Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/G8lmGEMFFV-minzhGC9j32flbmw.roa
File: G8lmGEMFFV-minzhGC9j32flbmw.roa (raw, json)
Hash identifier: GK1RgFVbLbXxvP3phR7e1uht6QWrlUw86zObAzvZBTk=
Subject key identifier: 1B:C9:66:18:43:05:15:5F:A6:8A:7C:E1:18:2F:63:DF:67:E5:6E:6C
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 018DA70299BCB720E6E7F634075AFDFB14A5
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/G8lmGEMFFV-minzhGC9j32flbmw.roa
Signing time: Wed 14 Feb 2024 09:46:21 +0000
ROA not before: Wed 14 Feb 2024 09:46:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205007
IP address blocks: 138.124.31.0/24 maxlen: 24
138.124.125.0/24 maxlen: 24
138.124.126.0/24 maxlen: 24
138.124.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Feb 2024 12:24:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:02:99:bc:b7:20:e6:e7:f6:34:07:5a:fd:fb:14:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Feb 14 09:46:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bc966184305155fa68a7ce1182f63df67e56e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:be:09:af:f5:a5:e9:3b:9b:fe:fb:ed:01:91:
52:1b:57:40:32:12:cc:16:72:cf:07:48:22:f1:d5:
b4:96:9a:d9:43:61:02:dd:6a:16:dc:d5:c0:55:89:
0c:0e:a8:21:e5:4b:84:62:8d:f4:cc:b2:09:b2:92:
44:89:90:ec:5b:87:de:f6:40:40:52:e4:0c:ba:e3:
a2:cc:5a:f0:4c:31:43:6a:2a:3c:44:28:aa:b1:1c:
d4:81:60:28:95:c9:f0:9b:2e:cc:34:4d:fe:5a:ac:
8e:20:4a:b1:78:b9:a2:9f:cb:ab:07:4a:f7:17:ab:
c1:61:81:6f:6e:2a:20:68:4a:b3:86:c7:04:5d:ab:
97:0e:18:40:e0:ad:1b:86:a6:16:d0:32:60:f9:c1:
79:26:5b:d5:d3:c9:8c:e7:6a:df:ad:ce:91:61:57:
d0:63:0a:63:37:c6:48:5c:98:db:6a:05:b2:55:42:
56:87:ae:aa:99:90:f4:fb:a8:00:9e:3d:78:f3:3b:
d8:c7:67:37:24:47:6f:aa:d7:df:43:cc:1b:b6:1d:
4f:ae:67:f3:27:8f:8c:d1:68:af:0c:0a:3d:8d:a0:
f8:7e:21:7e:d9:a1:8e:b4:eb:91:10:ee:f4:f6:cf:
ad:8e:58:f0:26:b6:c4:60:53:3f:7f:d4:be:0b:b7:
80:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C9:66:18:43:05:15:5F:A6:8A:7C:E1:18:2F:63:DF:67:E5:6E:6C
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/G8lmGEMFFV-minzhGC9j32flbmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.31.0/24
138.124.125.0-138.124.127.255
Signature Algorithm: sha256WithRSAEncryption
2c:d0:3f:d2:48:7e:84:44:71:1d:04:3c:59:6a:2e:81:66:3b:
fe:c9:46:26:c9:20:79:e4:47:a8:2f:b2:3d:1b:7a:2b:a3:ab:
3f:bc:7d:b3:08:7f:d8:57:b5:76:4f:52:e7:b9:53:27:47:c1:
1a:c2:03:bc:38:5a:3b:db:26:e4:72:d6:fc:60:74:a9:dd:25:
1a:53:c5:9e:d0:5c:f9:19:4b:8b:a6:94:ca:8f:b9:8b:79:04:
fc:35:9c:cf:e6:1a:55:b2:02:f7:01:18:7a:f2:70:5f:6f:bc:
d5:f1:19:6e:c6:21:a1:09:ac:5b:4c:fd:60:27:38:7e:73:08:
a1:8e:73:b7:68:fe:86:ab:52:b6:86:a3:1a:b8:08:03:97:62:
61:0f:37:29:b3:42:6d:04:0c:a8:de:05:b5:3d:c8:a4:17:9c:
23:e6:21:f7:d1:8c:5f:42:8d:62:9a:13:85:8a:56:22:58:d7:
09:9c:5e:f9:89:c9:8b:0a:b3:87:8b:86:bb:76:c7:25:81:04:
b8:3e:2d:17:e0:89:5b:47:0d:a3:b8:ef:3c:9c:8a:2b:fa:6c:
a8:25:68:b7:08:6b:e8:02:c4:1c:79:89:10:9f:eb:53:bc:8c:
1b:ab:8d:6f:97:0c:ac:4a:4e:34:52:d0:b1:20:22:5c:72:a4:
e6:b6:95:33
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY2nApm8tyDm5/Y0B1r9+xSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjQwMjE0MDk0NjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM5NjYxODQzMDUxNTVmYTY4YTdjZTExODJmNjNkZjY3ZTU2ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh74Jr/Wl6Tub/vvtAZFSG1dAMhLM
FnLPB0gi8dW0lprZQ2EC3WoW3NXAVYkMDqgh5UuEYo30zLIJspJEiZDsW4fe9kBA
UuQMuuOizFrwTDFDaio8RCiqsRzUgWAolcnwmy7MNE3+WqyOIEqxeLmin8urB0r3
F6vBYYFvbiogaEqzhscEXauXDhhA4K0bhqYW0DJg+cF5JlvV08mM52rfrc6RYVfQ
YwpjN8ZIXJjbagWyVUJWh66qmZD0+6gAnj148zvYx2c3JEdvqtffQ8wbth1Prmfz
J4+M0WivDAo9jaD4fiF+2aGOtOuREO709s+tjljwJrbEYFM/f9S+C7eA2QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBvJZhhDBRVfpop84RgvY99n5W5sMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvRzhsbUdFTUZGVi1taW56aEdDOWozMmZsYm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAinwfMAwD
BACKfH0DBAeKfAAwDQYJKoZIhvcNAQELBQADggEBACzQP9JIfoREcR0EPFlqLoFm
O/7JRibJIHnkR6gvsj0beiujqz+8fbMIf9hXtXZPUue5UydHwRrCA7w4WjvbJuRy
1vxgdKndJRpTxZ7QXPkZS4umlMqPuYt5BPw1nM/mGlWyAvcBGHrycF9vvNXxGW7G
IaEJrFtM/WAnOH5zCKGOc7do/oarUraGoxq4CAOXYmEPNymzQm0EDKjeBbU9yKQX
nCPmIffRjF9CjWKaE4WKViJY1wmcXvmJyYsKs4eLhrt2xyWBBLg+LRfgiVtHDaO4
7zyciiv6bKglaLcIa+gCxBx5iRCf61O8jBurjW+XDKxKTjRS0LEgIlxypOa2lTM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:08 2024 by rpki-client on console-fra.rpki-client.org