Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/_j8FrHJHOByVuJV1wBcO4V000w8.roa
File: _j8FrHJHOByVuJV1wBcO4V000w8.roa (raw, json)
Hash identifier: je40Qy8/ojSAG2sPrtahTw4tZckkrknuTGM0b39uWIk=
Subject key identifier: FE:3F:05:AC:72:47:38:1C:95:B8:95:75:C0:17:0E:E1:5D:34:D3:0F
Certificate issuer: /CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Certificate serial: 018B5E11070CAA3EF63576B7BD0ACE75C7B5
Authority key identifier: DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/_j8FrHJHOByVuJV1wBcO4V000w8.roa
Signing time: Mon 23 Oct 2023 19:44:15 +0000
ROA not before: Mon 23 Oct 2023 19:44:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30344
IP address blocks: 138.124.187.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5e:11:07:0c:aa:3e:f6:35:76:b7:bd:0a:ce:75:c7:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Validity
Not Before: Oct 23 19:44:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe3f05ac7247381c95b89575c0170ee15d34d30f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d4:a4:c2:f0:2d:2b:3f:f1:ac:86:f8:03:70:
fa:b6:36:0d:20:e6:f9:dd:a9:23:53:41:d1:fe:db:
17:d1:d3:13:a0:fe:00:d9:90:7b:9d:50:2f:d2:90:
24:f3:34:41:70:b8:c9:33:d0:ad:c9:ee:1c:43:67:
54:d5:84:98:cd:06:0a:c6:63:fa:b9:1b:0d:89:55:
e1:cc:4b:2b:9f:0b:64:ce:45:a6:7d:d8:73:99:58:
82:e9:28:c4:ef:7e:5a:3a:09:29:44:8c:18:08:52:
17:b7:72:e6:2c:1d:34:fe:68:21:f1:b6:4b:bc:5e:
1b:7c:e8:77:b1:99:16:eb:c7:18:4c:b3:ca:b0:2d:
d9:0c:fb:7b:9a:d8:32:65:1c:fd:3f:42:2a:d7:2b:
7b:54:47:49:45:ef:61:e2:79:5e:03:cb:af:91:3d:
11:ab:bb:32:c1:a5:7c:84:0c:f2:7a:1c:37:40:f0:
8c:4a:d1:30:69:ef:13:64:48:c0:08:dd:d9:89:0f:
0e:57:66:75:55:f5:12:e0:28:45:bc:9b:d9:ed:92:
fe:10:20:43:a3:f2:db:d4:76:e6:8d:94:1e:aa:e2:
34:b8:1f:bf:5d:d7:93:8e:12:dc:ef:e7:d3:f8:ca:
74:03:f8:bb:37:d1:cc:5d:fd:1a:78:dd:04:60:40:
49:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:3F:05:AC:72:47:38:1C:95:B8:95:75:C0:17:0E:E1:5D:34:D3:0F
X509v3 Authority Key Identifier:
keyid:DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/_j8FrHJHOByVuJV1wBcO4V000w8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.187.0/24
Signature Algorithm: sha256WithRSAEncryption
44:9c:30:7e:68:fd:ce:0e:04:2f:2f:33:e3:d4:90:f2:a7:dc:
76:c4:c3:f1:fb:40:52:a1:2a:93:97:6c:00:d3:38:a9:6c:2a:
c4:2c:4b:33:f9:b1:4a:9b:18:e8:5d:9b:77:c4:63:fd:35:13:
bb:ce:24:a8:60:cb:a6:29:c0:0d:70:f5:55:67:60:27:04:71:
dc:71:d0:e8:6b:7e:67:19:d9:90:40:b0:db:6c:52:6b:a6:19:
d0:e8:23:38:a2:39:c9:a2:57:39:c2:25:02:f5:49:d2:09:77:
d0:b0:9b:39:67:96:26:df:04:81:dc:1e:86:1d:bd:15:cd:05:
71:4b:d7:5c:d6:8e:c3:37:35:84:5a:81:b1:bf:be:4e:1f:c0:
97:51:fa:2b:b8:c4:c8:f0:92:7e:85:01:dc:36:50:97:b1:ae:
9f:99:12:82:76:5a:1b:09:68:db:7e:0d:e6:0d:1b:b1:ff:27:
0e:fc:8e:2f:a5:35:f6:d1:3d:dd:4c:51:6e:8d:df:61:2b:09:
89:cb:a9:99:33:ad:11:b2:e9:a7:8b:df:f1:7a:2a:74:91:a5:
ed:db:c8:5e:ad:68:9a:8b:d3:e3:21:95:bb:f0:b4:e0:c9:6e:
6f:6f:05:e7:58:59:7d:92:86:5c:39:8c:77:29:68:7c:28:41:
2c:42:d1:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYteEQcMqj72NXa3vQrOdce1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTJhMWFjODkxMGNmNWM4NjVkZTViMDIzMWIwOWQwNGUx
MTMyZjMwHhcNMjMxMDIzMTk0NDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTNmMDVhYzcyNDczODFjOTViODk1NzVjMDE3MGVlMTVkMzRkMzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptSkwvAtKz/xrIb4A3D6tjYNIOb5
3akjU0HR/tsX0dMToP4A2ZB7nVAv0pAk8zRBcLjJM9Ctye4cQ2dU1YSYzQYKxmP6
uRsNiVXhzEsrnwtkzkWmfdhzmViC6SjE735aOgkpRIwYCFIXt3LmLB00/mgh8bZL
vF4bfOh3sZkW68cYTLPKsC3ZDPt7mtgyZRz9P0Iq1yt7VEdJRe9h4nleA8uvkT0R
q7sywaV8hAzyehw3QPCMStEwae8TZEjACN3ZiQ8OV2Z1VfUS4ChFvJvZ7ZL+ECBD
o/Lb1HbmjZQequI0uB+/XdeTjhLc7+fT+Mp0A/i7N9HMXf0aeN0EYEBJ9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP4/BaxyRzgclbiVdcAXDuFdNNMPMB8GA1UdIwQY
MBaAFN6SoayJEM9chl3lsCMbCdBOETLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BLaHJJa1F6MXlHWGVXd0l4c0owRTRSTXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80Mzc3ZDYtNTE1Yy00MjBhLTkxMzQt
NjllMzM3ODg0Y2M5LzEvX2o4RnJISkhPQnlWdUpWMXdCY080VjAwMHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80Mzc3ZDYtNTE1Yy00MjBhLTkxMzQtNjllMzM3ODg0Y2M5
LzEvM3BLaHJJa1F6MXlHWGVXd0l4c0owRTRSTXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAiny7MA0G
CSqGSIb3DQEBCwUAA4IBAQBEnDB+aP3ODgQvLzPj1JDyp9x2xMPx+0BSoSqTl2wA
0zipbCrELEsz+bFKmxjoXZt3xGP9NRO7ziSoYMumKcANcPVVZ2AnBHHccdDoa35n
GdmQQLDbbFJrphnQ6CM4ojnJolc5wiUC9UnSCXfQsJs5Z5Ym3wSB3B6GHb0VzQVx
S9dc1o7DNzWEWoGxv75OH8CXUforuMTI8JJ+hQHcNlCXsa6fmRKCdlobCWjbfg3m
DRux/ycO/I4vpTX20T3dTFFujd9hKwmJy6mZM60Rsumni9/xeip0kaXt28herWia
i9PjIZW78LTgyW5vbwXnWFl9koZcOYx3KWh8KEEsQtGz
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:58 2024 by rpki-client on console-fra.rpki-client.org