Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/gBlmGryzEipe5uuL_W_5ZgZp6lo.roa
File: gBlmGryzEipe5uuL_W_5ZgZp6lo.roa (raw, json)
Hash identifier: W5pZJoYON4EQUKjmnpycYg6LlYE57wiKq1TDtZSSa/w=
Subject key identifier: 80:19:66:1A:BC:B3:12:2A:5E:E6:EB:8B:FD:6F:F9:66:06:69:EA:5A
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 019387EA27F4DF298E4091FA04E3C1E79FE3
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/gBlmGryzEipe5uuL_W_5ZgZp6lo.roa
Signing time: Mon 02 Dec 2024 15:08:10 +0000
ROA not before: Mon 02 Dec 2024 15:08:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 138.124.245.0/24 maxlen: 24
138.124.246.0/24 maxlen: 24
138.124.247.0/24 maxlen: 24
138.124.248.0/24 maxlen: 24
138.124.249.0/24 maxlen: 24
138.124.250.0/24 maxlen: 24
138.124.251.0/24 maxlen: 24
138.124.252.0/24 maxlen: 24
138.124.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Dec 2024 09:55:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:87:ea:27:f4:df:29:8e:40:91:fa:04:e3:c1:e7:9f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Dec 2 15:08:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8019661abcb3122a5ee6eb8bfd6ff9660669ea5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:63:6e:73:4b:e3:a5:4d:f6:48:7e:d6:14:b1:
31:25:6e:2a:39:c0:2b:6b:c4:95:00:0b:25:a3:8b:
90:ed:b2:96:83:98:bb:49:78:cc:2f:ca:5f:a6:c2:
81:40:5d:b1:f4:14:0d:80:d5:e2:96:27:c1:31:73:
35:b1:1c:52:68:eb:82:f6:38:42:8e:19:1d:49:75:
36:62:fe:57:bf:4b:90:33:5d:c8:dc:2c:7f:d7:64:
aa:b5:76:5d:ec:a9:59:aa:13:1c:98:13:22:88:4a:
3e:ec:23:a5:2b:58:a9:7e:f6:70:d4:cf:bf:82:0a:
11:e3:a7:e3:82:5d:3e:ee:7b:4a:43:9d:58:90:aa:
5c:96:0a:07:7e:70:fd:a5:af:d5:4a:da:82:15:77:
10:a9:b8:28:df:ba:09:c3:99:1c:22:d3:ea:05:85:
62:94:d8:94:d6:1a:3b:4b:43:5e:be:a9:e3:8b:06:
e6:17:da:52:60:e9:d7:0b:e2:36:45:df:10:46:e6:
bf:6e:61:99:82:e9:d8:45:13:b6:34:1b:00:93:e3:
c0:23:98:c6:a7:10:fc:dc:25:e9:fc:c8:55:7d:b4:
48:40:91:8f:3b:d8:a0:5c:6d:fa:25:1a:64:d0:2f:
35:73:2a:20:c7:d1:16:91:12:a8:38:a1:ad:61:04:
ad:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:19:66:1A:BC:B3:12:2A:5E:E6:EB:8B:FD:6F:F9:66:06:69:EA:5A
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/gBlmGryzEipe5uuL_W_5ZgZp6lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.245.0-138.124.253.255
Signature Algorithm: sha256WithRSAEncryption
a6:11:20:c0:98:76:dd:ed:3a:81:65:42:5a:a7:a5:8f:0e:7b:
86:d9:65:0c:1e:24:55:d4:5b:a2:19:fc:60:26:2b:b4:7f:0f:
be:86:05:15:f6:99:88:c2:e3:cb:91:85:98:94:b8:37:92:5d:
9b:3a:c1:97:dc:f0:82:c0:e2:d4:a8:1a:6d:2d:b5:42:8d:cc:
e4:a5:1e:4e:e7:9a:b4:0e:bc:96:ec:57:d8:5a:36:40:9c:2a:
5f:47:fb:7c:68:35:0c:51:6c:7a:47:5d:d7:f1:db:5d:4c:26:
77:80:c4:43:f7:4d:4f:72:24:00:18:a6:95:0b:42:26:34:4c:
76:5b:de:82:53:93:71:6b:60:8b:45:9b:20:95:b8:93:33:c7:
76:a8:f9:a6:be:14:0c:22:77:b6:a9:08:43:03:56:5b:d9:6e:
e5:e9:b5:f7:9b:0b:cf:37:6e:53:49:8f:d6:77:25:08:0b:7c:
f1:8e:5b:06:b6:75:b3:3a:ea:07:97:4a:11:d5:c5:59:68:a7:
6e:86:42:5d:4e:b4:d6:ad:4b:44:31:71:3e:4a:02:bd:7a:9b:
b4:4a:53:ad:33:b7:fc:e1:a2:93:2f:e8:c1:53:ca:a2:1d:70:
5d:26:da:31:9c:b4:c7:eb:75:68:d4:c4:53:a5:a5:67:13:95:
7d:53:13:7d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZOH6if03ymOQJH6BOPB55/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjQxMjAyMTUwODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDE5NjYxYWJjYjMxMjJhNWVlNmViOGJmZDZmZjk2NjA2NjllYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2Nuc0vjpU32SH7WFLExJW4qOcAr
a8SVAAslo4uQ7bKWg5i7SXjML8pfpsKBQF2x9BQNgNXilifBMXM1sRxSaOuC9jhC
jhkdSXU2Yv5Xv0uQM13I3Cx/12SqtXZd7KlZqhMcmBMiiEo+7COlK1ipfvZw1M+/
ggoR46fjgl0+7ntKQ51YkKpclgoHfnD9pa/VStqCFXcQqbgo37oJw5kcItPqBYVi
lNiU1ho7S0NevqnjiwbmF9pSYOnXC+I2Rd8QRua/bmGZgunYRRO2NBsAk+PAI5jG
pxD83CXp/MhVfbRIQJGPO9igXG36JRpk0C81cyogx9EWkRKoOKGtYQStcQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIAZZhq8sxIqXubri/1v+WYGaepaMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvZ0JsbUdyeXpFaXBlNXV1TF9XXzVaZ1pwNmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACKfPUD
BAGKfPwwDQYJKoZIhvcNAQELBQADggEBAKYRIMCYdt3tOoFlQlqnpY8Oe4bZZQwe
JFXUW6IZ/GAmK7R/D76GBRX2mYjC48uRhZiUuDeSXZs6wZfc8ILA4tSoGm0ttUKN
zOSlHk7nmrQOvJbsV9haNkCcKl9H+3xoNQxRbHpHXdfx211MJneAxEP3TU9yJAAY
ppULQiY0THZb3oJTk3FrYItFmyCVuJMzx3ao+aa+FAwid7apCEMDVlvZbuXptfeb
C883blNJj9Z3JQgLfPGOWwa2dbM66geXShHVxVlop26GQl1OtNatS0QxcT5KAr16
m7RKU60zt/zhopMv6MFTyqIdcF0m2jGctMfrdWjUxFOlpWcTlX1TE30=
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:52:53 2025 by rpki-client