Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/HL5vq-sKsBYPMBnSZ7dztaWznJg.roa
File: HL5vq-sKsBYPMBnSZ7dztaWznJg.roa (raw, json)
Hash identifier: GzuMZIHX3LvmsnZ6riYjgwonLvAZZD2AX/Hitu+3390=
Subject key identifier: 1C:BE:6F:AB:EB:0A:B0:16:0F:30:19:D2:67:B7:73:B5:A5:B3:9C:98
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 0192CE4BA629B54C4580B04B51D0EE9B52B6
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/HL5vq-sKsBYPMBnSZ7dztaWznJg.roa
Signing time: Sun 27 Oct 2024 14:05:17 +0000
ROA not before: Sun 27 Oct 2024 14:05:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202468
IP address blocks: 37.32.0.0/19 maxlen: 24
37.32.0.0/22 maxlen: 22
37.32.4.0/22 maxlen: 22
37.32.8.0/22 maxlen: 22
37.32.12.0/22 maxlen: 22
37.32.16.0/24 maxlen: 24
37.32.17.0/24 maxlen: 24
37.32.18.0/24 maxlen: 24
37.32.19.0/24 maxlen: 24
37.32.20.0/22 maxlen: 22
37.32.24.0/22 maxlen: 22
37.32.28.0/22 maxlen: 24
37.152.176.0/20 maxlen: 24
37.152.184.0/24 maxlen: 24
94.101.176.0/20 maxlen: 24
94.101.180.0/23 maxlen: 23
94.101.180.0/24 maxlen: 24
94.101.182.0/24 maxlen: 24
94.101.184.0/21 maxlen: 24
185.97.116.0/22 maxlen: 24
185.143.232.0/22 maxlen: 24
185.206.92.0/22 maxlen: 24
185.220.224.0/22 maxlen: 22
185.220.224.0/24 maxlen: 24
185.220.225.0/24 maxlen: 24
185.220.226.0/24 maxlen: 24
185.220.227.0/24 maxlen: 24
185.226.116.0/22 maxlen: 24
185.228.236.0/22 maxlen: 22
185.228.236.0/24 maxlen: 24
185.228.237.0/24 maxlen: 24
185.228.238.0/24 maxlen: 24
185.228.239.0/24 maxlen: 24
185.231.180.0/22 maxlen: 22
185.239.104.0/22 maxlen: 24
185.239.104.0/24 maxlen: 24
185.239.105.0/24 maxlen: 24
185.239.106.0/23 maxlen: 23
188.121.96.0/19 maxlen: 24
188.121.104.0/22 maxlen: 22
188.121.108.0/22 maxlen: 22
188.121.120.0/21 maxlen: 24
188.121.124.0/23 maxlen: 23
188.121.127.0/24 maxlen: 24
193.176.240.0/22 maxlen: 24
193.176.242.0/23 maxlen: 23
2a07:3900::/29 maxlen: 29
2a07:3900::/32 maxlen: 32
2a07:3900::/48 maxlen: 48
2a07:3900:1::/48 maxlen: 48
2a07:3901::/32 maxlen: 32
2a07:3902::/32 maxlen: 32
2a07:3902:100::/40 maxlen: 40
2a07:3902:200::/40 maxlen: 40
2a07:3902:300::/40 maxlen: 40
2a07:3902:400::/40 maxlen: 40
2a07:3902:500::/40 maxlen: 40
2a07:3902:a100::/40 maxlen: 40
2a07:3903::/32 maxlen: 32
2a07:3904::/32 maxlen: 32
2a07:3905::/32 maxlen: 32
2a07:3906::/32 maxlen: 32
2a07:3907::/32 maxlen: 32
2a07:3907::/40 maxlen: 40
2a0c:a7c0::/29 maxlen: 29
2a0c:a7c0::/48 maxlen: 48
2a0c:a7c0:1::/48 maxlen: 48
2a0c:a7c0:2::/48 maxlen: 48
2a0c:a7c0:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 29 Oct 2024 08:53:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ce:4b:a6:29:b5:4c:45:80:b0:4b:51:d0:ee:9b:52:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Oct 27 14:05:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cbe6fabeb0ab0160f3019d267b773b5a5b39c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:04:41:03:67:0e:12:f9:c0:26:cd:90:a1:d4:
b3:d1:b2:d5:75:7f:96:6f:b0:21:d8:9a:19:72:32:
5f:aa:1c:c5:b5:57:cf:ae:89:d4:36:0d:e2:4e:e0:
db:72:86:50:76:c3:ea:b4:cc:f4:a9:40:1a:55:0a:
26:f6:1a:74:29:13:ce:b8:7d:92:5f:1c:80:e0:e7:
59:7f:56:eb:1d:46:8f:88:86:48:b9:e9:68:63:ca:
33:f2:81:cd:fa:5a:d0:3d:a4:31:43:e7:08:dc:bc:
df:f3:b2:f1:10:11:83:25:fa:b4:3f:cb:be:5c:2c:
3b:ad:45:55:01:42:48:40:69:7d:c7:ec:70:fc:57:
5a:b6:fe:c0:48:74:63:76:8c:e3:2d:75:c8:b3:7c:
83:65:28:fa:f5:b1:de:49:c6:e4:37:d3:47:61:52:
aa:48:25:0b:3f:53:39:8c:e3:96:13:8d:69:5e:16:
19:f1:11:25:84:5c:38:48:fd:e6:0f:c3:09:d8:88:
8e:b1:bc:c7:7e:37:a1:f9:ae:01:40:46:37:11:78:
71:27:d6:77:96:8f:25:7f:63:f6:c0:54:d5:e4:89:
34:53:85:7f:d0:7c:82:c7:a4:4c:71:7a:0f:bf:d3:
4e:cb:c2:3c:50:05:b0:74:b8:c7:00:8a:53:be:aa:
a6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BE:6F:AB:EB:0A:B0:16:0F:30:19:D2:67:B7:73:B5:A5:B3:9C:98
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/HL5vq-sKsBYPMBnSZ7dztaWznJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.0.0/19
37.152.176.0/20
94.101.176.0/20
185.97.116.0/22
185.143.232.0/22
185.206.92.0/22
185.220.224.0/22
185.226.116.0/22
185.228.236.0/22
185.231.180.0/22
185.239.104.0/22
188.121.96.0/19
193.176.240.0/22
IPv6:
2a07:3900::/29
2a0c:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:48:a1:1b:ac:b1:07:7c:5a:07:21:d2:11:ad:f6:1a:9f:25:
d4:46:d7:9b:61:e1:77:7a:b9:51:8c:c3:c1:4a:78:2f:46:eb:
35:02:77:3f:ff:eb:b2:63:1c:cd:c8:24:7d:47:72:73:ca:2a:
ad:e5:3c:bb:87:61:4a:07:97:f3:6c:cb:99:f5:0e:45:c3:a6:
7c:2c:3c:27:87:89:45:40:2d:83:03:a8:e3:ea:cb:b8:14:2a:
c3:5b:8f:db:8e:dd:2a:2e:8a:16:5c:e8:65:df:7a:11:34:6e:
3e:1d:28:eb:bd:4a:bf:5f:3f:d7:16:61:ae:50:73:31:5f:79:
c2:f7:77:80:20:c4:e2:7d:5b:55:fa:be:94:d1:50:23:d6:51:
ee:bd:98:be:bd:7d:8a:e8:51:43:c4:6e:44:df:e5:5b:e9:f4:
d9:c3:d3:85:8a:d7:96:73:0e:2c:7b:c2:d3:8a:1e:32:55:6c:
bb:f9:7a:37:80:a3:ec:cb:96:5c:d4:2f:e1:14:e7:e1:17:6d:
85:48:27:59:56:ee:fe:8e:ff:22:13:3b:80:53:52:7e:59:8b:
e8:94:54:c7:4c:f8:d6:51:3d:eb:81:7a:33:35:6a:3b:df:14:
a7:dc:85:18:bc:0e:19:96:a3:30:60:c4:e8:c0:86:60:f8:39:
89:9e:cb:80
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZLOS6YptUxFgLBLUdDum1K2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjQxMDI3MTQwNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2JlNmZhYmViMGFiMDE2MGYzMDE5ZDI2N2I3NzNiNWE1YjM5Yzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxARBA2cOEvnAJs2QodSz0bLVdX+W
b7Ah2JoZcjJfqhzFtVfPronUNg3iTuDbcoZQdsPqtMz0qUAaVQom9hp0KRPOuH2S
XxyA4OdZf1brHUaPiIZIueloY8oz8oHN+lrQPaQxQ+cI3Lzf87LxEBGDJfq0P8u+
XCw7rUVVAUJIQGl9x+xw/Fdatv7ASHRjdozjLXXIs3yDZSj69bHeScbkN9NHYVKq
SCULP1M5jOOWE41pXhYZ8RElhFw4SP3mD8MJ2IiOsbzHfjeh+a4BQEY3EXhxJ9Z3
lo8lf2P2wFTV5Ik0U4V/0HyCx6RMcXoPv9NOy8I8UAWwdLjHAIpTvqqmEQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFBy+b6vrCrAWDzAZ0me3c7Wls5yYMB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvSEw1dnEtc0tzQllQTUJuU1o3ZHp0YVd6bkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQFJSAAAwQE
JZiwAwQEXmWwAwQCuWF0AwQCuY/oAwQCuc5cAwQCudzgAwQCueJ0AwQCueTsAwQC
uee0AwQCue9oAwQFvHlgAwQCwbDwMBQEAgACMA4DBQMqBzkAAwUDKgynwDANBgkq
hkiG9w0BAQsFAAOCAQEAPUihG6yxB3xaByHSEa32Gp8l1EbXm2Hhd3q5UYzDwUp4
L0brNQJ3P//rsmMczcgkfUdyc8oqreU8u4dhSgeX82zLmfUORcOmfCw8J4eJRUAt
gwOo4+rLuBQqw1uP247dKi6KFlzoZd96ETRuPh0o671Kv18/1xZhrlBzMV95wvd3
gCDE4n1bVfq+lNFQI9ZR7r2Yvr19iuhRQ8RuRN/lW+n02cPThYrXlnMOLHvC04oe
MlVsu/l6N4Cj7MuWXNQv4RTn4RdthUgnWVbu/o7/IhM7gFNSflmL6JRUx0z41lE9
64F6MzVqO98Up9yFGLwOGZajMGDE6MCGYPg5iZ7LgA==
-----END CERTIFICATE-----
Generated at Mon May 12 16:56:21 2025 by rpki-client