Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/KlVriKg-wxOA1gHLHBhX7n9uO-g.roa
File: KlVriKg-wxOA1gHLHBhX7n9uO-g.roa (raw, json)
Hash identifier: X+emnmX3pdx+PlBPPAwulyFS6icpAW9aqzbGbtRU4rM=
Subject key identifier: 2A:55:6B:88:A8:3E:C3:13:80:D6:01:CB:1C:18:57:EE:7F:6E:3B:E8
Certificate issuer: /CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Certificate serial: 0189C065554BBF4F7448173F626587292AD1
Authority key identifier: FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/KlVriKg-wxOA1gHLHBhX7n9uO-g.roa
Signing time: Fri 04 Aug 2023 11:53:33 +0000
ROA not before: Fri 04 Aug 2023 11:53:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21412
IP address blocks: 185.198.32.0/22 maxlen: 22
77.87.8.0/21 maxlen: 21
185.26.132.0/22 maxlen: 22
80.240.0.0/20 maxlen: 20
178.250.32.0/21 maxlen: 21
37.157.144.0/21 maxlen: 21
178.16.32.0/20 maxlen: 20
5.20.0.0/21 maxlen: 32
5.20.8.0/21 maxlen: 21
5.20.16.0/20 maxlen: 20
212.52.32.0/19 maxlen: 19
5.20.32.0/19 maxlen: 19
217.77.16.0/20 maxlen: 24
217.77.16.0/21 maxlen: 21
217.77.24.0/21 maxlen: 21
87.247.64.0/18 maxlen: 18
5.20.112.0/21 maxlen: 21
5.20.120.0/21 maxlen: 21
5.20.128.0/19 maxlen: 19
87.239.112.0/21 maxlen: 21
31.209.64.0/20 maxlen: 20
5.20.64.0/19 maxlen: 19
185.54.12.0/22 maxlen: 22
5.20.96.0/21 maxlen: 21
5.20.104.0/21 maxlen: 21
46.251.32.0/19 maxlen: 19
5.20.224.0/21 maxlen: 21
91.187.160.0/19 maxlen: 19
5.20.232.0/21 maxlen: 21
5.20.240.0/20 maxlen: 20
212.117.0.0/19 maxlen: 19
79.133.224.0/19 maxlen: 19
5.20.160.0/19 maxlen: 19
81.29.16.0/20 maxlen: 20
217.17.80.0/20 maxlen: 20
80.243.16.0/20 maxlen: 20
5.20.192.0/19 maxlen: 19
77.221.64.0/19 maxlen: 19
2a00:7600::/32 maxlen: 32
2a04:eb00::/29 maxlen: 29
2a01:a1c0::/32 maxlen: 32
2a04:ce00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 04 Aug 2023 13:40:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:65:55:4b:bf:4f:74:48:17:3f:62:65:87:29:2a:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Validity
Not Before: Aug 4 11:53:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a556b88a83ec31380d601cb1c1857ee7f6e3be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:af:be:63:98:58:86:78:e2:32:dd:63:f5:6f:
6b:1e:5a:89:90:af:72:78:14:42:cd:a2:ce:b6:1c:
56:9c:9a:e0:f4:91:4d:eb:37:9f:f8:40:0c:ab:2a:
ba:81:68:9e:35:22:91:f5:a4:7c:43:8a:78:97:cd:
97:17:ba:7e:b5:3a:5d:06:b4:3f:dc:60:da:d4:62:
3d:d0:b2:d3:0f:05:e7:49:2b:97:b9:da:66:99:e5:
5d:a9:b4:39:f8:1b:7c:55:95:1b:ea:68:a8:de:8c:
74:b6:e1:ad:8c:5f:2e:cb:24:05:11:1c:ca:11:f5:
d9:57:82:7f:6d:b8:97:a9:0d:35:11:dd:8b:21:39:
6c:7f:e5:63:52:a2:de:f6:d6:97:20:45:85:2f:85:
1b:ef:0a:98:fd:b3:c1:4e:3e:90:6c:3f:8a:88:30:
86:7e:1f:a5:e3:79:b4:aa:37:6e:ca:3b:1c:b2:0d:
8d:35:14:43:fb:d8:6c:8d:46:55:ec:d6:70:48:a8:
08:1d:81:77:84:e2:7c:c5:0d:9a:3b:23:e8:51:61:
a4:a7:49:73:ae:49:2b:c4:a0:2e:16:0f:75:12:2e:
11:51:2f:a4:e1:ec:e7:06:9f:2f:8f:9e:ab:34:67:
d0:f7:b5:7d:a2:d7:e8:ab:0f:b6:3e:94:35:aa:f3:
60:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:55:6B:88:A8:3E:C3:13:80:D6:01:CB:1C:18:57:EE:7F:6E:3B:E8
X509v3 Authority Key Identifier:
keyid:FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/KlVriKg-wxOA1gHLHBhX7n9uO-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.20.0.0/16
31.209.64.0/20
37.157.144.0/21
46.251.32.0/19
77.87.8.0/21
77.221.64.0/19
79.133.224.0/19
80.240.0.0/20
80.243.16.0/20
81.29.16.0/20
87.239.112.0/21
87.247.64.0/18
91.187.160.0/19
178.16.32.0/20
178.250.32.0/21
185.26.132.0/22
185.54.12.0/22
185.198.32.0/22
212.52.32.0/19
212.117.0.0/19
217.17.80.0/20
217.77.16.0/20
IPv6:
2a00:7600::/32
2a01:a1c0::/32
2a04:ce00::/29
2a04:eb00::/29
Signature Algorithm: sha256WithRSAEncryption
a0:5a:d8:ac:24:2c:87:66:5b:a5:26:55:1f:74:04:08:55:56:
50:be:55:51:17:f0:0e:3e:37:64:fe:2f:6c:7b:fb:ce:40:4e:
6f:f4:d4:a6:44:71:c9:0d:90:28:14:45:69:90:21:96:de:5d:
6f:0e:f2:d9:91:ac:a1:24:f9:a8:e2:a4:e4:5e:8e:6b:55:cb:
dd:55:3f:a3:7c:f3:ec:18:63:8e:ff:00:5f:57:4e:a6:0c:93:
1a:4d:2c:f1:75:4e:dc:7b:a0:c5:a5:33:ef:bd:86:dd:fd:09:
45:37:0e:a5:d6:59:ea:68:dd:9b:94:c1:38:2d:1c:56:15:77:
ff:f3:3c:5b:58:3b:d1:01:bf:0e:bc:3d:03:5a:75:5b:c2:ae:
b0:cc:82:e6:25:65:5a:8b:91:4a:be:97:f7:41:b9:8f:02:70:
70:28:17:e1:dd:d4:d9:f2:2c:c6:e7:ea:2a:32:3b:13:25:c1:
3d:17:93:0f:50:53:27:80:90:c8:b7:00:25:ba:a3:90:26:13:
ee:53:7d:6a:19:09:5b:0d:91:2d:73:02:d2:9d:b3:30:8e:e0:
ab:4e:ab:d5:fb:d4:1f:50:46:18:e0:5b:8e:c4:1a:4b:24:2b:
11:4a:63:e0:9a:ff:cf:35:8c:c3:42:a5:b4:3b:e1:27:d1:56:
9c:0b:7a:5f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYnAZVVLv090SBc/YmWHKSrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNGQwNjk3ODk2OWE4YmRhYjZkNjM1OTA2MmQ3NzgxZTAz
NDQ5Y2EwHhcNMjMwODA0MTE1MzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTU1NmI4OGE4M2VjMzEzODBkNjAxY2IxYzE4NTdlZTdmNmUzYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq++Y5hYhnjiMt1j9W9rHlqJkK9y
eBRCzaLOthxWnJrg9JFN6zef+EAMqyq6gWieNSKR9aR8Q4p4l82XF7p+tTpdBrQ/
3GDa1GI90LLTDwXnSSuXudpmmeVdqbQ5+Bt8VZUb6mio3ox0tuGtjF8uyyQFERzK
EfXZV4J/bbiXqQ01Ed2LITlsf+VjUqLe9taXIEWFL4Ub7wqY/bPBTj6QbD+KiDCG
fh+l43m0qjduyjscsg2NNRRD+9hsjUZV7NZwSKgIHYF3hOJ8xQ2aOyPoUWGkp0lz
rkkrxKAuFg91Ei4RUS+k4eznBp8vj56rNGfQ97V9otfoqw+2PpQ1qvNgaQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFCpVa4ioPsMTgNYByxwYV+5/bjvoMB8GA1UdIwQY
MBaAFPxNBpeJaai9q21jWQYtd4HgNEnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEt
ZGEwM2JmN2EyZWMyLzEvS2xWcmlLZy13eE9BMWdITEhCaFg3bjl1Ty1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEtZGEwM2JmN2EyZWMy
LzEvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBigQCAAEwgYMDAwAF
FAMEBB/RQAMEAyWdkAMEBS77IAMEA01XCAMEBU3dQAMEBU+F4AMEBFDwAAMEBFDz
EAMEBFEdEAMEA1fvcAMEBlf3QAMEBVu7oAMEBLIQIAMEA7L6IAMEArkahAMEArk2
DAMEArnGIAMEBdQ0IAMEBdR1AAMEBNkRUAMEBNlNEDAiBAIAAjAcAwUAKgB2AAMF
ACoBocADBQMqBM4AAwUDKgTrADANBgkqhkiG9w0BAQsFAAOCAQEAoFrYrCQsh2Zb
pSZVH3QECFVWUL5VURfwDj43ZP4vbHv7zkBOb/TUpkRxyQ2QKBRFaZAhlt5dbw7y
2ZGsoST5qOKk5F6Oa1XL3VU/o3zz7Bhjjv8AX1dOpgyTGk0s8XVO3HugxaUz772G
3f0JRTcOpdZZ6mjdm5TBOC0cVhV3//M8W1g70QG/Drw9A1p1W8KusMyC5iVlWouR
Sr6X90G5jwJwcCgX4d3U2fIsxufqKjI7EyXBPReTD1BTJ4CQyLcAJbqjkCYT7lN9
ahkJWw2RLXMC0p2zMI7gq06r1fvUH1BGGOBbjsQaSyQrEUpj4Jr/zzWMw0KltDvh
J9FWnAt6Xw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:09 2024 by rpki-client on console-ams.rpki-client.org