Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/H8EK0PKfrOM4GCAfGEPQbBfO3MI.roa
File: H8EK0PKfrOM4GCAfGEPQbBfO3MI.roa (raw, json)
Hash identifier: 9TwJu81shcOwwOK0jczH4e3EiEQ+IwB7cMRMlEOjsRI=
Subject key identifier: 1F:C1:0A:D0:F2:9F:AC:E3:38:18:20:1F:18:43:D0:6C:17:CE:DC:C2
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 018FBE66DAB7EC6C258095221A54E61A27E8
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/H8EK0PKfrOM4GCAfGEPQbBfO3MI.roa
Signing time: Tue 28 May 2024 08:52:42 +0000
ROA not before: Tue 28 May 2024 08:52:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6848
IP address blocks: 5.23.128.0/17 maxlen: 17
46.253.160.0/20 maxlen: 20
62.205.64.0/18 maxlen: 18
78.20.0.0/14 maxlen: 14
78.29.192.0/18 maxlen: 18
81.82.0.0/15 maxlen: 15
81.164.0.0/15 maxlen: 15
82.143.64.0/18 maxlen: 18
82.210.64.0/19 maxlen: 19
83.217.128.0/19 maxlen: 19
84.192.0.0/13 maxlen: 13
85.28.64.0/18 maxlen: 18
85.255.200.0/24 maxlen: 24
85.255.201.0/24 maxlen: 24
94.72.64.0/19 maxlen: 19
94.224.0.0/14 maxlen: 14
141.134.0.0/15 maxlen: 15
157.173.128.0/18 maxlen: 18
178.116.0.0/14 maxlen: 14
185.23.244.0/22 maxlen: 22
185.30.52.0/22 maxlen: 22
185.248.40.0/22 maxlen: 22
185.248.41.0/24 maxlen: 24
188.44.64.0/19 maxlen: 19
188.95.146.0/23 maxlen: 23
188.188.0.0/15 maxlen: 15
195.16.0.0/19 maxlen: 19
195.130.128.0/19 maxlen: 19
195.162.192.0/19 maxlen: 19
212.76.224.0/19 maxlen: 19
212.88.224.0/19 maxlen: 19
212.123.0.0/19 maxlen: 19
213.118.0.0/15 maxlen: 15
213.132.128.0/19 maxlen: 19
213.214.32.0/19 maxlen: 19
213.224.0.0/16 maxlen: 16
213.251.64.0/18 maxlen: 18
217.72.224.0/20 maxlen: 20
217.168.120.0/21 maxlen: 21
2a00:1cf8::/32 maxlen: 32
2a02:1800::/24 maxlen: 24
2a02:1800:101::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 18 Jun 2024 08:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:be:66:da:b7:ec:6c:25:80:95:22:1a:54:e6:1a:27:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: May 28 08:52:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fc10ad0f29face33818201f1843d06c17cedcc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5b:29:a9:95:fa:f3:63:10:19:9b:2c:1e:c8:
cf:3b:8f:f7:b5:0f:d8:74:b5:84:d7:a6:98:56:64:
94:f3:67:8b:ac:49:7c:fe:08:82:3e:94:5a:06:3c:
3c:83:ed:6d:29:a2:e4:c9:1e:d8:c6:8a:f8:f3:d9:
70:89:4e:e6:5e:8c:63:95:77:52:d8:fe:0f:4e:f2:
71:23:92:46:29:5e:ab:cd:ba:14:f5:80:42:5a:92:
93:ea:22:49:7f:bf:00:91:0f:e7:ad:8d:6f:d5:4d:
9f:c7:7c:78:b0:0a:c1:fd:a6:cc:70:73:20:12:1c:
7e:02:48:4e:9c:d2:47:a7:cb:43:5a:6a:8e:47:6e:
cf:25:cd:e8:bf:1c:f8:d4:89:41:ea:5e:73:42:a7:
dc:3a:ac:e1:01:87:e2:57:93:6b:07:cc:0c:5b:bb:
48:a6:1f:66:66:a7:20:a6:7f:86:70:3c:56:8e:a7:
d2:72:07:25:c9:f8:a1:71:cc:71:0a:78:3f:6c:09:
e7:7a:eb:d1:bc:96:2b:06:b3:9f:a1:c2:be:36:76:
ca:37:73:3e:86:ae:29:44:c1:aa:32:fc:99:4b:65:
e8:2e:85:89:46:3c:9c:10:8a:cc:8f:d9:15:8d:6c:
a7:34:22:2d:26:c7:92:b6:d2:05:a0:d3:66:c9:f9:
db:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C1:0A:D0:F2:9F:AC:E3:38:18:20:1F:18:43:D0:6C:17:CE:DC:C2
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/H8EK0PKfrOM4GCAfGEPQbBfO3MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.128.0/17
46.253.160.0/20
62.205.64.0/18
78.20.0.0/14
78.29.192.0/18
81.82.0.0/15
81.164.0.0/15
82.143.64.0/18
82.210.64.0/19
83.217.128.0/19
84.192.0.0/13
85.28.64.0/18
85.255.200.0/23
94.72.64.0/19
94.224.0.0/14
141.134.0.0/15
157.173.128.0/18
178.116.0.0/14
185.23.244.0/22
185.30.52.0/22
185.248.40.0/22
188.44.64.0/19
188.95.146.0/23
188.188.0.0/15
195.16.0.0/19
195.130.128.0/19
195.162.192.0/19
212.76.224.0/19
212.88.224.0/19
212.123.0.0/19
213.118.0.0/15
213.132.128.0/19
213.214.32.0/19
213.224.0.0/16
213.251.64.0/18
217.72.224.0/20
217.168.120.0/21
IPv6:
2a00:1cf8::/32
2a02:1800::/24
Signature Algorithm: sha256WithRSAEncryption
79:ab:30:04:e1:00:7b:19:0f:0b:96:a9:66:fa:e3:93:ae:c3:
bb:3a:4f:22:41:2c:9e:3b:5d:cc:77:9b:98:a7:d8:74:d4:6b:
a1:76:ef:2f:85:f5:b9:b3:a7:68:b3:e1:30:22:bb:09:f7:05:
e0:3d:6d:f9:02:6e:55:f4:a8:2a:16:39:20:99:4b:8a:60:06:
5c:4d:60:48:bf:6e:97:ba:ab:46:54:35:84:3c:9c:2e:1c:cb:
e5:ef:0f:b8:d2:5f:f1:8c:42:6e:0b:44:a4:96:cc:f7:30:03:
1b:31:bb:b8:c6:1a:ce:71:5d:6b:ea:5f:16:3d:e0:bb:44:9d:
e5:e9:c0:21:e5:48:1f:93:09:49:a5:6f:df:10:5e:a2:72:81:
03:61:4a:d1:e7:ad:36:e8:2e:45:44:63:aa:8b:c8:89:3f:08:
96:e5:16:b4:30:94:5a:8d:37:70:43:b5:b0:64:29:fc:10:e7:
41:20:25:b2:09:3b:8c:10:6c:8b:67:d8:4a:0b:a7:93:87:c4:
b2:32:02:e3:43:ff:89:38:9a:3c:16:ef:eb:00:57:83:37:e3:
94:cd:4b:c1:fa:a5:37:bf:19:59:40:8e:83:dc:8b:8f:8b:1c:
4b:a4:2d:a3:af:32:8c:e9:7d:79:46:b9:2e:ec:54:90:60:30:
d8:c2:2d:dc
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAY++Ztq37GwlgJUiGlTmGifoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjQwNTI4MDg1MjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmMxMGFkMGYyOWZhY2UzMzgxODIwMWYxODQzZDA2YzE3Y2VkY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslspqZX682MQGZssHsjPO4/3tQ/Y
dLWE16aYVmSU82eLrEl8/giCPpRaBjw8g+1tKaLkyR7Yxor489lwiU7mXoxjlXdS
2P4PTvJxI5JGKV6rzboU9YBCWpKT6iJJf78AkQ/nrY1v1U2fx3x4sArB/abMcHMg
Ehx+AkhOnNJHp8tDWmqOR27PJc3ovxz41IlB6l5zQqfcOqzhAYfiV5NrB8wMW7tI
ph9mZqcgpn+GcDxWjqfScgclyfihccxxCng/bAnneuvRvJYrBrOfocK+NnbKN3M+
hq4pRMGqMvyZS2XoLoWJRjycEIrMj9kVjWynNCItJseSttIFoNNmyfnboQIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFB/BCtDyn6zjOBggHxhD0GwXztzCMB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvSDhFSzBQS2ZyT000R0NBZkdFUFFiQmZPM01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgdsEAgABMIHUAwQH
BReAAwQELv2gAwQGPs1AAwMCThQDBAZOHcADAwFRUgMDAVGkAwQGUo9AAwQFUtJA
AwQFU9mAAwMDVMADBAZVHEADBAFV/8gDBAVeSEADAwJe4AMDAY2GAwQGna2AAwMC
snQDBAK5F/QDBAK5HjQDBAK5+CgDBAW8LEADBAG8X5IDAwG8vAMEBcMQAAMEBcOC
gAMEBcOiwAMEBdRM4AMEBdRY4AMEBdR7AAMDAdV2AwQF1YSAAwQF1dYgAwMA1eAD
BAbV+0ADBATZSOADBAPZqHgwEwQCAAIwDQMFACoAHPgDBAAqAhgwDQYJKoZIhvcN
AQELBQADggEBAHmrMAThAHsZDwuWqWb645Ouw7s6TyJBLJ47Xcx3m5in2HTUa6F2
7y+F9bmzp2iz4TAiuwn3BeA9bfkCblX0qCoWOSCZS4pgBlxNYEi/bpe6q0ZUNYQ8
nC4cy+XvD7jSX/GMQm4LRKSWzPcwAxsxu7jGGs5xXWvqXxY94LtEneXpwCHlSB+T
CUmlb98QXqJygQNhStHnrTboLkVEY6qLyIk/CJblFrQwlFqNN3BDtbBkKfwQ50Eg
JbIJO4wQbItn2EoLp5OHxLIyAuND/4k4mjwW7+sAV4M345TNS8H6pTe/GVlAjoPc
i4+LHEukLaOvMozpfXlGuS7sVJBgMNjCLdw=
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:54:40 2024 by rpki-client on console-ams.rpki-client.org