Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/RY1mbjOqt4LvqVT2bEjTg-AlfT4.roa
File: RY1mbjOqt4LvqVT2bEjTg-AlfT4.roa (raw, json)
Hash identifier: dW6Vrul2VsgkFaGJdPtO7rsgjo1yGb7Rrq/HA9657LE=
Subject key identifier: 45:8D:66:6E:33:AA:B7:82:EF:A9:54:F6:6C:48:D3:83:E0:25:7D:3E
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 018678FDFEC4262A0ACFC66C9417369833E4
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/RY1mbjOqt4LvqVT2bEjTg-AlfT4.roa
Signing time: Wed 22 Feb 2023 11:59:17 +0000
ROA not before: Wed 22 Feb 2023 11:59:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23764
IP address blocks: 5.10.136.112/29 maxlen: 29
95.130.192.0/24 maxlen: 24
95.130.199.0/24 maxlen: 24
95.130.194.0/24 maxlen: 24
5.154.128.0/24 maxlen: 24
5.154.129.0/24 maxlen: 24
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.154.144.0/24 maxlen: 24
5.154.145.0/24 maxlen: 24
5.154.146.0/24 maxlen: 24
5.154.147.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
5.154.154.0/24 maxlen: 24
5.154.155.0/24 maxlen: 24
5.154.156.0/24 maxlen: 24
5.154.157.0/24 maxlen: 24
87.120.16.0/24 maxlen: 24
87.120.17.0/24 maxlen: 24
87.120.23.0/24 maxlen: 24
87.120.24.0/24 maxlen: 24
87.120.18.0/24 maxlen: 24
87.120.19.0/24 maxlen: 24
87.120.20.0/24 maxlen: 24
87.120.21.0/24 maxlen: 24
87.120.22.0/24 maxlen: 24
87.120.25.0/24 maxlen: 24
87.120.26.0/24 maxlen: 24
87.120.27.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
79.139.0.0/24 maxlen: 24
79.139.1.0/24 maxlen: 24
79.139.2.0/24 maxlen: 24
79.139.3.0/24 maxlen: 24
79.139.4.0/24 maxlen: 24
79.139.6.0/24 maxlen: 24
79.139.7.0/24 maxlen: 24
79.139.8.0/24 maxlen: 24
79.139.9.0/24 maxlen: 24
79.139.10.0/24 maxlen: 24
79.139.11.0/24 maxlen: 24
79.139.5.0/24 maxlen: 24
79.139.13.0/24 maxlen: 24
79.139.14.0/24 maxlen: 24
79.139.12.0/24 maxlen: 24
5.10.136.208/30 maxlen: 30
145.14.66.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
2a04:f581:a00e:a004::/64 maxlen: 64
2a04:f581:a00f::/48 maxlen: 48
2a04:f581:a00e:a003::/64 maxlen: 64
2a04:f581:110b::/48 maxlen: 48
2a04:f581:82b0::/48 maxlen: 48
2a04:f581:80b0::/48 maxlen: 48
2a04:f581:81b0::/48 maxlen: 48
2a04:f581:8070::/48 maxlen: 48
2a04:f581:8270::/48 maxlen: 48
2a04:f581:8170::/48 maxlen: 48
2a04:f580:9210::/48 maxlen: 48
2a04:f581:110a::/48 maxlen: 48
2a04:f581:8240::/48 maxlen: 48
2a04:f581:8040::/48 maxlen: 48
2a04:f581:8140::/48 maxlen: 48
2a04:f580:9030:100::/56 maxlen: 56
2a04:f581:a00e:a002::/64 maxlen: 64
2a04:f581:a00e:a001::/64 maxlen: 64
2a04:f581:8190::/48 maxlen: 48
2a04:f581:8090::/48 maxlen: 48
2a04:f581:8290::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:fd:fe:c4:26:2a:0a:cf:c6:6c:94:17:36:98:33:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Feb 22 11:59:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=458d666e33aab782efa954f66c48d383e0257d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c2:f9:d0:dd:65:71:06:eb:92:f1:a1:52:a5:
bd:3a:72:90:bf:e9:ed:65:85:44:e1:5d:62:38:bd:
2c:f8:a7:70:68:54:9c:14:9d:bb:d3:1f:e9:46:ac:
72:86:ae:df:a6:39:10:64:bd:ab:94:ec:c3:09:9e:
e5:72:fe:2f:48:1f:2e:7c:ef:17:54:ae:c7:45:7e:
71:bd:85:46:74:29:ed:41:7b:26:42:f5:14:ce:df:
29:60:3d:66:66:11:97:87:49:b7:51:b6:53:c3:b1:
e8:9f:47:0e:d9:74:9e:84:f0:c8:25:ac:08:05:be:
37:d9:fa:08:bb:89:1d:25:1c:bf:02:ca:5e:4a:fb:
8f:c0:a4:84:0e:b1:1f:aa:75:e1:47:18:2b:37:8c:
bc:45:16:75:60:a8:ed:f7:d5:50:12:f1:2f:e7:ce:
ca:47:73:5a:cf:05:fb:ad:f3:8e:25:bf:fc:92:37:
d5:6c:25:15:10:75:bc:22:70:96:f8:7e:77:60:53:
ca:0a:36:b4:fc:78:2f:31:75:ff:8b:d1:78:a6:bf:
fd:52:81:35:43:bb:4d:d0:23:14:c7:56:3d:bc:cb:
4c:2b:07:34:68:37:1c:de:b0:08:af:6c:a4:48:e8:
4c:bc:0d:eb:45:23:36:52:a2:68:c6:29:3e:90:9d:
6f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:8D:66:6E:33:AA:B7:82:EF:A9:54:F6:6C:48:D3:83:E0:25:7D:3E
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/RY1mbjOqt4LvqVT2bEjTg-AlfT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.112/29
5.10.136.208/30
5.10.141.8/30
5.10.141.136/30
5.154.128.0/23
5.154.144.0/22
5.154.154.0-5.154.159.255
79.139.0.0-79.139.14.255
87.120.16.0-87.120.27.255
95.130.192.0/24
95.130.194.0/24
95.130.199.0/24
145.14.66.0/24
145.14.68.0/24
145.14.70.0/24
145.14.73.0/24
145.14.76.0-145.14.78.255
145.14.80.0/24
145.14.83.0/24
145.14.85.0/24
145.14.87.0/24
145.14.89.0/24
145.14.91.0/24
145.14.93.0/24
IPv6:
2a04:f580:9030:100::/56
2a04:f580:9210::/48
2a04:f581:110a::/47
2a04:f581:8040::/48
2a04:f581:8070::/48
2a04:f581:8090::/48
2a04:f581:80b0::/48
2a04:f581:8140::/48
2a04:f581:8170::/48
2a04:f581:8190::/48
2a04:f581:81b0::/48
2a04:f581:8240::/48
2a04:f581:8270::/48
2a04:f581:8290::/48
2a04:f581:82b0::/48
2a04:f581:a00e:a001::-2a04:f581:a00e:a004:ffff:ffff:ffff:ffff
2a04:f581:a00f::/48
Signature Algorithm: sha256WithRSAEncryption
1f:27:d4:7a:21:b9:df:0d:82:5e:7b:36:c2:31:5b:1a:95:34:
f3:1c:5d:b6:78:85:89:9e:34:6f:24:28:b9:da:1e:5a:b6:82:
34:33:f7:16:b7:8d:14:2c:6f:aa:e0:73:ce:95:2e:ca:6a:e4:
00:af:1b:96:53:44:56:c2:2a:bb:ac:54:42:e2:a2:c4:91:ef:
6c:ee:a3:1d:fd:b1:cc:65:d8:09:b2:1b:d5:25:31:e4:56:a9:
d9:f6:d8:f5:78:b6:e2:26:ed:f6:ca:f5:39:01:00:29:8b:19:
4e:30:a8:e2:c1:b6:68:2c:f1:96:43:27:2f:1c:64:bd:1c:52:
14:75:42:0e:12:f1:9f:a1:e2:92:7f:dd:04:73:46:21:96:9f:
6b:f3:ab:39:04:b0:df:b3:4c:21:ac:ba:3c:03:d4:36:ce:64:
7e:0f:db:2e:f8:fb:a5:8e:5f:58:f2:6f:09:10:78:0a:71:22:
96:db:35:8d:c6:56:32:cb:ab:d4:13:89:7c:6f:1e:f1:ee:40:
5e:81:e3:e7:1a:0f:85:4c:1a:88:11:49:46:bd:41:fe:e9:3b:
c2:d8:a5:cb:d7:2e:53:18:79:7f:a9:43:f6:56:cf:2c:60:c6:
9b:30:cb:9d:c9:f9:f0:50:00:db:96:8c:b8:56:bb:26:a8:92:
32:b8:97:22
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAYZ4/f7EJioKz8ZslBc2mDPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjMwMjIyMTE1OTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NThkNjY2ZTMzYWFiNzgyZWZhOTU0ZjY2YzQ4ZDM4M2UwMjU3ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcL50N1lcQbrkvGhUqW9OnKQv+nt
ZYVE4V1iOL0s+KdwaFScFJ270x/pRqxyhq7fpjkQZL2rlOzDCZ7lcv4vSB8ufO8X
VK7HRX5xvYVGdCntQXsmQvUUzt8pYD1mZhGXh0m3UbZTw7Hon0cO2XSehPDIJawI
Bb432foIu4kdJRy/AspeSvuPwKSEDrEfqnXhRxgrN4y8RRZ1YKjt99VQEvEv587K
R3NazwX7rfOOJb/8kjfVbCUVEHW8InCW+H53YFPKCja0/HgvMXX/i9F4pr/9UoE1
Q7tN0CMUx1Y9vMtMKwc0aDcc3rAIr2ykSOhMvA3rRSM2UqJoxik+kJ1vywIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFEWNZm4zqreC76lU9mxI04PgJX0+MB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvUlkxbWJqT3F0NEx2cVZUMmJFalRnLUFsZlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCBugQCAAEwgbMD
BQMFCohwAwUCBQqI0AMFAgUKjQgDBQIFCo2IAwQBBZqAAwQCBZqQMAwDBAEFmpoD
BAUFmoAwCwMDAE+LAwQAT4sOMAwDBARXeBADBAJXeBgDBABfgsADBABfgsIDBABf
gscDBACRDkIDBACRDkQDBACRDkYDBACRDkkwDAMEApEOTAMEAJEOTgMEAJEOUAME
AJEOUwMEAJEOVQMEAJEOVwMEAJEOWQMEAJEOWwMEAJEOXTCBsAQCAAIwgakDCAAq
BPWAkDABAwcAKgT1gJIQAwcBKgT1gREKAwcAKgT1gYBAAwcAKgT1gYBwAwcAKgT1
gYCQAwcAKgT1gYCwAwcAKgT1gYFAAwcAKgT1gYFwAwcAKgT1gYGQAwcAKgT1gYGw
AwcAKgT1gYJAAwcAKgT1gYJwAwcAKgT1gYKQAwcAKgT1gYKwMBYDCQAqBPWBoA6g
AQMJACoE9YGgDqAEAwcAKgT1gaAPMA0GCSqGSIb3DQEBCwUAA4IBAQAfJ9R6Ibnf
DYJeezbCMVsalTTzHF22eIWJnjRvJCi52h5atoI0M/cWt40ULG+q4HPOlS7KauQA
rxuWU0RWwiq7rFRC4qLEke9s7qMd/bHMZdgJshvVJTHkVqnZ9tj1eLbiJu32yvU5
AQApixlOMKjiwbZoLPGWQycvHGS9HFIUdUIOEvGfoeKSf90Ec0Yhlp9r86s5BLDf
s0whrLo8A9Q2zmR+D9su+Puljl9Y8m8JEHgKcSKW2zWNxlYyy6vUE4l8bx7x7kBe
gePnGg+FTBqIEUlGvUH+6TvC2KXL1y5TGHl/qUP2Vs8sYMabMMudyfnwUADbloy4
VrsmqJIyuJci
-----END CERTIFICATE-----
Generated at Tue Nov 14 11:06:23 2023 by rpki-client on console-fra.rpki-client.org