Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/g72Sfk9Ko584JaLroEBM-in-yXE.roa
File: g72Sfk9Ko584JaLroEBM-in-yXE.roa (raw, json)
Hash identifier: 3p4mf9RKHeMEpJ+lhYtZQxrc6udFn0n+h2Ip2PFOSgc=
Subject key identifier: 83:BD:92:7E:4F:4A:A3:9F:38:25:A2:EB:A0:40:4C:FA:29:FE:C9:71
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 0189F9CBFBD51F12C93897AED14CDF5C158C
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/g72Sfk9Ko584JaLroEBM-in-yXE.roa
Signing time: Tue 15 Aug 2023 15:24:02 +0000
ROA not before: Tue 15 Aug 2023 15:24:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205007
IP address blocks: 138.124.125.0/24 maxlen: 24
138.124.127.0/24 maxlen: 24
138.124.126.0/24 maxlen: 24
138.124.31.0/24 maxlen: 24
138.124.253.0/24 maxlen: 24
138.124.252.0/24 maxlen: 24
138.124.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f9:cb:fb:d5:1f:12:c9:38:97:ae:d1:4c:df:5c:15:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Aug 15 15:24:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83bd927e4f4aa39f3825a2eba0404cfa29fec971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:4e:66:21:b3:b8:92:22:5a:03:38:d5:ab:ff:
ed:f3:c7:6c:da:82:8a:91:73:a4:9c:ee:16:c9:7e:
08:d8:ea:99:76:56:31:c9:c3:91:5d:1f:b5:d0:40:
8c:c4:82:86:e5:0a:a7:9b:f2:6b:51:fa:c2:93:c1:
2a:a6:48:a4:38:0b:2b:16:2f:79:af:36:27:4d:16:
19:17:95:59:80:33:d9:a7:e0:42:25:a1:ab:29:0a:
71:0d:63:f2:7e:3d:47:09:db:28:07:a8:85:da:db:
c2:45:a6:db:57:1c:27:c9:b1:7e:ab:7e:44:08:1b:
a1:6f:07:95:f9:3c:fc:d0:21:06:ab:a9:eb:77:74:
6b:3f:77:aa:54:5a:ed:60:0c:56:23:71:d5:96:62:
d7:ae:df:f2:43:b1:0e:d1:32:30:6f:06:a9:11:a9:
8f:96:4b:a8:18:22:14:55:9e:ab:40:35:fc:72:c4:
6a:53:c0:ab:14:0a:66:32:d1:7a:46:8b:d7:65:25:
ae:dc:9e:9c:ab:73:3b:9c:33:d7:ac:c7:a2:41:e7:
f4:c0:5f:e3:4c:95:07:4a:b4:bf:2a:c7:81:bb:c5:
e9:18:b4:77:f7:83:3b:38:bf:32:b7:a0:18:c1:e1:
e5:bf:b9:f5:79:2c:7c:05:9d:17:be:f5:8d:25:4c:
ea:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:BD:92:7E:4F:4A:A3:9F:38:25:A2:EB:A0:40:4C:FA:29:FE:C9:71
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/g72Sfk9Ko584JaLroEBM-in-yXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.31.0/24
138.124.125.0-138.124.127.255
138.124.251.0-138.124.253.255
Signature Algorithm: sha256WithRSAEncryption
03:2e:d2:2b:83:f9:1e:e9:89:37:a2:93:e0:8d:25:f3:f5:9e:
ef:e0:46:b1:7d:1c:ae:5a:12:d2:94:70:64:80:1e:c2:74:d0:
55:aa:e2:62:0d:ac:8d:98:fd:b9:b0:33:77:d9:59:a1:76:0b:
01:d3:a3:48:f3:b9:93:d3:75:20:9b:b7:8e:97:f1:46:95:a3:
be:27:fe:60:c7:ac:65:9e:e4:29:71:52:87:19:96:b7:85:28:
6a:9a:34:e2:b3:22:e6:cd:e9:02:1d:42:ec:be:33:60:dc:cb:
4d:de:fd:3c:fc:45:5f:13:f8:b4:ba:7c:70:42:4d:a5:51:96:
80:de:cb:b4:e7:99:26:44:20:2b:89:38:21:85:91:ae:e8:35:
ca:2f:8b:dc:0a:14:3b:88:34:db:00:55:f9:d9:9e:60:6f:5d:
ac:4c:25:d7:f3:2b:e1:f8:9d:8c:a3:f5:c1:81:7c:23:6d:0b:
9e:83:58:fa:20:69:1f:39:74:ec:7e:f8:46:79:5a:3c:60:44:
82:4c:cf:7f:6f:20:3a:08:b4:a7:8f:92:6b:a4:28:a9:e0:dd:
3e:ff:e2:54:86:15:c2:20:c8:f2:95:b1:74:8b:fb:43:f0:3d:
e1:23:7e:0d:b3:46:c8:bb:80:22:a7:da:35:ac:01:d1:46:d7:
b5:1d:07:74
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYn5y/vVHxLJOJeu0UzfXBWMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjMwODE1MTUyNDAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2JkOTI3ZTRmNGFhMzlmMzgyNWEyZWJhMDQwNGNmYTI5ZmVjOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA805mIbO4kiJaAzjVq//t88ds2oKK
kXOknO4WyX4I2OqZdlYxycORXR+10ECMxIKG5Qqnm/JrUfrCk8EqpkikOAsrFi95
rzYnTRYZF5VZgDPZp+BCJaGrKQpxDWPyfj1HCdsoB6iF2tvCRabbVxwnybF+q35E
CBuhbweV+Tz80CEGq6nrd3RrP3eqVFrtYAxWI3HVlmLXrt/yQ7EO0TIwbwapEamP
lkuoGCIUVZ6rQDX8csRqU8CrFApmMtF6RovXZSWu3J6cq3M7nDPXrMeiQef0wF/j
TJUHSrS/KseBu8XpGLR394M7OL8yt6AYweHlv7n1eSx8BZ0XvvWNJUzq5QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIO9kn5PSqOfOCWi66BATPop/slxMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvZzcyU2ZrOUtvNTg0SmFMcm9FQk0taW4teVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAinwfMAwD
BACKfH0DBAeKfAAwDAMEAIp8+wMEAYp8/DANBgkqhkiG9w0BAQsFAAOCAQEAAy7S
K4P5HumJN6KT4I0l8/We7+BGsX0crloS0pRwZIAewnTQVariYg2sjZj9ubAzd9lZ
oXYLAdOjSPO5k9N1IJu3jpfxRpWjvif+YMesZZ7kKXFShxmWt4Uoapo04rMi5s3p
Ah1C7L4zYNzLTd79PPxFXxP4tLp8cEJNpVGWgN7LtOeZJkQgK4k4IYWRrug1yi+L
3AoUO4g02wBV+dmeYG9drEwl1/Mr4fidjKP1wYF8I20LnoNY+iBpHzl07H74Rnla
PGBEgkzPf28gOgi0p4+Sa6QoqeDdPv/iVIYVwiDI8pWxdIv7Q/A94SN+DbNGyLuA
IqfaNawB0UbXtR0HdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:40 2024 by rpki-client on console-ams.rpki-client.org