Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/MeJJviJmYZ48_tM0qGneLrqkC9A.roa
File: MeJJviJmYZ48_tM0qGneLrqkC9A.roa (raw, json)
Hash identifier: k9IciKIoAn8TI90cNBTXJGtD+1SMLfjv6AQK0FOLiH8=
Subject key identifier: 31:E2:49:BE:22:66:61:9E:3C:FE:D3:34:A8:69:DE:2E:BA:A4:0B:D0
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 019422FB3B6C0D13ED79A95F0898362148C4
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/MeJJviJmYZ48_tM0qGneLrqkC9A.roa
Signing time: Wed 01 Jan 2025 17:47:57 +0000
ROA not before: Wed 01 Jan 2025 17:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23764
IP address blocks: 5.10.136.0/24 maxlen: 24
5.10.136.112/29 maxlen: 29
5.10.136.208/30 maxlen: 30
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.10.142.0/24 maxlen: 24
5.154.128.0/24 maxlen: 24
5.154.129.0/24 maxlen: 24
5.154.144.0/24 maxlen: 24
5.154.145.0/24 maxlen: 24
5.154.146.0/24 maxlen: 24
5.154.147.0/24 maxlen: 24
5.154.154.0/24 maxlen: 24
5.154.155.0/24 maxlen: 24
5.154.156.0/24 maxlen: 24
5.154.157.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
79.139.0.0/24 maxlen: 24
79.139.1.0/24 maxlen: 24
79.139.2.0/24 maxlen: 24
79.139.3.0/24 maxlen: 24
79.139.4.0/24 maxlen: 24
79.139.5.0/24 maxlen: 24
79.139.6.0/24 maxlen: 24
79.139.7.0/24 maxlen: 24
79.139.8.0/24 maxlen: 24
79.139.9.0/24 maxlen: 24
79.139.10.0/24 maxlen: 24
79.139.11.0/24 maxlen: 24
79.139.12.0/24 maxlen: 24
79.139.13.0/24 maxlen: 24
79.139.14.0/24 maxlen: 24
79.139.15.0/24 maxlen: 24
87.120.16.0/24 maxlen: 24
87.120.17.0/24 maxlen: 24
87.120.18.0/24 maxlen: 24
87.120.19.0/24 maxlen: 24
87.120.20.0/24 maxlen: 24
87.120.21.0/24 maxlen: 24
87.120.22.0/24 maxlen: 24
87.120.23.0/24 maxlen: 24
87.120.24.0/24 maxlen: 24
87.120.25.0/24 maxlen: 24
87.120.26.0/24 maxlen: 24
87.120.27.0/24 maxlen: 24
95.130.192.0/24 maxlen: 24
95.130.194.0/24 maxlen: 24
95.130.199.0/24 maxlen: 24
145.14.64.0/24 maxlen: 24
145.14.66.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.69.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.92.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
2a04:f580:9001::/48 maxlen: 48
2a04:f580:9030:100::/56 maxlen: 56
2a04:f580:9210::/48 maxlen: 48
2a04:f581:110a::/48 maxlen: 48
2a04:f581:110b::/48 maxlen: 48
2a04:f581:8040::/48 maxlen: 48
2a04:f581:8070::/48 maxlen: 48
2a04:f581:8090::/48 maxlen: 48
2a04:f581:80b0::/48 maxlen: 48
2a04:f581:8140::/48 maxlen: 48
2a04:f581:8170::/48 maxlen: 48
2a04:f581:8190::/48 maxlen: 48
2a04:f581:81b0::/48 maxlen: 48
2a04:f581:8240::/48 maxlen: 48
2a04:f581:8270::/48 maxlen: 48
2a04:f581:8290::/48 maxlen: 48
2a04:f581:82b0::/48 maxlen: 48
2a04:f581:a00e:a001::/64 maxlen: 64
2a04:f581:a00e:a002::/64 maxlen: 64
2a04:f581:a00e:a003::/64 maxlen: 64
2a04:f581:a00e:a004::/64 maxlen: 64
2a04:f581:a00f::/48 maxlen: 48
2a04:f581:a111::/48 maxlen: 48
2a04:f581:a123::/48 maxlen: 48
2a04:f581:a125::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 15 Jan 2025 10:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:3b:6c:0d:13:ed:79:a9:5f:08:98:36:21:48:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Jan 1 17:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31e249be2266619e3cfed334a869de2ebaa40bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:44:b6:27:20:d9:4e:47:d3:39:9b:c1:c7:ae:
67:37:be:58:0c:76:df:f1:fc:c1:d9:ba:1f:93:9d:
d2:02:9d:31:13:d3:49:da:4b:97:64:0b:2e:1b:e3:
0a:06:8f:36:e7:cd:70:39:f1:6b:f2:d3:05:d6:6a:
80:c2:df:70:39:da:84:f1:be:5f:bf:61:97:7c:45:
e6:04:53:9a:60:4d:0b:d6:28:8e:08:01:50:40:76:
84:89:b1:af:31:3f:82:9e:26:e2:7a:0d:e0:47:97:
54:11:24:40:39:a1:6a:58:dc:a1:85:88:20:ca:09:
8e:d0:06:32:08:e2:d6:0b:03:bc:5f:14:32:eb:36:
ce:9d:fc:f8:fd:9e:41:db:1b:a5:23:9b:f1:2a:35:
9d:81:4b:5d:e7:9e:a3:4c:72:fa:8f:c6:9b:22:5a:
c8:28:8b:ad:4d:1d:aa:1c:1f:b6:c5:ce:fb:7c:ec:
ea:a7:c1:1a:38:6b:cd:12:18:5b:ed:e8:86:99:cc:
46:3d:7a:dc:90:10:0a:34:a8:f1:49:a9:8c:3e:70:
29:e1:04:df:e1:c2:b0:98:2e:45:93:b9:bc:f0:de:
5e:8e:5e:22:45:52:c6:b4:a5:3e:54:09:f8:4f:0c:
1f:96:a8:2b:17:ac:98:74:49:52:a8:be:d6:e4:93:
48:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E2:49:BE:22:66:61:9E:3C:FE:D3:34:A8:69:DE:2E:BA:A4:0B:D0
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/MeJJviJmYZ48_tM0qGneLrqkC9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.0/24
5.10.141.8/30
5.10.141.136/30
5.10.142.0/24
5.154.128.0/23
5.154.144.0/22
5.154.154.0-5.154.159.255
79.139.0.0/20
87.120.16.0-87.120.27.255
95.130.192.0/24
95.130.194.0/24
95.130.199.0/24
145.14.64.0/24
145.14.66.0/24
145.14.68.0-145.14.70.255
145.14.73.0/24
145.14.76.0-145.14.78.255
145.14.80.0/24
145.14.83.0/24
145.14.85.0/24
145.14.87.0/24
145.14.89.0/24
145.14.91.0-145.14.93.255
IPv6:
2a04:f580:9001::/48
2a04:f580:9030:100::/56
2a04:f580:9210::/48
2a04:f581:110a::/47
2a04:f581:8040::/48
2a04:f581:8070::/48
2a04:f581:8090::/48
2a04:f581:80b0::/48
2a04:f581:8140::/48
2a04:f581:8170::/48
2a04:f581:8190::/48
2a04:f581:81b0::/48
2a04:f581:8240::/48
2a04:f581:8270::/48
2a04:f581:8290::/48
2a04:f581:82b0::/48
2a04:f581:a00e:a001::-2a04:f581:a00e:a004:ffff:ffff:ffff:ffff
2a04:f581:a00f::/48
2a04:f581:a111::/48
2a04:f581:a123::/48
2a04:f581:a125::/48
Signature Algorithm: sha256WithRSAEncryption
c7:cd:94:55:79:3d:bf:79:65:69:26:b9:80:73:4e:a3:44:3a:
4d:a2:aa:48:f6:79:dc:91:1b:93:47:a5:0d:bf:01:e6:e4:a1:
96:74:3e:9a:52:94:05:71:42:7c:cb:6e:ff:2b:d4:fc:b7:d1:
81:09:f6:c1:ea:4d:1a:e9:d5:56:1f:88:27:18:13:d1:70:c0:
cc:4b:be:a8:3c:32:9c:1a:96:47:b1:c3:45:c4:0c:b3:cf:03:
0f:0d:e8:9b:61:2a:e3:66:f4:ee:20:0d:24:0b:c9:d2:f9:ca:
d4:45:cb:1f:24:8d:d2:18:0d:41:f6:c7:53:2c:8a:93:66:b7:
dd:e9:67:34:1b:80:ec:af:6d:81:cf:28:88:5b:80:29:f6:af:
62:b1:76:b3:fa:0c:82:2d:dc:50:00:c4:94:75:33:35:10:64:
f0:26:07:f5:08:32:1c:4f:0c:34:f1:79:61:69:7b:1a:8c:4a:
a9:c0:da:44:4a:f1:96:f1:78:a9:5b:6d:d2:d5:7b:dd:f2:eb:
a0:b9:26:8f:93:21:1d:93:23:84:37:90:fd:59:9d:60:e0:db:
5d:bc:76:a3:cb:a6:06:b0:ca:44:11:9c:59:5f:30:32:c4:95:
f0:92:1c:72:12:ca:23:f8:b5:64:0a:fc:fd:f3:80:4f:8a:5d:
de:b9:ad:f8
-----BEGIN CERTIFICATE-----
MIIGijCCBXKgAwIBAgISAZQi+ztsDRPtealfCJg2IUjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjUwMTAxMTc0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWUyNDliZTIyNjY2MTllM2NmZWQzMzRhODY5ZGUyZWJhYTQwYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArES2JyDZTkfTOZvBx65nN75YDHbf
8fzB2bofk53SAp0xE9NJ2kuXZAsuG+MKBo82581wOfFr8tMF1mqAwt9wOdqE8b5f
v2GXfEXmBFOaYE0L1iiOCAFQQHaEibGvMT+Cnibieg3gR5dUESRAOaFqWNyhhYgg
ygmO0AYyCOLWCwO8XxQy6zbOnfz4/Z5B2xulI5vxKjWdgUtd556jTHL6j8abIlrI
KIutTR2qHB+2xc77fOzqp8EaOGvNEhhb7eiGmcxGPXrckBAKNKjxSamMPnAp4QTf
4cKwmC5Fk7m88N5ejl4iRVLGtKU+VAn4TwwflqgrF6yYdElSqL7W5JNI/QIDAQAB
o4IDljCCA5IwHQYDVR0OBBYEFDHiSb4iZmGePP7TNKhp3i66pAvQMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvTWVKSnZpSm1ZWjQ4X3RNMHFHbmVMcnFrQzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqgYIKwYBBQUHAQcBAf8EggGZMIIBlTCBuwQCAAEwgbQD
BAAFCogDBQIFCo0IAwUCBQqNiAMEAAUKjgMEAQWagAMEAgWakDAMAwQBBZqaAwQF
BZqAAwQET4sAMAwDBARXeBADBAJXeBgDBABfgsADBABfgsIDBABfgscDBACRDkAD
BACRDkIwDAMEApEORAMEAJEORgMEAJEOSTAMAwQCkQ5MAwQAkQ5OAwQAkQ5QAwQA
kQ5TAwQAkQ5VAwQAkQ5XAwQAkQ5ZMAwDBACRDlsDBAGRDlwwgdQEAgACMIHNAwcA
KgT1gJABAwgAKgT1gJAwAQMHACoE9YCSEAMHASoE9YERCgMHACoE9YGAQAMHACoE
9YGAcAMHACoE9YGAkAMHACoE9YGAsAMHACoE9YGBQAMHACoE9YGBcAMHACoE9YGB
kAMHACoE9YGBsAMHACoE9YGCQAMHACoE9YGCcAMHACoE9YGCkAMHACoE9YGCsDAW
AwkAKgT1gaAOoAEDCQAqBPWBoA6gBAMHACoE9YGgDwMHACoE9YGhEQMHACoE9YGh
IwMHACoE9YGhJTANBgkqhkiG9w0BAQsFAAOCAQEAx82UVXk9v3llaSa5gHNOo0Q6
TaKqSPZ53JEbk0elDb8B5uShlnQ+mlKUBXFCfMtu/yvU/LfRgQn2wepNGunVVh+I
JxgT0XDAzEu+qDwynBqWR7HDRcQMs88DDw3om2Eq42b07iANJAvJ0vnK1EXLHySN
0hgNQfbHUyyKk2a33elnNBuA7K9tgc8oiFuAKfavYrF2s/oMgi3cUADElHUzNRBk
8CYH9QgyHE8MNPF5YWl7GoxKqcDaRErxlvF4qVtt0tV73fLroLkmj5MhHZMjhDeQ
/VmdYODbXbx2o8umBrDKRBGcWV8wMsSV8JIcchLKI/i1ZAr8/fOAT4pd3rmt+A==
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:34:55 2025 by rpki-client