Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/rAAf7xa_cPbqHy2eEZRjZTEZx2w.roa
File: rAAf7xa_cPbqHy2eEZRjZTEZx2w.roa (raw, json)
Hash identifier: SHQBO/IuuKEh5zl6bO4A8ShbBKom9y0unag/Oa1pmlc=
Subject key identifier: AC:00:1F:EF:16:BF:70:F6:EA:1F:2D:9E:11:94:63:65:31:19:C7:6C
Certificate issuer: /CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Certificate serial: 0189C0C7AD1E4EC763CA7C5496D34B3642A1
Authority key identifier: FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/rAAf7xa_cPbqHy2eEZRjZTEZx2w.roa
Signing time: Fri 04 Aug 2023 13:40:58 +0000
ROA not before: Fri 04 Aug 2023 13:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21412
IP address blocks: 185.198.32.0/22 maxlen: 22
77.87.8.0/21 maxlen: 21
185.26.132.0/22 maxlen: 22
80.240.0.0/20 maxlen: 20
178.250.32.0/21 maxlen: 21
37.157.144.0/21 maxlen: 21
178.16.32.0/20 maxlen: 20
5.20.0.0/21 maxlen: 32
5.20.8.0/21 maxlen: 21
5.20.16.0/20 maxlen: 20
5.20.32.0/19 maxlen: 19
212.52.32.0/19 maxlen: 19
87.247.64.0/18 maxlen: 18
5.20.112.0/21 maxlen: 21
5.20.120.0/21 maxlen: 21
5.20.128.0/19 maxlen: 19
87.239.112.0/21 maxlen: 21
31.209.64.0/20 maxlen: 20
5.20.64.0/19 maxlen: 19
185.54.12.0/22 maxlen: 22
5.20.96.0/21 maxlen: 21
5.20.104.0/21 maxlen: 21
46.251.32.0/19 maxlen: 19
5.20.224.0/21 maxlen: 21
5.20.232.0/21 maxlen: 21
91.187.160.0/19 maxlen: 19
5.20.240.0/20 maxlen: 20
212.117.0.0/19 maxlen: 19
79.133.224.0/19 maxlen: 19
5.20.160.0/19 maxlen: 19
81.29.16.0/20 maxlen: 20
217.17.80.0/20 maxlen: 20
80.243.16.0/20 maxlen: 20
5.20.192.0/19 maxlen: 19
77.221.64.0/19 maxlen: 19
2a00:7600::/32 maxlen: 32
2a04:eb00::/29 maxlen: 29
2a01:a1c0::/32 maxlen: 32
2a04:ce00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:c7:ad:1e:4e:c7:63:ca:7c:54:96:d3:4b:36:42:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Validity
Not Before: Aug 4 13:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac001fef16bf70f6ea1f2d9e119463653119c76c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:44:61:c3:3b:d9:07:08:08:f7:d6:53:3c:33:
2a:da:11:a5:dc:eb:e1:57:ed:c8:54:ab:7f:0f:73:
5d:42:23:2e:cb:b3:ab:e7:31:df:7d:4b:1b:44:d4:
83:99:d7:44:c5:b8:62:95:e5:0c:29:e1:d9:14:3b:
2f:31:dc:b7:a5:db:f5:03:1c:a8:1c:22:d4:a0:b5:
8d:23:ac:04:7b:32:a2:c7:5a:34:fc:91:7f:9d:c5:
d2:31:60:b6:87:fd:9b:92:39:23:ac:db:df:db:21:
f9:15:88:2a:dc:3d:9d:82:18:3e:dc:dd:4d:d3:26:
c7:34:c3:71:8f:2a:55:9a:d4:5e:f6:cb:7a:2f:3f:
f0:c1:e3:d8:40:1e:dd:5d:59:92:93:fd:3d:8e:72:
ba:ac:10:da:f5:22:66:56:9f:33:3c:1e:92:a9:6c:
06:b0:b8:67:da:ac:86:04:92:d6:38:80:89:e3:ca:
b8:e9:f0:86:2d:3c:3f:fd:5d:86:00:6e:77:4b:0f:
3a:4d:1a:a4:f7:48:d4:04:aa:fa:81:19:57:05:90:
be:91:88:d3:27:0a:88:11:61:81:1e:74:07:47:12:
e6:b9:00:2b:2d:cb:95:94:38:a8:36:db:a1:62:8a:
90:3a:cb:45:51:39:b1:dc:7e:3b:0f:da:92:c8:7b:
03:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:00:1F:EF:16:BF:70:F6:EA:1F:2D:9E:11:94:63:65:31:19:C7:6C
X509v3 Authority Key Identifier:
keyid:FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/rAAf7xa_cPbqHy2eEZRjZTEZx2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.20.0.0/16
31.209.64.0/20
37.157.144.0/21
46.251.32.0/19
77.87.8.0/21
77.221.64.0/19
79.133.224.0/19
80.240.0.0/20
80.243.16.0/20
81.29.16.0/20
87.239.112.0/21
87.247.64.0/18
91.187.160.0/19
178.16.32.0/20
178.250.32.0/21
185.26.132.0/22
185.54.12.0/22
185.198.32.0/22
212.52.32.0/19
212.117.0.0/19
217.17.80.0/20
IPv6:
2a00:7600::/32
2a01:a1c0::/32
2a04:ce00::/29
2a04:eb00::/29
Signature Algorithm: sha256WithRSAEncryption
68:b2:73:86:8e:77:16:39:13:a3:6e:83:42:aa:57:91:6f:3c:
fc:bd:e9:59:70:06:39:07:72:e4:ab:c7:12:62:71:eb:4a:b4:
48:66:34:cc:ea:8d:be:33:9c:c5:06:66:23:de:a9:95:c9:f6:
03:f3:c5:77:dc:01:7e:a4:5b:52:d4:05:60:82:17:9d:6c:fe:
2e:d1:a1:85:36:3b:97:c4:90:a8:a2:1d:fb:c1:b3:74:1b:24:
49:86:45:c9:cf:2a:b6:6d:01:06:46:ad:12:69:9f:f2:9f:67:
2e:d1:de:48:c0:75:1f:f1:b6:d3:b4:22:0e:02:ca:0d:44:fe:
6a:df:45:23:f6:a3:9c:20:84:07:ea:bb:2a:aa:d6:d7:89:84:
38:92:ea:9e:82:21:6d:1b:2f:7c:39:8b:60:f9:06:c6:d6:b9:
4f:ed:7d:36:af:e7:43:d2:0e:a5:33:b9:3a:e9:c1:68:23:58:
6b:14:86:92:f9:07:11:1b:42:11:5f:72:aa:e6:71:bc:df:84:
7a:7d:33:86:6d:11:d4:dd:e4:25:d4:54:62:0c:cb:04:69:6d:
ee:2c:8d:e1:a8:de:98:5c:ec:ff:9d:ea:11:17:c4:c3:5d:b8:
5d:61:a0:9c:9a:21:55:f9:26:28:0b:39:f9:6c:01:91:fa:03:
d1:ae:43:36
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYnAx60eTsdjynxUltNLNkKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNGQwNjk3ODk2OWE4YmRhYjZkNjM1OTA2MmQ3NzgxZTAz
NDQ5Y2EwHhcNMjMwODA0MTM0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzAwMWZlZjE2YmY3MGY2ZWExZjJkOWUxMTk0NjM2NTMxMTljNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqURhwzvZBwgI99ZTPDMq2hGl3Ovh
V+3IVKt/D3NdQiMuy7Or5zHffUsbRNSDmddExbhileUMKeHZFDsvMdy3pdv1Axyo
HCLUoLWNI6wEezKix1o0/JF/ncXSMWC2h/2bkjkjrNvf2yH5FYgq3D2dghg+3N1N
0ybHNMNxjypVmtRe9st6Lz/wwePYQB7dXVmSk/09jnK6rBDa9SJmVp8zPB6SqWwG
sLhn2qyGBJLWOICJ48q46fCGLTw//V2GAG53Sw86TRqk90jUBKr6gRlXBZC+kYjT
JwqIEWGBHnQHRxLmuQArLcuVlDioNtuhYoqQOstFUTmx3H47D9qSyHsDSQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFKwAH+8Wv3D26h8tnhGUY2UxGcdsMB8GA1UdIwQY
MBaAFPxNBpeJaai9q21jWQYtd4HgNEnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEt
ZGEwM2JmN2EyZWMyLzEvckFBZjd4YV9jUGJxSHkyZUVaUmpaVEVaeDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEtZGEwM2JmN2EyZWMy
LzEvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBgwQCAAEwfQMDAAUU
AwQEH9FAAwQDJZ2QAwQFLvsgAwQDTVcIAwQFTd1AAwQFT4XgAwQEUPAAAwQEUPMQ
AwQEUR0QAwQDV+9wAwQGV/dAAwQFW7ugAwQEshAgAwQDsvogAwQCuRqEAwQCuTYM
AwQCucYgAwQF1DQgAwQF1HUAAwQE2RFQMCIEAgACMBwDBQAqAHYAAwUAKgGhwAMF
AyoEzgADBQMqBOsAMA0GCSqGSIb3DQEBCwUAA4IBAQBosnOGjncWOROjboNCqleR
bzz8velZcAY5B3Lkq8cSYnHrSrRIZjTM6o2+M5zFBmYj3qmVyfYD88V33AF+pFtS
1AVgghedbP4u0aGFNjuXxJCooh37wbN0GyRJhkXJzyq2bQEGRq0SaZ/yn2cu0d5I
wHUf8bbTtCIOAsoNRP5q30Uj9qOcIIQH6rsqqtbXiYQ4kuqegiFtGy98OYtg+QbG
1rlP7X02r+dD0g6lM7k66cFoI1hrFIaS+QcRG0IRX3Kq5nG834R6fTOGbRHU3eQl
1FRiDMsEaW3uLI3hqN6YXOz/neoRF8TDXbhdYaCcmiFV+SYoCzn5bAGR+gPRrkM2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:09 2024 by rpki-client on console-ams.rpki-client.org