Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/F_kM_UQoYl3JPlLsw0kIazVIUqg.roa
File: F_kM_UQoYl3JPlLsw0kIazVIUqg.roa (raw, json)
Hash identifier: vAMHnqTGBb8z82inqkzl4v9CqmMkk6BqXEnCSMDG8Hs=
Subject key identifier: 17:F9:0C:FD:44:28:62:5D:C9:3E:52:EC:C3:49:08:6B:35:48:52:A8
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 018BD0F5E391CB31ED9ADDAEEB139D5957DA
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/F_kM_UQoYl3JPlLsw0kIazVIUqg.roa
Signing time: Wed 15 Nov 2023 03:10:57 +0000
ROA not before: Wed 15 Nov 2023 03:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23764
IP address blocks: 5.10.136.112/29 maxlen: 29
95.130.192.0/24 maxlen: 24
95.130.199.0/24 maxlen: 24
95.130.194.0/24 maxlen: 24
5.154.128.0/24 maxlen: 24
5.154.129.0/24 maxlen: 24
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.154.144.0/24 maxlen: 24
5.154.145.0/24 maxlen: 24
5.154.146.0/24 maxlen: 24
5.154.147.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
5.154.154.0/24 maxlen: 24
5.154.155.0/24 maxlen: 24
5.154.156.0/24 maxlen: 24
5.154.157.0/24 maxlen: 24
87.120.16.0/24 maxlen: 24
87.120.17.0/24 maxlen: 24
87.120.23.0/24 maxlen: 24
87.120.24.0/24 maxlen: 24
87.120.18.0/24 maxlen: 24
87.120.19.0/24 maxlen: 24
87.120.20.0/24 maxlen: 24
87.120.21.0/24 maxlen: 24
87.120.22.0/24 maxlen: 24
87.120.25.0/24 maxlen: 24
87.120.26.0/24 maxlen: 24
87.120.27.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
79.139.0.0/24 maxlen: 24
79.139.1.0/24 maxlen: 24
79.139.2.0/24 maxlen: 24
79.139.3.0/24 maxlen: 24
79.139.4.0/24 maxlen: 24
79.139.6.0/24 maxlen: 24
79.139.7.0/24 maxlen: 24
79.139.8.0/24 maxlen: 24
79.139.9.0/24 maxlen: 24
79.139.10.0/24 maxlen: 24
79.139.11.0/24 maxlen: 24
79.139.5.0/24 maxlen: 24
79.139.13.0/24 maxlen: 24
79.139.14.0/24 maxlen: 24
79.139.12.0/24 maxlen: 24
5.10.136.208/30 maxlen: 30
145.14.66.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
2a04:f581:a00e:a004::/64 maxlen: 64
2a04:f581:a00f::/48 maxlen: 48
2a04:f581:a00e:a003::/64 maxlen: 64
2a04:f581:110b::/48 maxlen: 48
2a04:f581:82b0::/48 maxlen: 48
2a04:f581:80b0::/48 maxlen: 48
2a04:f581:81b0::/48 maxlen: 48
2a04:f581:8070::/48 maxlen: 48
2a04:f581:8270::/48 maxlen: 48
2a04:f581:8170::/48 maxlen: 48
2a04:f580:9210::/48 maxlen: 48
2a04:f581:110a::/48 maxlen: 48
2a04:f581:8240::/48 maxlen: 48
2a04:f581:8040::/48 maxlen: 48
2a04:f581:8140::/48 maxlen: 48
2a04:f580:9030:100::/56 maxlen: 56
2a04:f581:a00e:a002::/64 maxlen: 64
2a04:f581:a00e:a001::/64 maxlen: 64
2a04:f581:8190::/48 maxlen: 48
2a04:f581:8090::/48 maxlen: 48
2a04:f581:8290::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d0:f5:e3:91:cb:31:ed:9a:dd:ae:eb:13:9d:59:57:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Nov 15 03:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17f90cfd4428625dc93e52ecc349086b354852a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a9:fa:59:37:4b:78:b7:1d:2d:0b:6a:7b:4f:
da:cb:69:21:16:02:e4:8d:a0:25:46:2d:45:eb:40:
c9:7c:b0:3b:30:d9:c8:1f:6d:f7:c8:25:85:d8:66:
0b:13:b3:02:74:72:05:97:dc:8c:2b:e6:f5:21:51:
ed:8b:1f:ce:d7:24:ee:2b:2d:86:ad:90:b1:0c:19:
0e:74:e3:6b:42:59:d9:4d:ba:19:63:b9:ee:32:52:
ed:bb:9f:59:98:0a:0f:08:5a:5a:46:38:dd:1d:32:
82:2d:f9:2c:71:0c:49:95:5e:ee:be:78:5c:3b:f0:
91:2e:fb:5a:c4:ee:52:fe:ca:d3:c9:61:29:e0:84:
70:88:f1:d4:63:f7:f6:ca:eb:91:cf:65:9e:f1:67:
ec:69:b3:fd:1e:1a:72:c3:97:1f:6a:80:fe:ef:75:
df:9f:62:cf:a8:a1:26:8f:fe:47:a3:8c:6c:bc:07:
36:13:c5:a4:38:e9:49:aa:41:f0:37:07:58:8c:04:
dd:80:cc:fd:80:0f:54:e9:dd:9c:11:d0:2b:3a:15:
6a:a1:34:59:08:55:6d:80:88:d9:69:ea:3b:c0:bd:
86:a0:eb:2b:fa:52:a7:75:ee:06:3a:8e:3e:80:44:
96:f0:53:4a:ff:36:6d:0c:45:47:7a:d6:ad:a9:e8:
61:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F9:0C:FD:44:28:62:5D:C9:3E:52:EC:C3:49:08:6B:35:48:52:A8
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/F_kM_UQoYl3JPlLsw0kIazVIUqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.112/29
5.10.136.208/30
5.10.141.8/30
5.10.141.136/30
5.154.128.0/23
5.154.144.0/22
5.154.154.0-5.154.159.255
79.139.0.0-79.139.14.255
87.120.16.0-87.120.27.255
95.130.192.0/24
95.130.194.0/24
95.130.199.0/24
145.14.66.0/24
145.14.68.0/24
145.14.70.0/24
145.14.73.0/24
145.14.76.0-145.14.78.255
145.14.80.0/24
145.14.83.0/24
145.14.85.0/24
145.14.87.0/24
145.14.89.0/24
145.14.91.0/24
145.14.93.0/24
IPv6:
2a04:f580:9030:100::/56
2a04:f580:9210::/48
2a04:f581:110a::/47
2a04:f581:8040::/48
2a04:f581:8070::/48
2a04:f581:8090::/48
2a04:f581:80b0::/48
2a04:f581:8140::/48
2a04:f581:8170::/48
2a04:f581:8190::/48
2a04:f581:81b0::/48
2a04:f581:8240::/48
2a04:f581:8270::/48
2a04:f581:8290::/48
2a04:f581:82b0::/48
2a04:f581:a00e:a001::-2a04:f581:a00e:a004:ffff:ffff:ffff:ffff
2a04:f581:a00f::/48
Signature Algorithm: sha256WithRSAEncryption
82:fb:a4:e4:e5:c2:10:4f:56:00:e6:4c:60:54:36:84:0e:75:
4f:99:6e:3b:c8:26:99:28:b2:43:8e:2a:d0:0a:5c:38:2f:2a:
1e:ce:d4:6e:90:45:87:da:d5:4b:74:8b:69:75:2c:4d:af:99:
b4:22:7f:fd:cd:15:ba:ea:2e:ee:d2:e3:61:cd:12:6d:cb:43:
a8:74:7b:25:4c:82:c4:27:6b:1f:3c:e0:55:9f:ae:fd:c9:4b:
b0:4b:df:33:3d:54:e5:26:d0:e8:e4:64:95:98:cd:96:58:ac:
68:bf:dc:d2:79:b8:3a:27:71:af:62:ae:78:a4:6a:a5:03:67:
af:e1:c7:2e:81:29:5d:78:e1:43:96:f0:6d:06:5d:d9:67:c7:
09:35:23:27:b0:be:c3:db:79:f8:8f:73:b3:05:68:de:ed:bc:
f6:be:87:72:82:92:46:f1:fe:fb:7b:c9:75:d8:12:08:ef:a8:
cd:0f:3c:f5:0c:7f:cd:22:86:e5:50:aa:b8:f9:aa:03:cf:32:
e5:ae:a6:76:65:0b:f7:cd:ae:80:13:f4:62:25:a4:84:71:a3:
f4:3b:87:6b:ca:ea:e7:d4:b2:29:88:ef:15:3f:80:a3:f5:74:
33:78:f5:c6:19:04:11:8b:3d:43:58:85:d6:61:aa:fe:6d:88:
7c:84:2b:6a
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAYvQ9eORyzHtmt2u6xOdWVfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjMxMTE1MDMxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2Y5MGNmZDQ0Mjg2MjVkYzkzZTUyZWNjMzQ5MDg2YjM1NDg1MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKn6WTdLeLcdLQtqe0/ay2khFgLk
jaAlRi1F60DJfLA7MNnIH233yCWF2GYLE7MCdHIFl9yMK+b1IVHtix/O1yTuKy2G
rZCxDBkOdONrQlnZTboZY7nuMlLtu59ZmAoPCFpaRjjdHTKCLfkscQxJlV7uvnhc
O/CRLvtaxO5S/srTyWEp4IRwiPHUY/f2yuuRz2We8WfsabP9Hhpyw5cfaoD+73Xf
n2LPqKEmj/5Ho4xsvAc2E8WkOOlJqkHwNwdYjATdgMz9gA9U6d2cEdArOhVqoTRZ
CFVtgIjZaeo7wL2GoOsr+lKnde4GOo4+gESW8FNK/zZtDEVHetatqehhLQIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFBf5DP1EKGJdyT5S7MNJCGs1SFKoMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvRl9rTV9VUW9ZbDNKUGxMc3cwa0lhelZJVXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCBugQCAAEwgbMD
BQMFCohwAwUCBQqI0AMFAgUKjQgDBQIFCo2IAwQBBZqAAwQCBZqQMAwDBAEFmpoD
BAUFmoAwCwMDAE+LAwQAT4sOMAwDBARXeBADBAJXeBgDBABfgsADBABfgsIDBABf
gscDBACRDkIDBACRDkQDBACRDkYDBACRDkkwDAMEApEOTAMEAJEOTgMEAJEOUAME
AJEOUwMEAJEOVQMEAJEOVwMEAJEOWQMEAJEOWwMEAJEOXTCBsAQCAAIwgakDCAAq
BPWAkDABAwcAKgT1gJIQAwcBKgT1gREKAwcAKgT1gYBAAwcAKgT1gYBwAwcAKgT1
gYCQAwcAKgT1gYCwAwcAKgT1gYFAAwcAKgT1gYFwAwcAKgT1gYGQAwcAKgT1gYGw
AwcAKgT1gYJAAwcAKgT1gYJwAwcAKgT1gYKQAwcAKgT1gYKwMBYDCQAqBPWBoA6g
AQMJACoE9YGgDqAEAwcAKgT1gaAPMA0GCSqGSIb3DQEBCwUAA4IBAQCC+6Tk5cIQ
T1YA5kxgVDaEDnVPmW47yCaZKLJDjirQClw4LyoeztRukEWH2tVLdItpdSxNr5m0
In/9zRW66i7u0uNhzRJty0OodHslTILEJ2sfPOBVn679yUuwS98zPVTlJtDo5GSV
mM2WWKxov9zSebg6J3GvYq54pGqlA2ev4ccugSldeOFDlvBtBl3ZZ8cJNSMnsL7D
23n4j3OzBWje7bz2vodygpJG8f77e8l12BII76jNDzz1DH/NIoblUKq4+aoDzzLl
rqZ2ZQv3za6AE/RiJaSEcaP0O4dryurn1LIpiO8VP4Cj9XQzePXGGQQRiz1DWIXW
Yar+bYh8hCtq
-----END CERTIFICATE-----
Generated at Wed Nov 22 16:51:55 2023 by rpki-client on console-fra.rpki-client.org