:49:b9:2a:43:09:fd:43:e3:47:0b:b9:7c:0b:4b:ab:de:16:
38:b8:70:dc:c1:c3:1d:8d:79:48:fb:d0:e4:aa:6f:03:30:70:
fd:23:31:ca:c8:53:4c:f0:c7:d1:e2:f2:e6:be:5a:9a:cf:74:
84:de:af:ab:0d:51:dc:9d:a8:df:7f:67:5c:ae:5f:8b:ad:b1:
21:ec:29:c2:07:0c:cc:8d:09:8b:7c:20:85:e4:a3:bf:24:1b:
78:cd:62:d4:23:44:9c:77:d4:1b:10:a6:be:31:14:22:1d:65:
91:21:ed:ac:b3:5a:fb:22:c0:5c:0c:61:3b:35:8f:47:6e:d7:
b0:1e:7c:f5:12:a7:f2:2a:2a:cf:32:c7:1c:13:3e:a1:4e:f9:
75:9f:67:d6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZN39CgIWr8CgnGFrZIqIQLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjQxMTI5MTI0NTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODNjMjIyYTA0MjVjNjg5N2RiZmU3MjQyMDdkNmUxZjkyM2FlYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GpGerhy8WeOfuNEtaYbs4WMZhiu
jpSTLmGh+OMTpfKG1PtDHTKoYzquITksvHF1Ktml6dGtsVXlEQDpjA3FjKVF667u
O728ONRCgwjiKRBvJ1YoLrZ8Hq0QbQWJZTngHjSiqRZrB1Q42I6JHTcog6zsF0oe
wConecOX3sRy2Aq64CssNKcQ2rQoud28wFLhg4/diZDsRMyt+ugd3hf09VQGA8Xr
Lwk6v9zgaj5qbhorQoJvrAARnMelPcbgrVisgOBYH6INHZBlLcng/N09iEgy+3qG
NuONUsn6MiXIhCsg6mwef3ih8ZQSKD4IMeIniJNuwzEjB5uAek88kJgMBwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPg8IioEJcaJfb/nJCB9bh+SOupBMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvMS1Ed2lLZ1FseG9sOXYtY2tJSDF1SDVJNjZrRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWYvYjk4ODRiLTZmYzUtNGIzZS1iMWU4LWUwMWU5NDEyNDY3
NC8xLzJvOEY0NFExRjg4SmNjS19uTjNkMWljWDVTdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAIp8fAME
AIp8fzANBgkqhkiG9w0BAQsFAAOCAQEAFzMJhkNBqSlwYrODAOn0bayb9t0XbxJ4
XAVkQX8nxJzWNNup8Dqqt5gcOACPVIzFB6S+M5xblawX3/h14u+vn9myWgSHNQmH
/eiDzfY0HBT++clVs2R3OOTBsshwRoIvllR3m69sOwUCPHjqJkm5KkMJ/UPjRwu5
fAtLq94WOLhw3MHDHY15SPvQ5KpvAzBw/SMxyshTTPDH0eLy5r5ams90hN6vqw1R
3J2o339nXK5fi62xIewpwgcMzI0Ji3wgheSjvyQbeM1i1CNEnHfUGxCmvjEUIh1l
kSHtrLNa+yLAXAxhOzWPR27XsB589RKn8ioqzzLHHBM+oU75dZ9n1g==
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:46:24 2025 by rpki-client