Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/OZFiKBGuICrAyCDcq3TudCX28kI.roa
File: OZFiKBGuICrAyCDcq3TudCX28kI.roa (raw, json)
Hash identifier: kOA+UwA0dasDWypx1yNEgk0ZPYB60YrYuFIU7o7rS1g=
Subject key identifier: 39:91:62:28:11:AE:20:2A:C0:C8:20:DC:AB:74:EE:74:25:F6:F2:42
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 018BD0E5C3C8E528C48664B2F25BC0FA4F51
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/OZFiKBGuICrAyCDcq3TudCX28kI.roa
Signing time: Wed 15 Nov 2023 02:53:20 +0000
ROA not before: Wed 15 Nov 2023 02:53:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4809
IP address blocks: 5.10.136.112/29 maxlen: 29
5.154.132.0/24 maxlen: 24
5.10.141.136/30 maxlen: 30
5.10.141.8/30 maxlen: 30
5.154.133.0/24 maxlen: 24
5.154.138.0/24 maxlen: 24
5.154.139.0/24 maxlen: 24
5.154.137.0/24 maxlen: 24
5.154.136.0/24 maxlen: 24
5.154.140.0/24 maxlen: 24
5.154.141.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.81.0/24 maxlen: 24
145.14.82.0/24 maxlen: 24
145.14.79.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.84.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.90.0/24 maxlen: 24
145.14.88.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.86.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
145.14.92.0/24 maxlen: 24
185.75.172.0/24 maxlen: 24
185.75.174.0/24 maxlen: 24
185.75.173.0/24 maxlen: 24
5.10.136.208/30 maxlen: 30
145.14.64.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.71.0/24 maxlen: 24
145.14.69.0/24 maxlen: 24
145.14.67.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.65.0/24 maxlen: 24
145.14.66.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.74.0/24 maxlen: 24
145.14.75.0/24 maxlen: 24
145.14.72.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
5.10.138.0/24 maxlen: 24
5.10.139.0/24 maxlen: 24
5.10.137.0/24 maxlen: 24
5.10.136.0/24 maxlen: 24
5.10.140.0/24 maxlen: 24
5.10.143.0/24 maxlen: 24
5.10.142.0/24 maxlen: 24
2a04:f580:9210::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d0:e5:c3:c8:e5:28:c4:86:64:b2:f2:5b:c0:fa:4f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Nov 15 02:53:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3991622811ae202ac0c820dcab74ee7425f6f242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:01:99:4b:63:9c:d5:56:a8:e3:12:ba:ec:3e:
8f:22:b0:1b:ec:7c:80:e4:9b:fc:32:c5:89:0d:35:
75:92:d3:d7:35:28:46:40:08:b2:a8:03:7c:fe:ae:
00:b2:b3:8d:ba:49:d0:96:65:42:04:d5:fd:dc:d3:
fa:c1:be:e2:78:52:8d:4d:73:b5:b8:fd:ca:d2:5b:
0b:eb:a2:3b:59:d3:9a:94:8f:53:08:70:83:ad:42:
99:75:ad:d3:83:6c:cd:9d:8b:65:84:6d:8d:8a:92:
22:22:14:f0:d5:c3:35:3f:07:d1:2f:ed:5f:98:d9:
80:98:3d:44:0f:02:d7:a1:b3:50:9f:3f:2e:e8:ed:
eb:da:dd:2b:78:e6:c8:6f:78:11:9d:98:8a:ca:71:
28:4c:fe:8f:69:40:b3:a2:1a:90:39:59:a0:b2:d1:
5f:2f:5c:df:9a:ce:22:10:2c:62:2f:6b:14:90:f3:
2e:14:5a:3f:c5:66:85:bb:07:31:f9:bd:cf:f0:0e:
53:3d:f6:27:19:fc:f5:63:6c:44:d7:83:14:1c:11:
1b:25:50:14:74:f1:df:17:14:b1:54:39:cd:18:f7:
fe:f9:f0:4b:e9:eb:d3:ef:ec:d7:6e:79:1c:1c:87:
0b:23:9d:2a:b8:9f:51:51:24:97:97:d6:b2:3a:bf:
c6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:91:62:28:11:AE:20:2A:C0:C8:20:DC:AB:74:EE:74:25:F6:F2:42
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/OZFiKBGuICrAyCDcq3TudCX28kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.0-5.10.140.255
5.10.141.8/30
5.10.141.136/30
5.10.142.0/23
5.154.132.0/23
5.154.136.0-5.154.141.255
5.154.158.0/23
145.14.64.0-145.14.93.255
185.75.172.0-185.75.174.255
IPv6:
2a04:f580:9210::/48
Signature Algorithm: sha256WithRSAEncryption
89:91:a2:b9:51:ed:59:a0:3e:cf:b3:00:70:a9:06:2d:15:23:
fb:13:69:6c:4d:dc:83:da:7b:96:49:78:38:16:92:19:19:02:
f3:93:26:a2:7c:f0:84:b9:7a:8a:c9:fb:be:be:f6:86:90:e9:
8e:e6:94:f8:45:7f:f7:f4:e6:5b:47:6a:26:14:ee:90:21:fa:
1b:b3:62:c8:07:a1:31:4b:a7:f8:ae:6f:1c:b6:ef:1e:00:70:
54:f5:88:73:55:31:52:f4:ad:44:33:91:32:cc:36:0f:31:8b:
39:63:d0:f2:a8:93:b9:d6:9a:47:ce:2b:0b:5d:19:18:d3:b2:
1c:0a:65:6f:21:39:83:49:3f:a1:ef:83:0d:e7:05:81:09:b2:
1b:26:b0:39:5b:d5:32:c5:79:e1:10:2b:53:c1:cb:cb:50:4a:
01:53:e3:61:90:10:e6:ef:61:6b:7a:85:cd:57:13:c9:45:4c:
f6:ce:48:40:c5:97:21:77:6a:5e:4c:cc:b1:85:68:e9:7d:65:
6e:06:93:73:43:31:4f:c0:d3:2e:20:ed:ea:38:6d:b8:c6:25:
34:ab:7d:44:91:5c:0e:04:11:48:f4:90:6d:c0:46:9a:e4:87:
7d:99:a2:72:e6:8b:dc:bc:23:6b:ad:cc:0a:43:84:f5:d1:62:
56:9d:5b:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYvQ5cPI5SjEhmSy8lvA+k9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjMxMTE1MDI1MzIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTkxNjIyODExYWUyMDJhYzBjODIwZGNhYjc0ZWU3NDI1ZjZmMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAGZS2Oc1Vao4xK67D6PIrAb7HyA
5Jv8MsWJDTV1ktPXNShGQAiyqAN8/q4AsrONuknQlmVCBNX93NP6wb7ieFKNTXO1
uP3K0lsL66I7WdOalI9TCHCDrUKZda3Tg2zNnYtlhG2NipIiIhTw1cM1PwfRL+1f
mNmAmD1EDwLXobNQnz8u6O3r2t0reObIb3gRnZiKynEoTP6PaUCzohqQOVmgstFf
L1zfms4iECxiL2sUkPMuFFo/xWaFuwcx+b3P8A5TPfYnGfz1Y2xE14MUHBEbJVAU
dPHfFxSxVDnNGPf++fBL6evT7+zXbnkcHIcLI50quJ9RUSSXl9ayOr/GiQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFDmRYigRriAqwMgg3Kt07nQl9vJCMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvT1pGaUtCR3VJQ3JBeUNEY3EzVHVkQ1gyOGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwXgQCAAEwWDAMAwQDBQqI
AwQABQqMAwUCBQqNCAMFAgUKjYgDBAEFCo4DBAEFmoQwDAMEAwWaiAMEAQWajAME
AQWanjAMAwQGkQ5AAwQBkQ5cMAwDBAK5S6wDBAC5S64wDwQCAAIwCQMHACoE9YCS
EDANBgkqhkiG9w0BAQsFAAOCAQEAiZGiuVHtWaA+z7MAcKkGLRUj+xNpbE3cg9p7
lkl4OBaSGRkC85MmonzwhLl6isn7vr72hpDpjuaU+EV/9/TmW0dqJhTukCH6G7Ni
yAehMUun+K5vHLbvHgBwVPWIc1UxUvStRDORMsw2DzGLOWPQ8qiTudaaR84rC10Z
GNOyHAplbyE5g0k/oe+DDecFgQmyGyawOVvVMsV54RArU8HLy1BKAVPjYZAQ5u9h
a3qFzVcTyUVM9s5IQMWXIXdqXkzMsYVo6X1lbgaTc0MxT8DTLiDt6jhtuMYlNKt9
RJFcDgQRSPSQbcBGmuSHfZmicuaL3Lwja63MCkOE9dFiVp1bcA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:37 2024 by rpki-client on console-ams.rpki-client.org