Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/uqHONtj1DHKPoXFAdqTrvYGFCTQ.roa
File: uqHONtj1DHKPoXFAdqTrvYGFCTQ.roa (raw, json)
Hash identifier: u9V7tghR1LaqBmgOjsQLFrF7KJpi8tJC+bUVu5VgoNc=
Subject key identifier: BA:A1:CE:36:D8:F5:0C:72:8F:A1:71:40:76:A4:EB:BD:81:85:09:34
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 0193965011B4923AB1D3EFEF60A25471B680
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/uqHONtj1DHKPoXFAdqTrvYGFCTQ.roa
Signing time: Thu 05 Dec 2024 10:14:09 +0000
ROA not before: Thu 05 Dec 2024 10:14:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 138.124.18.0/24 maxlen: 24
138.124.24.0/24 maxlen: 24
138.124.25.0/24 maxlen: 24
138.124.26.0/24 maxlen: 24
138.124.29.0/24 maxlen: 24
138.124.34.0/24 maxlen: 24
138.124.35.0/24 maxlen: 24
138.124.49.0/24 maxlen: 24
138.124.50.0/24 maxlen: 24
138.124.51.0/24 maxlen: 24
138.124.52.0/24 maxlen: 24
138.124.53.0/24 maxlen: 24
138.124.54.0/24 maxlen: 24
138.124.55.0/24 maxlen: 24
138.124.58.0/24 maxlen: 24
138.124.59.0/24 maxlen: 24
138.124.60.0/24 maxlen: 24
138.124.61.0/24 maxlen: 24
138.124.78.0/24 maxlen: 24
138.124.89.0/24 maxlen: 24
138.124.90.0/24 maxlen: 24
138.124.91.0/24 maxlen: 24
138.124.92.0/24 maxlen: 24
138.124.93.0/24 maxlen: 24
138.124.99.0/24 maxlen: 24
138.124.101.0/24 maxlen: 24
138.124.102.0/24 maxlen: 24
138.124.103.0/24 maxlen: 24
138.124.109.0/24 maxlen: 24
138.124.110.0/24 maxlen: 24
138.124.112.0/24 maxlen: 24
138.124.113.0/24 maxlen: 24
138.124.114.0/24 maxlen: 24
138.124.115.0/24 maxlen: 24
138.124.116.0/24 maxlen: 24
138.124.117.0/24 maxlen: 24
138.124.118.0/24 maxlen: 24
138.124.119.0/24 maxlen: 24
138.124.123.0/24 maxlen: 24
138.124.124.0/24 maxlen: 24
138.124.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:50:11:b4:92:3a:b1:d3:ef:ef:60:a2:54:71:b6:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Dec 5 10:14:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=baa1ce36d8f50c728fa1714076a4ebbd81850934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1a:fb:b6:1b:b7:01:ef:a4:a2:e0:d8:57:16:
68:6c:38:38:50:db:bb:e0:ae:7f:b0:4a:a2:b0:92:
4b:1f:55:9e:2a:8d:32:4f:9b:81:e3:ce:43:d7:12:
2f:aa:0d:e5:f9:57:1b:5e:c5:ec:fd:ff:6e:80:4c:
89:d6:f6:fb:07:02:24:5d:e8:28:2b:84:15:f7:6d:
d8:57:de:25:ea:d0:e9:b2:58:4d:56:5f:99:8b:91:
9c:41:ed:2e:83:87:5c:3f:99:8d:f3:d4:f9:f0:45:
f3:36:4d:14:ba:48:f3:ed:74:74:58:e3:02:45:a8:
f2:8b:51:ee:f2:b8:9c:f9:62:ef:ba:06:0a:a0:cb:
3f:28:e9:1d:05:9f:41:ee:30:1e:55:60:58:36:54:
40:a6:6b:e1:4f:2d:19:b1:73:c9:2d:08:2c:7d:0d:
7b:5b:69:49:2b:3b:42:29:03:9d:05:d0:04:67:a4:
69:de:38:a0:f8:13:1c:32:b9:a5:01:bb:bf:a4:a6:
8c:7d:26:1c:31:7e:09:8d:33:ab:30:58:80:8e:47:
15:78:50:ba:04:dc:41:3b:11:5b:0e:72:67:69:fa:
d0:b8:8f:2b:d9:d2:e8:64:62:84:08:c7:12:c1:53:
0a:d2:fc:fa:f9:e3:a4:c0:c1:19:be:2c:df:6a:04:
0b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A1:CE:36:D8:F5:0C:72:8F:A1:71:40:76:A4:EB:BD:81:85:09:34
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/uqHONtj1DHKPoXFAdqTrvYGFCTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.18.0/24
138.124.24.0-138.124.26.255
138.124.29.0/24
138.124.34.0/23
138.124.49.0-138.124.55.255
138.124.58.0-138.124.61.255
138.124.78.0/24
138.124.89.0-138.124.93.255
138.124.99.0/24
138.124.101.0-138.124.103.255
138.124.109.0-138.124.110.255
138.124.112.0/21
138.124.123.0-138.124.124.255
138.124.127.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:fd:18:35:9b:c4:4a:bd:fa:ab:b9:40:e7:84:7a:46:44:63:
4b:a0:04:c6:57:fe:bd:63:ea:a9:31:47:39:c0:a8:a6:2c:e8:
f1:8b:55:4d:8f:f1:55:23:a4:de:b1:9e:5c:c1:9a:6c:54:d1:
fd:d9:de:df:ea:6e:50:5e:92:68:e1:dc:be:bf:49:bb:c0:d2:
d6:15:0c:bc:4e:00:c7:84:61:f8:8d:a7:8a:63:84:d4:56:c2:
93:9e:76:63:45:f6:18:cc:1d:9a:35:33:e3:c3:c4:3a:91:e9:
c6:f9:67:f8:8d:5b:9a:cd:c5:cd:a3:c3:a8:9e:0b:f1:c2:b3:
a4:21:2a:79:28:2a:83:95:d8:af:20:2a:18:ad:4d:b1:de:7a:
41:59:b1:bf:05:11:d4:00:26:03:ea:af:37:b1:f0:db:88:ed:
3e:13:b6:07:bb:bc:94:ed:71:4f:bd:6f:e3:f7:00:08:09:9f:
d3:66:47:f6:1c:5b:96:45:8e:48:16:58:70:05:21:67:e1:cf:
a2:cf:b6:69:11:33:8d:46:2c:12:3d:ed:cc:a2:cc:89:fd:65:
33:48:58:62:25:84:2f:83:61:cb:f4:07:f7:bb:e6:09:85:94:
e1:25:81:3e:bd:4f:0b:26:2a:d2:57:30:42:94:69:e2:e1:26:
54:52:89:d5
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZOWUBG0kjqx0+/vYKJUcbaAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjQxMjA1MTAxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWExY2UzNmQ4ZjUwYzcyOGZhMTcxNDA3NmE0ZWJiZDgxODUwOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhr7thu3Ae+kouDYVxZobDg4UNu7
4K5/sEqisJJLH1WeKo0yT5uB485D1xIvqg3l+VcbXsXs/f9ugEyJ1vb7BwIkXego
K4QV923YV94l6tDpslhNVl+Zi5GcQe0ug4dcP5mN89T58EXzNk0Uukjz7XR0WOMC
Rajyi1Hu8ric+WLvugYKoMs/KOkdBZ9B7jAeVWBYNlRApmvhTy0ZsXPJLQgsfQ17
W2lJKztCKQOdBdAEZ6Rp3jig+BMcMrmlAbu/pKaMfSYcMX4JjTOrMFiAjkcVeFC6
BNxBOxFbDnJnafrQuI8r2dLoZGKECMcSwVMK0vz6+eOkwMEZvizfagQL4wIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFLqhzjbY9Qxyj6FxQHak672BhQk0MB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvdXFIT050ajFESEtQb1hGQWRxVHJ2WUdGQ1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBACK
fBIwDAMEA4p8GAMEAIp8GgMEAIp8HQMEAYp8IjAMAwQAinwxAwQDinwwMAwDBAGK
fDoDBAGKfDwDBACKfE4wDAMEAIp8WQMEAYp8XAMEAIp8YzAMAwQAinxlAwQDinxg
MAwDBACKfG0DBACKfG4DBAOKfHAwDAMEAIp8ewMEAIp8fAMEAIp8fzANBgkqhkiG
9w0BAQsFAAOCAQEAuP0YNZvESr36q7lA54R6RkRjS6AExlf+vWPqqTFHOcCopizo
8YtVTY/xVSOk3rGeXMGabFTR/dne3+puUF6SaOHcvr9Ju8DS1hUMvE4Ax4Rh+I2n
imOE1FbCk552Y0X2GMwdmjUz48PEOpHpxvln+I1bms3FzaPDqJ4L8cKzpCEqeSgq
g5XYryAqGK1Nsd56QVmxvwUR1AAmA+qvN7Hw24jtPhO2B7u8lO1xT71v4/cACAmf
02ZH9hxblkWOSBZYcAUhZ+HPos+2aREzjUYsEj3tzKLMif1lM0hYYiWEL4Nhy/QH
97vmCYWU4SWBPr1PCyYq0lcwQpRp4uEmVFKJ1Q==
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:53:52 2025 by rpki-client