Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/HW3e7xWZdYSiWcx42nSZNuOHCqg.roa
File: HW3e7xWZdYSiWcx42nSZNuOHCqg.roa (raw, json)
Hash identifier: 6cHZXSJ8ZT1vJFldZOXxDrcO/NBokSt24nWNpnRQUxw=
Subject key identifier: 1D:6D:DE:EF:15:99:75:84:A2:59:CC:78:DA:74:99:36:E3:87:0A:A8
Certificate issuer: /CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Certificate serial: 018E5C73515DBCAB7FCC843540948E4AEAD3
Authority key identifier: FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/HW3e7xWZdYSiWcx42nSZNuOHCqg.roa
Signing time: Wed 20 Mar 2024 15:20:45 +0000
ROA not before: Wed 20 Mar 2024 15:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21412
IP address blocks: 5.20.0.0/21 maxlen: 32
5.20.8.0/21 maxlen: 21
5.20.16.0/20 maxlen: 20
5.20.32.0/19 maxlen: 19
5.20.64.0/19 maxlen: 19
5.20.96.0/21 maxlen: 21
5.20.104.0/21 maxlen: 21
5.20.112.0/21 maxlen: 21
5.20.120.0/21 maxlen: 21
5.20.128.0/19 maxlen: 19
5.20.160.0/19 maxlen: 19
5.20.192.0/19 maxlen: 19
5.20.224.0/21 maxlen: 21
5.20.232.0/21 maxlen: 21
5.20.240.0/20 maxlen: 20
37.157.144.0/21 maxlen: 21
46.251.32.0/19 maxlen: 19
77.87.8.0/21 maxlen: 21
77.221.64.0/19 maxlen: 19
79.133.224.0/19 maxlen: 19
80.240.0.0/20 maxlen: 20
81.29.16.0/20 maxlen: 20
87.239.112.0/21 maxlen: 21
87.247.64.0/18 maxlen: 18
91.187.160.0/19 maxlen: 19
178.16.32.0/20 maxlen: 20
178.250.32.0/21 maxlen: 21
185.26.132.0/22 maxlen: 22
185.54.12.0/22 maxlen: 22
185.198.32.0/22 maxlen: 22
212.52.32.0/19 maxlen: 19
212.117.0.0/19 maxlen: 19
217.17.80.0/20 maxlen: 20
2a00:7600::/32 maxlen: 32
2a01:a1c0::/32 maxlen: 32
2a04:ce00::/29 maxlen: 29
2a04:eb00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 04 Apr 2024 12:51:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:73:51:5d:bc:ab:7f:cc:84:35:40:94:8e:4a:ea:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Validity
Not Before: Mar 20 15:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d6ddeef15997584a259cc78da749936e3870aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:01:53:e8:8b:c7:0d:89:68:56:3d:87:4f:c3:
97:24:1e:2e:e2:10:f6:21:29:b1:17:8a:00:8d:9c:
71:4f:24:6c:4b:40:ef:3d:fa:69:10:58:f1:8b:64:
33:e4:34:3e:c1:b6:0a:23:95:da:c6:6b:fc:32:9d:
85:0c:ee:44:b4:6e:9a:af:c9:da:3e:cb:0f:e3:d8:
c0:2b:34:c3:69:34:6b:26:fb:d1:75:56:04:f3:51:
72:59:0c:82:2e:33:cb:22:73:48:08:27:4c:0b:59:
63:63:f5:a9:16:51:ba:6e:b3:c1:af:f2:8c:cd:6b:
de:3a:2a:8a:94:6d:c8:35:e9:69:45:db:03:cd:39:
c8:53:ce:b5:f0:d9:90:c1:c8:72:09:9a:28:7b:84:
0d:fd:f5:f9:19:35:40:2b:bf:d8:40:5e:a5:f1:55:
29:8c:14:11:50:cd:71:70:c2:e1:fe:3b:58:15:96:
7a:ad:57:67:b8:4c:c7:5c:3d:90:e7:f2:2b:c7:d1:
76:67:8b:37:5b:70:9b:d3:f4:28:67:ce:a4:be:43:
7a:dd:e6:ad:df:6f:69:72:8a:f2:83:51:7d:a8:ad:
39:48:13:b0:6c:e2:47:96:21:e2:78:7d:ea:63:d0:
18:d3:7b:2a:2d:78:73:c6:18:5d:c8:cb:46:37:2e:
7d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6D:DE:EF:15:99:75:84:A2:59:CC:78:DA:74:99:36:E3:87:0A:A8
X509v3 Authority Key Identifier:
keyid:FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/HW3e7xWZdYSiWcx42nSZNuOHCqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.20.0.0/16
37.157.144.0/21
46.251.32.0/19
77.87.8.0/21
77.221.64.0/19
79.133.224.0/19
80.240.0.0/20
81.29.16.0/20
87.239.112.0/21
87.247.64.0/18
91.187.160.0/19
178.16.32.0/20
178.250.32.0/21
185.26.132.0/22
185.54.12.0/22
185.198.32.0/22
212.52.32.0/19
212.117.0.0/19
217.17.80.0/20
IPv6:
2a00:7600::/32
2a01:a1c0::/32
2a04:ce00::/29
2a04:eb00::/29
Signature Algorithm: sha256WithRSAEncryption
c1:2a:37:cb:05:eb:10:62:5f:aa:0f:75:4b:aa:4f:cf:e6:50:
b2:ab:0e:c7:0e:4b:4a:8a:53:e5:f1:2a:21:d5:e0:9e:f6:f5:
bb:9b:5b:90:ee:c7:a8:c3:2e:86:33:e6:13:d7:f6:42:cf:00:
08:3d:65:71:e2:36:0b:e7:55:c0:46:f3:3c:56:9c:7d:73:5e:
ce:3b:43:55:1b:46:21:f5:c8:4f:c4:1a:8f:de:24:69:f6:e0:
14:6d:73:61:bf:b3:48:c8:9d:c1:95:e0:03:32:cc:14:b7:2f:
ab:75:76:55:1f:8e:f5:89:63:8b:94:dd:dc:85:f1:68:b0:95:
c9:2a:4c:fa:c6:97:4f:94:17:d0:f0:32:fb:1c:a3:43:d8:5e:
22:c4:0c:ba:79:ee:9b:37:19:29:9e:e6:bb:91:23:a1:b3:f9:
29:93:a0:8e:c0:09:ce:c7:3f:83:82:1e:24:08:ad:ef:d0:f5:
aa:ce:3a:e8:52:e7:16:3c:f0:14:dd:8c:d2:69:16:33:3f:7e:
73:18:da:5c:40:d0:aa:66:d2:b8:28:4d:c2:e7:fe:92:1e:98:
95:4a:3e:b7:f1:28:a2:f6:2c:f0:54:bc:58:db:5d:b2:10:fd:
cb:f5:f0:ab:bc:e0:21:3f:b0:38:5a:22:82:77:d3:a1:07:f1:
d2:2b:25:64
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAY5cc1FdvKt/zIQ1QJSOSurTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNGQwNjk3ODk2OWE4YmRhYjZkNjM1OTA2MmQ3NzgxZTAz
NDQ5Y2EwHhcNMjQwMzIwMTUyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDZkZGVlZjE1OTk3NTg0YTI1OWNjNzhkYTc0OTkzNmUzODcwYWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAFT6IvHDYloVj2HT8OXJB4u4hD2
ISmxF4oAjZxxTyRsS0DvPfppEFjxi2Qz5DQ+wbYKI5Xaxmv8Mp2FDO5EtG6ar8na
PssP49jAKzTDaTRrJvvRdVYE81FyWQyCLjPLInNICCdMC1ljY/WpFlG6brPBr/KM
zWveOiqKlG3INelpRdsDzTnIU8618NmQwchyCZooe4QN/fX5GTVAK7/YQF6l8VUp
jBQRUM1xcMLh/jtYFZZ6rVdnuEzHXD2Q5/Irx9F2Z4s3W3Cb0/QoZ86kvkN63eat
329pcoryg1F9qK05SBOwbOJHliHieH3qY9AY03sqLXhzxhhdyMtGNy596QIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFB1t3u8VmXWEolnMeNp0mTbjhwqoMB8GA1UdIwQY
MBaAFPxNBpeJaai9q21jWQYtd4HgNEnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEt
ZGEwM2JmN2EyZWMyLzEvSFczZTd4V1pkWVNpV2N4NDJuU1pOdU9IQ3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEtZGEwM2JmN2EyZWMy
LzEvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTB3BAIAATBxAwMABRQD
BAMlnZADBAUu+yADBANNVwgDBAVN3UADBAVPheADBARQ8AADBARRHRADBANX73AD
BAZX90ADBAVbu6ADBASyECADBAOy+iADBAK5GoQDBAK5NgwDBAK5xiADBAXUNCAD
BAXUdQADBATZEVAwIgQCAAIwHAMFACoAdgADBQAqAaHAAwUDKgTOAAMFAyoE6wAw
DQYJKoZIhvcNAQELBQADggEBAMEqN8sF6xBiX6oPdUuqT8/mULKrDscOS0qKU+Xx
KiHV4J729bubW5Dux6jDLoYz5hPX9kLPAAg9ZXHiNgvnVcBG8zxWnH1zXs47Q1Ub
RiH1yE/EGo/eJGn24BRtc2G/s0jIncGV4AMyzBS3L6t1dlUfjvWJY4uU3dyF8Wiw
lckqTPrGl0+UF9DwMvsco0PYXiLEDLp57ps3GSme5ruRI6Gz+SmToI7ACc7HP4OC
HiQIre/Q9arOOuhS5xY88BTdjNJpFjM/fnMY2lxA0Kpm0rgoTcLn/pIemJVKPrfx
KKL2LPBUvFjbXbIQ/cv18Ku84CE/sDhaIoJ306EH8dIrJWQ=
-----END CERTIFICATE-----
Generated at Thu Apr 4 17:37:00 2024 by rpki-client on console-fra.rpki-client.org