Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/PpwkGknrX7GxLAs4HlwVjHN9h4Q.roa
File: PpwkGknrX7GxLAs4HlwVjHN9h4Q.roa (raw, json)
Hash identifier: lA3UhURfoDyXOoDOb8FWBhtKuteL7CIiVDuPetOmnl8=
Subject key identifier: 3E:9C:24:1A:49:EB:5F:B1:B1:2C:0B:38:1E:5C:15:8C:73:7D:87:84
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 01924C8CCCBF00D2947C68DFF1782705C96E
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/PpwkGknrX7GxLAs4HlwVjHN9h4Q.roa
Signing time: Wed 02 Oct 2024 09:25:48 +0000
ROA not before: Wed 02 Oct 2024 09:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 138.124.0.0/17 maxlen: 24
138.124.245.0/24 maxlen: 24
138.124.246.0/24 maxlen: 24
138.124.247.0/24 maxlen: 24
138.124.248.0/24 maxlen: 24
138.124.249.0/24 maxlen: 24
138.124.250.0/24 maxlen: 24
138.124.251.0/24 maxlen: 24
138.124.252.0/24 maxlen: 24
138.124.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 15:08:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4c:8c:cc:bf:00:d2:94:7c:68:df:f1:78:27:05:c9:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Oct 2 09:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e9c241a49eb5fb1b12c0b381e5c158c737d8784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f4:80:bd:4d:c1:87:e6:ae:2e:aa:17:d2:69:
90:01:dc:d5:b7:a4:ef:65:5c:62:69:85:4d:10:3f:
da:fa:e2:7e:a8:28:74:ae:ae:c7:25:25:17:83:d3:
03:b5:84:e1:72:c1:ec:6b:fe:e9:34:ef:82:6e:82:
eb:8e:c6:eb:0c:37:4e:81:62:ee:35:5d:88:1b:2c:
a6:b8:0d:28:e8:93:c3:64:23:34:fe:22:46:31:e4:
23:be:ad:af:bb:89:7b:7d:37:64:e8:94:fd:53:e3:
e6:fc:8c:84:ad:f1:f3:7d:33:8f:7f:b5:15:87:d7:
11:1a:c2:83:04:91:cd:cd:4c:ea:02:fc:cd:8a:49:
36:73:f7:0a:cf:bd:46:70:08:32:a1:ef:d1:bf:2b:
ea:2d:cf:5a:86:8b:7d:dc:4d:66:81:ff:3a:eb:eb:
c5:db:cb:44:a6:1f:55:e5:a9:56:f1:b1:2e:c2:96:
51:29:ab:f0:c8:3f:87:1f:1d:8f:b3:00:f7:f3:cd:
98:aa:de:f7:05:b0:fe:ac:4f:e9:13:5b:43:cf:fe:
57:82:2d:0d:ee:f3:0c:fb:b9:d9:3f:68:d8:aa:e4:
ab:ac:95:bf:d7:95:b1:e4:7d:26:f1:7c:5f:cf:b2:
ad:ab:89:f8:c2:ed:de:92:5e:c9:6d:3c:fc:0b:4b:
b7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:9C:24:1A:49:EB:5F:B1:B1:2C:0B:38:1E:5C:15:8C:73:7D:87:84
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/PpwkGknrX7GxLAs4HlwVjHN9h4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.0.0/17
138.124.245.0-138.124.253.255
Signature Algorithm: sha256WithRSAEncryption
5e:b9:6e:79:0c:22:3e:3f:10:41:8c:4d:2d:0d:78:eb:72:ec:
02:87:93:cd:83:51:2f:63:f4:49:bc:a8:6a:2f:5a:9b:43:9d:
c4:c4:06:79:90:91:e6:18:42:b2:45:e8:f2:ac:1a:ab:bd:10:
8c:4a:6f:d0:41:10:25:74:d2:5a:89:58:56:a4:e1:6c:f6:cf:
ee:af:f8:ce:de:4c:a1:88:6c:bb:97:dc:b0:8a:30:9c:a1:95:
09:09:2b:88:78:a8:24:25:c9:53:90:33:65:e6:7f:e4:c9:54:
eb:1f:a9:e3:fc:50:63:a9:d0:0c:3c:a1:36:20:81:99:e2:9a:
4a:fb:5d:e9:e8:db:cf:4e:4e:b6:58:9c:18:f5:4f:1e:f1:38:
a2:09:92:bd:00:5d:ba:76:19:3b:f5:ee:91:bc:d7:5f:60:41:
fb:2e:ac:05:b1:98:3b:b8:88:35:d5:26:26:38:68:c9:09:9e:
b0:3b:4d:0d:97:78:d5:45:23:ad:cc:01:51:eb:ea:f6:53:20:
81:2d:b9:11:be:d2:4a:d3:2e:57:2e:4f:36:25:ce:e7:bc:52:
2a:3f:ce:71:5e:f4:13:d5:bd:2e:f2:17:47:ef:b0:56:70:84:
69:c0:2f:de:91:c4:ee:f8:92:46:9a:da:52:4c:62:f0:fd:43:
80:71:5d:c3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZJMjMy/ANKUfGjf8XgnBcluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjQxMDAyMDkyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTljMjQxYTQ5ZWI1ZmIxYjEyYzBiMzgxZTVjMTU4YzczN2Q4Nzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPSAvU3Bh+auLqoX0mmQAdzVt6Tv
ZVxiaYVNED/a+uJ+qCh0rq7HJSUXg9MDtYThcsHsa/7pNO+CboLrjsbrDDdOgWLu
NV2IGyymuA0o6JPDZCM0/iJGMeQjvq2vu4l7fTdk6JT9U+Pm/IyErfHzfTOPf7UV
h9cRGsKDBJHNzUzqAvzNikk2c/cKz71GcAgyoe/RvyvqLc9ahot93E1mgf866+vF
28tEph9V5alW8bEuwpZRKavwyD+HHx2PswD3882Yqt73BbD+rE/pE1tDz/5Xgi0N
7vMM+7nZP2jYquSrrJW/15Wx5H0m8Xxfz7Ktq4n4wu3ekl7JbTz8C0u3awIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFD6cJBpJ61+xsSwLOB5cFYxzfYeEMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvUHB3a0drbnJYN0d4TEFzNEhsd1ZqSE45aDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQHinwAMAwD
BACKfPUDBAGKfPwwDQYJKoZIhvcNAQELBQADggEBAF65bnkMIj4/EEGMTS0NeOty
7AKHk82DUS9j9Em8qGovWptDncTEBnmQkeYYQrJF6PKsGqu9EIxKb9BBECV00lqJ
WFak4Wz2z+6v+M7eTKGIbLuX3LCKMJyhlQkJK4h4qCQlyVOQM2Xmf+TJVOsfqeP8
UGOp0Aw8oTYggZnimkr7Xeno289OTrZYnBj1Tx7xOKIJkr0AXbp2GTv17pG8119g
QfsurAWxmDu4iDXVJiY4aMkJnrA7TQ2XeNVFI63MAVHr6vZTIIEtuRG+0krTLlcu
TzYlzue8Uio/znFe9BPVvS7yF0fvsFZwhGnAL96RxO74kkaa2lJMYvD9Q4BxXcM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:40 2025 by rpki-client