Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/H_fx8qDcFz3rVmhVeRQDqCWQcWE.roa
File: H_fx8qDcFz3rVmhVeRQDqCWQcWE.roa (raw, json)
Hash identifier: dVtoVFdt5FhQGYuJgVDyO+6i8IxYJ+9ykRW7dFJW9t4=
Subject key identifier: 1F:F7:F1:F2:A0:DC:17:3D:EB:56:68:55:79:14:03:A8:25:90:71:61
Certificate issuer: /CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Certificate serial: 018C58B4B22E5969D90D2A67E506243E617F
Authority key identifier: E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/H_fx8qDcFz3rVmhVeRQDqCWQcWE.roa
Signing time: Mon 11 Dec 2023 11:48:06 +0000
ROA not before: Mon 11 Dec 2023 11:48:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39835
IP address blocks: 81.20.112.0/20 maxlen: 24
5.34.224.0/21 maxlen: 24
5.34.226.0/24 maxlen: 24
188.74.32.0/22 maxlen: 24
188.74.32.0/20 maxlen: 24
188.74.36.0/24 maxlen: 24
188.74.37.0/24 maxlen: 24
188.74.38.0/24 maxlen: 24
188.74.44.0/22 maxlen: 24
212.101.32.0/19 maxlen: 24
81.90.192.0/20 maxlen: 24
185.75.150.0/24 maxlen: 24
185.75.148.0/24 maxlen: 24
185.75.149.0/24 maxlen: 24
185.94.36.0/22 maxlen: 24
130.193.96.0/21 maxlen: 24
2a03:4b20::/29 maxlen: 40
2a03:6880::/32 maxlen: 32
2a03:4b20:f000::/36 maxlen: 36
2a03:4b20::/32 maxlen: 32
2a03:4b21::/32 maxlen: 32
2a02:1318::/32 maxlen: 32
2a03:4b22::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:b4:b2:2e:59:69:d9:0d:2a:67:e5:06:24:3e:61:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Validity
Not Before: Dec 11 11:48:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ff7f1f2a0dc173deb566855791403a825907161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:94:a0:eb:a9:38:c2:33:1f:3b:fc:21:10:b6:
6e:cf:28:0d:27:ce:f2:f1:76:39:eb:8c:e7:26:c9:
4b:eb:c7:ad:3f:ae:6b:a4:51:5e:98:5e:44:d0:b4:
be:4d:d1:c2:6e:78:b8:7b:6c:04:0e:5e:69:d2:ae:
95:69:41:3a:a0:51:dc:1f:d2:74:63:28:68:76:78:
9f:83:3c:a4:4b:c7:fa:ad:36:39:db:12:80:93:35:
e8:0a:df:30:b0:dc:cd:c6:22:cb:6a:d4:24:33:17:
c8:06:8f:f1:02:80:e7:42:05:63:f8:4e:1c:23:d0:
78:76:8a:2d:94:cf:f6:4e:07:ad:37:9b:67:48:11:
cc:a4:ae:25:43:42:03:9f:23:95:09:26:56:c8:50:
93:53:64:85:d4:9c:f0:a6:f6:23:07:78:3d:79:ed:
36:59:41:45:a8:a7:fc:57:d3:b2:f9:77:1b:82:fb:
40:f3:40:05:f4:51:74:31:df:b1:37:48:de:e0:fd:
56:4b:06:d2:99:51:3a:0b:3d:8a:d8:b9:f4:5f:6d:
5d:2e:1f:04:d1:4e:86:6a:8b:da:9c:08:52:ac:7a:
f0:79:0b:5b:b7:1c:35:76:5d:fd:06:27:0c:62:42:
ae:06:25:f8:10:e7:92:51:62:8e:5c:eb:df:d7:4a:
c8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F7:F1:F2:A0:DC:17:3D:EB:56:68:55:79:14:03:A8:25:90:71:61
X509v3 Authority Key Identifier:
keyid:E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/H_fx8qDcFz3rVmhVeRQDqCWQcWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/458aboTAJ378tW2UKw615FZHESk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.224.0/21
81.20.112.0/20
81.90.192.0/20
130.193.96.0/21
185.75.148.0-185.75.150.255
185.94.36.0/22
188.74.32.0/20
212.101.32.0/19
IPv6:
2a02:1318::/32
2a03:4b20::/29
2a03:6880::/32
Signature Algorithm: sha256WithRSAEncryption
1b:03:e7:ad:ab:b9:a5:fa:19:1c:2a:2a:5e:d8:2c:ab:c7:30:
27:b4:00:ba:39:7e:5d:c5:0c:35:53:3a:73:4d:d5:3b:ad:17:
eb:9e:4e:42:22:5c:20:52:41:36:a1:bc:d5:41:be:ba:3a:a0:
2d:e8:65:9a:a9:47:be:90:e4:d0:ba:4e:6d:1f:7d:f6:5f:0c:
e4:bb:61:61:34:42:7f:85:19:d5:1d:d9:1e:f1:10:43:5e:20:
23:d8:76:65:37:f6:82:96:3f:ae:99:02:ec:52:4b:c2:a4:06:
3a:f1:c9:99:49:6b:a5:ba:ce:ad:a1:11:ff:4a:ba:01:19:53:
26:bb:0c:f0:ad:17:82:2f:49:f2:f3:22:c3:47:9c:6b:55:97:
ca:e5:41:7e:fb:c9:5b:45:a9:27:fa:86:62:d4:bc:45:ae:d4:
8c:c2:59:e2:4a:34:bb:3f:ff:72:74:9b:dd:33:dd:c7:69:42:
9d:cf:ab:d3:b6:a4:d4:01:84:85:5e:4d:4e:b9:4c:ed:23:65:
12:f4:68:2b:94:36:55:89:ca:2c:bb:8f:f3:38:de:7e:91:ff:
bb:03:81:77:4a:b3:53:ee:4c:d9:ea:dd:24:e8:7b:b6:af:66:
bd:c0:e0:0c:5e:ce:42:36:0f:5e:6b:9e:d6:1f:aa:21:ac:e0:
d6:f5:10:df
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYxYtLIuWWnZDSpn5QYkPmF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOWYxYTZlODRjMDI3N2VmY2I1NmQ5NDJiMGViNWU0NTY0
NzExMjkwHhcNMjMxMjExMTE0ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmY3ZjFmMmEwZGMxNzNkZWI1NjY4NTU3OTE0MDNhODI1OTA3MTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopSg66k4wjMfO/whELZuzygNJ87y
8XY564znJslL68etP65rpFFemF5E0LS+TdHCbni4e2wEDl5p0q6VaUE6oFHcH9J0
YyhodnifgzykS8f6rTY52xKAkzXoCt8wsNzNxiLLatQkMxfIBo/xAoDnQgVj+E4c
I9B4dootlM/2TgetN5tnSBHMpK4lQ0IDnyOVCSZWyFCTU2SF1JzwpvYjB3g9ee02
WUFFqKf8V9Oy+XcbgvtA80AF9FF0Md+xN0je4P1WSwbSmVE6Cz2K2Ln0X21dLh8E
0U6GaovanAhSrHrweQtbtxw1dl39BicMYkKuBiX4EOeSUWKOXOvf10rI3QIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFB/38fKg3Bc961ZoVXkUA6glkHFhMB8GA1UdIwQY
MBaAFOOfGm6EwCd+/LVtlCsOteRWRxEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMt
MGU1MzkyNzU3ZjgyLzEvSF9meDhxRGNGejNyVm1oVmVSUURxQ1dRY1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMtMGU1MzkyNzU3Zjgy
LzEvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTA+BAIAATA4AwQDBSLgAwQE
URRwAwQEUVrAAwQDgsFgMAwDBAK5S5QDBAC5S5YDBAK5XiQDBAS8SiADBAXUZSAw
GwQCAAIwFQMFACoCExgDBQMqA0sgAwUAKgNogDANBgkqhkiG9w0BAQsFAAOCAQEA
GwPnrau5pfoZHCoqXtgsq8cwJ7QAujl+XcUMNVM6c03VO60X655OQiJcIFJBNqG8
1UG+ujqgLehlmqlHvpDk0LpObR999l8M5LthYTRCf4UZ1R3ZHvEQQ14gI9h2ZTf2
gpY/rpkC7FJLwqQGOvHJmUlrpbrOraER/0q6ARlTJrsM8K0Xgi9J8vMiw0eca1WX
yuVBfvvJW0WpJ/qGYtS8Ra7UjMJZ4ko0uz//cnSb3TPdx2lCnc+r07ak1AGEhV5N
TrlM7SNlEvRoK5Q2VYnKLLuP8zjefpH/uwOBd0qzU+5M2erdJOh7tq9mvcDgDF7O
QjYPXmue1h+qIazg1vUQ3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:28 2024 by rpki-client on console-fra.rpki-client.org