Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/hMK4_NAaJhf_E9Il6mDN69sgpMg.roa
File: hMK4_NAaJhf_E9Il6mDN69sgpMg.roa (raw, json)
Hash identifier: SuM5ugYKQYgQbeUvjy1w9OMHE8c1NmOf7TFCiuswuKk=
Subject key identifier: 84:C2:B8:FC:D0:1A:26:17:FF:13:D2:25:EA:60:CD:EB:DB:20:A4:C8
Certificate issuer: /CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Certificate serial: 018B633DCC619F3B8E921B50D85439FEE428
Authority key identifier: DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/hMK4_NAaJhf_E9Il6mDN69sgpMg.roa
Signing time: Tue 24 Oct 2023 19:51:16 +0000
ROA not before: Tue 24 Oct 2023 19:51:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 138.124.184.0/24 maxlen: 24
138.124.183.0/24 maxlen: 24
138.124.180.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 30 Oct 2023 18:21:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:63:3d:cc:61:9f:3b:8e:92:1b:50:d8:54:39:fe:e4:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Validity
Not Before: Oct 24 19:51:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84c2b8fcd01a2617ff13d225ea60cdebdb20a4c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:54:2f:e3:e3:c6:8b:0c:fd:dc:e6:31:64:cd:
65:50:93:1e:48:71:81:1d:14:3a:da:cd:69:e1:a8:
5e:96:e3:4c:8f:e2:38:52:92:ff:33:5b:bc:bb:65:
be:a3:6f:96:f6:ca:64:68:87:82:fd:c1:77:43:dd:
bd:41:27:35:bd:64:3d:49:9b:f2:9f:d9:ac:15:83:
c1:86:55:48:f6:a8:fb:a3:22:55:28:32:91:7f:1a:
bd:6e:f7:a1:04:b6:77:54:f0:53:63:66:d5:69:b2:
b2:1f:f0:4e:74:f4:5e:af:e6:64:f8:73:23:00:29:
8d:a8:ba:1f:55:5f:5a:12:fb:fc:fa:a0:66:17:10:
7d:28:a2:f2:26:ab:37:f9:e8:c1:6d:b8:f5:4d:83:
e6:1f:5e:84:67:7d:08:ab:ac:07:7f:02:a0:99:b9:
0a:df:ee:cd:34:49:86:8d:11:8e:35:84:f5:98:7a:
11:b3:58:f0:34:15:0a:8f:39:3e:ed:c6:33:2a:38:
73:df:38:c5:56:6c:33:88:0d:db:49:82:44:f6:a3:
58:10:29:7d:39:14:36:f1:ce:85:ec:0f:76:4e:46:
c7:e6:bb:98:5d:8c:da:12:98:a7:8e:ef:95:0e:13:
a0:ed:18:3b:61:9a:ae:9c:a1:df:1b:5b:f3:f4:8e:
9e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C2:B8:FC:D0:1A:26:17:FF:13:D2:25:EA:60:CD:EB:DB:20:A4:C8
X509v3 Authority Key Identifier:
keyid:DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/hMK4_NAaJhf_E9Il6mDN69sgpMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.180.0/24
138.124.183.0-138.124.184.255
Signature Algorithm: sha256WithRSAEncryption
3c:5d:c3:8d:2c:58:34:42:08:e1:9d:60:8a:75:b2:51:63:8f:
3d:89:82:b4:c6:97:d4:64:54:2e:12:89:e3:4c:19:0e:e7:07:
34:7b:d8:75:f7:82:87:2a:72:8a:bd:ed:4a:79:65:e4:f6:be:
4a:2d:41:f7:e2:e3:91:7e:42:29:f3:f0:e5:2a:e2:97:bd:b3:
3a:ea:e7:90:d9:76:94:ac:d7:4c:8e:98:a2:b5:0b:5c:69:ca:
21:41:ca:47:ce:4c:62:8d:3e:aa:10:0f:0c:31:a7:ad:b8:38:
f9:ac:0f:24:63:ee:12:f8:41:6b:7b:76:ca:19:28:ee:36:55:
14:02:2b:e1:97:bc:22:fe:b5:ed:5f:2a:6b:75:49:1a:6f:ea:
25:61:64:b3:78:33:85:d8:95:9e:1e:f1:e3:72:7c:73:6f:42:
31:69:50:f7:f9:54:34:60:61:07:6f:87:0f:12:ab:e2:5b:22:
2b:15:32:3e:37:2c:7e:0b:c4:21:a3:27:55:94:44:57:41:40:
0e:59:5c:a5:cd:98:7e:d3:0f:45:54:16:90:98:07:49:ed:20:
1a:78:b6:2c:9a:4f:ee:b8:70:86:d6:7b:83:f9:9c:a5:1e:94:
5b:61:48:78:f1:e3:fd:2e:da:5d:91:18:48:21:39:9c:de:8d:
a7:38:51:9e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYtjPcxhnzuOkhtQ2FQ5/uQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTJhMWFjODkxMGNmNWM4NjVkZTViMDIzMWIwOWQwNGUx
MTMyZjMwHhcNMjMxMDI0MTk1MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGMyYjhmY2QwMWEyNjE3ZmYxM2QyMjVlYTYwY2RlYmRiMjBhNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVQv4+PGiwz93OYxZM1lUJMeSHGB
HRQ62s1p4aheluNMj+I4UpL/M1u8u2W+o2+W9spkaIeC/cF3Q929QSc1vWQ9SZvy
n9msFYPBhlVI9qj7oyJVKDKRfxq9bvehBLZ3VPBTY2bVabKyH/BOdPRer+Zk+HMj
ACmNqLofVV9aEvv8+qBmFxB9KKLyJqs3+ejBbbj1TYPmH16EZ30Iq6wHfwKgmbkK
3+7NNEmGjRGONYT1mHoRs1jwNBUKjzk+7cYzKjhz3zjFVmwziA3bSYJE9qNYECl9
ORQ28c6F7A92TkbH5ruYXYzaEpinju+VDhOg7Rg7YZqunKHfG1vz9I6e1wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFITCuPzQGiYX/xPSJepgzevbIKTIMB8GA1UdIwQY
MBaAFN6SoayJEM9chl3lsCMbCdBOETLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BLaHJJa1F6MXlHWGVXd0l4c0owRTRSTXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80Mzc3ZDYtNTE1Yy00MjBhLTkxMzQt
NjllMzM3ODg0Y2M5LzEvaE1LNF9OQWFKaGZfRTlJbDZtRE42OXNncE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80Mzc3ZDYtNTE1Yy00MjBhLTkxMzQtNjllMzM3ODg0Y2M5
LzEvM3BLaHJJa1F6MXlHWGVXd0l4c0owRTRSTXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAiny0MAwD
BACKfLcDBACKfLgwDQYJKoZIhvcNAQELBQADggEBADxdw40sWDRCCOGdYIp1slFj
jz2JgrTGl9RkVC4SieNMGQ7nBzR72HX3gocqcoq97Up5ZeT2vkotQffi45F+Qinz
8OUq4pe9szrq55DZdpSs10yOmKK1C1xpyiFBykfOTGKNPqoQDwwxp624OPmsDyRj
7hL4QWt7dsoZKO42VRQCK+GXvCL+te1fKmt1SRpv6iVhZLN4M4XYlZ4e8eNyfHNv
QjFpUPf5VDRgYQdvhw8Sq+JbIisVMj43LH4LxCGjJ1WURFdBQA5ZXKXNmH7TD0VU
FpCYB0ntIBp4tiyaT+64cIbWe4P5nKUelFthSHjx4/0u2l2RGEghOZzejac4UZ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:45 2024 by rpki-client on console-fra.rpki-client.org