Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/HGR3IANNvurTclp5Xt1Im6RpLVI.roa
File: HGR3IANNvurTclp5Xt1Im6RpLVI.roa (raw, json)
Hash identifier: Ch2PKo4xDcy+uJzvyQUJH224vjcXrR7HCUmkfsJt9vU=
Subject key identifier: 1C:64:77:20:03:4D:BE:EA:D3:72:5A:79:5E:DD:48:9B:A4:69:2D:52
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 0193BFF0FF1A1CE4063D254F7824B4692E0B
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/HGR3IANNvurTclp5Xt1Im6RpLVI.roa
Signing time: Fri 13 Dec 2024 12:14:22 +0000
ROA not before: Fri 13 Dec 2024 12:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216246
IP address blocks: 138.124.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Dec 2024 13:03:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bf:f0:ff:1a:1c:e4:06:3d:25:4f:78:24:b4:69:2e:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Dec 13 12:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c647720034dbeead3725a795edd489ba4692d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f3:70:9d:13:64:56:f2:2b:50:05:64:ca:d7:
7f:77:5b:65:40:28:09:ac:69:ee:e0:cd:01:66:fc:
23:60:79:79:2c:63:f3:39:3a:19:41:1a:43:5d:e7:
87:32:00:c6:0f:d0:6d:62:80:72:0d:75:9b:3e:73:
e3:b5:05:99:04:19:10:2c:c9:89:e5:88:5b:62:f6:
4c:13:b0:ca:8f:e9:ff:42:de:89:f4:6f:4b:9c:c5:
4f:d1:00:5e:ea:3c:1e:3d:aa:ab:57:a7:0e:99:79:
e5:ee:2f:14:c4:ab:06:34:d1:25:7a:3d:8d:86:ce:
fc:2a:f1:8b:79:46:72:dd:5e:3b:b7:84:23:55:5d:
92:41:0b:50:e1:a7:cc:26:29:0e:23:e9:80:eb:24:
17:2f:b5:5e:2c:bc:d6:42:1a:1a:b8:8f:d9:2c:b0:
31:13:4a:0a:3d:6d:4b:7a:b4:0d:80:4f:1b:10:36:
06:35:8e:ed:78:2c:41:fd:76:26:b8:66:9d:48:70:
cf:1e:e4:8e:da:bf:4c:ee:f3:ad:45:ff:12:a1:98:
06:90:bc:e7:b7:49:50:00:39:6e:eb:b9:c3:e5:01:
d4:06:ea:6b:45:36:07:67:53:db:f7:e2:7d:fa:af:
9c:93:5b:5c:b0:37:e0:74:a8:ee:4c:79:37:78:62:
d1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:64:77:20:03:4D:BE:EA:D3:72:5A:79:5E:DD:48:9B:A4:69:2D:52
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/HGR3IANNvurTclp5Xt1Im6RpLVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.14.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:55:7d:63:d5:96:cb:48:f0:cf:52:07:37:a5:98:c6:ae:ea:
e3:b8:40:b0:05:97:87:37:4e:6c:82:88:c2:15:da:15:9f:6f:
81:05:e8:8f:c0:9d:7f:66:04:bd:64:51:06:1d:99:e3:9e:5e:
55:74:c4:05:bf:5c:27:7e:e3:25:99:61:c5:b5:87:0a:d4:6a:
66:a5:47:53:11:ec:ae:0c:d2:be:f0:12:2e:d5:41:fe:54:29:
90:ad:61:db:cd:0f:31:5c:68:5d:87:9b:85:4d:6f:75:87:f8:
1c:76:2c:ae:b1:cb:2e:99:8f:31:b4:8e:ba:0d:e8:46:65:93:
ef:79:97:a9:7a:99:9f:45:74:68:c4:b7:42:ce:16:b7:99:b2:
ab:05:bb:38:cd:38:a1:d4:a7:70:f4:e9:d7:e5:7c:b9:c7:b6:
db:0f:e5:a9:3d:0e:ce:98:4a:7b:88:51:16:71:f0:7f:dd:95:
50:af:01:ad:4f:09:ce:88:bf:28:ee:f8:69:61:e0:16:ff:b6:
71:82:54:50:fc:31:91:43:28:13:a0:ad:d2:9f:47:44:07:0c:
0c:63:a7:49:8b:5d:dc:e1:3d:7a:f4:3d:6e:da:6a:c3:4c:84:
36:6d:f2:93:d4:63:c8:60:4c:18:08:a9:f6:e0:f5:92:fc:6c:
be:16:e7:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO/8P8aHOQGPSVPeCS0aS4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjQxMjEzMTIxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzY0NzcyMDAzNGRiZWVhZDM3MjVhNzk1ZWRkNDg5YmE0NjkyZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vNwnRNkVvIrUAVkytd/d1tlQCgJ
rGnu4M0BZvwjYHl5LGPzOToZQRpDXeeHMgDGD9BtYoByDXWbPnPjtQWZBBkQLMmJ
5YhbYvZME7DKj+n/Qt6J9G9LnMVP0QBe6jwePaqrV6cOmXnl7i8UxKsGNNElej2N
hs78KvGLeUZy3V47t4QjVV2SQQtQ4afMJikOI+mA6yQXL7VeLLzWQhoauI/ZLLAx
E0oKPW1LerQNgE8bEDYGNY7teCxB/XYmuGadSHDPHuSO2r9M7vOtRf8SoZgGkLzn
t0lQADlu67nD5QHUBuprRTYHZ1Pb9+J9+q+ck1tcsDfgdKjuTHk3eGLR9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxkdyADTb7q03JaeV7dSJukaS1SMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvSEdSM0lBTk52dXJUY2xwNVh0MUltNlJwTFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAinwOMA0G
CSqGSIb3DQEBCwUAA4IBAQC8VX1j1ZbLSPDPUgc3pZjGrurjuECwBZeHN05sgojC
FdoVn2+BBeiPwJ1/ZgS9ZFEGHZnjnl5VdMQFv1wnfuMlmWHFtYcK1GpmpUdTEeyu
DNK+8BIu1UH+VCmQrWHbzQ8xXGhdh5uFTW91h/gcdiyuscsumY8xtI66DehGZZPv
eZepepmfRXRoxLdCzha3mbKrBbs4zTih1Kdw9OnX5Xy5x7bbD+WpPQ7OmEp7iFEW
cfB/3ZVQrwGtTwnOiL8o7vhpYeAW/7ZxglRQ/DGRQygToK3Sn0dEBwwMY6dJi13c
4T169D1u2mrDTIQ2bfKT1GPIYEwYCKn24PWS/Gy+Fuc8
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:12:45 2025 by rpki-client