Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/ZoYj8W1vnukAso9nNoXwQcGeNWk.roa
File: ZoYj8W1vnukAso9nNoXwQcGeNWk.roa (raw, json)
Hash identifier: bwfZPOJwt39O7CdeBoY8juo7gzLJ08FGoJ+PXLTrcbE=
Subject key identifier: 66:86:23:F1:6D:6F:9E:E9:00:B2:8F:67:36:85:F0:41:C1:9E:35:69
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 019387FE4CF62EE623CC9EE5995442E502E2
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/ZoYj8W1vnukAso9nNoXwQcGeNWk.roa
Signing time: Mon 02 Dec 2024 15:30:10 +0000
ROA not before: Mon 02 Dec 2024 15:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23764
IP address blocks: 5.10.136.0/24 maxlen: 24
5.10.136.112/29 maxlen: 29
5.10.136.208/30 maxlen: 30
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.10.142.0/24 maxlen: 24
5.154.128.0/24 maxlen: 24
5.154.129.0/24 maxlen: 24
5.154.144.0/24 maxlen: 24
5.154.145.0/24 maxlen: 24
5.154.146.0/24 maxlen: 24
5.154.147.0/24 maxlen: 24
5.154.154.0/24 maxlen: 24
5.154.155.0/24 maxlen: 24
5.154.156.0/24 maxlen: 24
5.154.157.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
79.139.0.0/24 maxlen: 24
79.139.1.0/24 maxlen: 24
79.139.2.0/24 maxlen: 24
79.139.3.0/24 maxlen: 24
79.139.4.0/24 maxlen: 24
79.139.5.0/24 maxlen: 24
79.139.6.0/24 maxlen: 24
79.139.7.0/24 maxlen: 24
79.139.8.0/24 maxlen: 24
79.139.9.0/24 maxlen: 24
79.139.10.0/24 maxlen: 24
79.139.11.0/24 maxlen: 24
79.139.12.0/24 maxlen: 24
79.139.13.0/24 maxlen: 24
79.139.14.0/24 maxlen: 24
79.139.15.0/24 maxlen: 24
87.120.16.0/24 maxlen: 24
87.120.17.0/24 maxlen: 24
87.120.18.0/24 maxlen: 24
87.120.19.0/24 maxlen: 24
87.120.20.0/24 maxlen: 24
87.120.21.0/24 maxlen: 24
87.120.22.0/24 maxlen: 24
87.120.23.0/24 maxlen: 24
87.120.24.0/24 maxlen: 24
87.120.25.0/24 maxlen: 24
87.120.26.0/24 maxlen: 24
87.120.27.0/24 maxlen: 24
95.130.192.0/24 maxlen: 24
95.130.194.0/24 maxlen: 24
95.130.199.0/24 maxlen: 24
145.14.64.0/24 maxlen: 24
145.14.66.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.69.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.92.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
2a04:f580:9030:100::/56 maxlen: 56
2a04:f580:9210::/48 maxlen: 48
2a04:f581:110a::/48 maxlen: 48
2a04:f581:110b::/48 maxlen: 48
2a04:f581:8040::/48 maxlen: 48
2a04:f581:8070::/48 maxlen: 48
2a04:f581:8090::/48 maxlen: 48
2a04:f581:80b0::/48 maxlen: 48
2a04:f581:8140::/48 maxlen: 48
2a04:f581:8170::/48 maxlen: 48
2a04:f581:8190::/48 maxlen: 48
2a04:f581:81b0::/48 maxlen: 48
2a04:f581:8240::/48 maxlen: 48
2a04:f581:8270::/48 maxlen: 48
2a04:f581:8290::/48 maxlen: 48
2a04:f581:82b0::/48 maxlen: 48
2a04:f581:a00e:a001::/64 maxlen: 64
2a04:f581:a00e:a002::/64 maxlen: 64
2a04:f581:a00e:a003::/64 maxlen: 64
2a04:f581:a00e:a004::/64 maxlen: 64
2a04:f581:a00f::/48 maxlen: 48
2a04:f581:a111::/48 maxlen: 48
2a04:f581:a123::/48 maxlen: 48
2a04:f581:a125::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 18 Dec 2024 09:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:87:fe:4c:f6:2e:e6:23:cc:9e:e5:99:54:42:e5:02:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Dec 2 15:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=668623f16d6f9ee900b28f673685f041c19e3569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8e:43:61:3b:4f:85:5f:c6:8b:b4:f4:1a:b7:
d0:24:ae:15:08:4c:c7:e2:00:79:6d:a1:bc:35:28:
e2:2e:ea:60:18:44:b3:7a:a7:81:02:88:25:84:3c:
37:61:b9:e0:49:a8:0e:47:70:98:af:43:8f:a1:6b:
3e:6a:60:52:b1:98:bd:9f:b5:a0:92:e1:df:9a:6b:
56:d4:43:13:a8:07:75:d5:34:9d:15:cc:19:77:e9:
59:8e:1b:dc:d5:d4:f0:51:73:b5:15:49:3a:0e:2c:
bd:33:41:62:30:84:e2:3c:19:2f:27:a5:13:7e:00:
a9:4a:36:a6:6a:ab:2a:20:1c:39:e8:14:93:be:07:
ae:bc:3f:81:d9:0c:04:1b:77:3f:4e:a5:3d:b2:a3:
b0:6c:cc:76:94:43:b2:48:9e:b8:c6:59:65:8a:71:
c7:67:bb:e5:32:1e:f2:e8:1f:1b:d4:26:62:de:bf:
95:7b:4c:64:5d:dc:38:be:ec:7f:3e:2f:0b:e5:7d:
51:e2:d8:20:53:0d:7f:77:49:6f:67:d6:0a:13:13:
f1:a3:63:e3:59:a0:c2:0c:7f:ec:33:5b:59:7d:9e:
a5:aa:2b:16:f6:1d:4d:eb:ca:f0:d0:e9:0b:3a:03:
ba:64:5f:b7:f4:89:74:e4:b8:7c:9c:09:b1:76:6c:
d3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:86:23:F1:6D:6F:9E:E9:00:B2:8F:67:36:85:F0:41:C1:9E:35:69
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/ZoYj8W1vnukAso9nNoXwQcGeNWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.0/24
5.10.141.8/30
5.10.141.136/30
5.10.142.0/24
5.154.128.0/23
5.154.144.0/22
5.154.154.0-5.154.159.255
79.139.0.0/20
87.120.16.0-87.120.27.255
95.130.192.0/24
95.130.194.0/24
95.130.199.0/24
145.14.64.0/24
145.14.66.0/24
145.14.68.0-145.14.70.255
145.14.73.0/24
145.14.76.0-145.14.78.255
145.14.80.0/24
145.14.83.0/24
145.14.85.0/24
145.14.87.0/24
145.14.89.0/24
145.14.91.0-145.14.93.255
IPv6:
2a04:f580:9030:100::/56
2a04:f580:9210::/48
2a04:f581:110a::/47
2a04:f581:8040::/48
2a04:f581:8070::/48
2a04:f581:8090::/48
2a04:f581:80b0::/48
2a04:f581:8140::/48
2a04:f581:8170::/48
2a04:f581:8190::/48
2a04:f581:81b0::/48
2a04:f581:8240::/48
2a04:f581:8270::/48
2a04:f581:8290::/48
2a04:f581:82b0::/48
2a04:f581:a00e:a001::-2a04:f581:a00e:a004:ffff:ffff:ffff:ffff
2a04:f581:a00f::/48
2a04:f581:a111::/48
2a04:f581:a123::/48
2a04:f581:a125::/48
Signature Algorithm: sha256WithRSAEncryption
62:ed:63:06:8c:e2:b7:7b:9d:d8:d2:ba:34:3c:c7:79:d8:b8:
1b:37:61:d0:b7:03:6e:65:61:0c:cf:12:2c:45:80:ce:c2:22:
fb:95:e5:f9:65:12:59:00:b2:3e:9c:0b:97:44:5a:f5:a2:ee:
7f:be:d4:e4:5d:d1:e9:e1:65:81:1e:24:82:89:b5:aa:56:31:
f2:21:df:18:dd:ce:9d:0b:56:af:77:be:f0:c2:c3:8a:66:5c:
70:e1:12:18:c9:59:3f:fc:b3:01:39:53:84:0a:31:a3:05:4e:
ea:1f:07:91:18:4e:62:24:f9:b4:30:f5:b0:52:f4:43:0d:8d:
ef:eb:ac:31:1c:fa:99:d9:ed:49:63:0f:85:4f:58:54:de:8f:
5b:b0:68:56:ec:d6:c2:ec:64:98:68:12:d7:39:44:63:93:12:
4d:c1:f7:67:5e:f4:e9:d2:a9:f3:75:17:60:a8:b2:bc:1f:b6:
f6:ff:b3:29:c7:1b:2e:29:9c:5d:79:62:07:6a:5e:c1:dd:50:
65:d1:9a:13:f3:db:9b:32:2b:d6:93:df:49:19:b1:dd:3a:d2:
46:ec:9b:f5:96:51:13:bb:c8:bd:84:6a:14:ac:83:f0:c0:88:
3a:ec:05:8b:5f:77:88:0b:bc:e0:67:40:18:0e:55:d7:d4:0e:
d1:4a:07:19
-----BEGIN CERTIFICATE-----
MIIGgTCCBWmgAwIBAgISAZOH/kz2LuYjzJ7lmVRC5QLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjQxMjAyMTUzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njg2MjNmMTZkNmY5ZWU5MDBiMjhmNjczNjg1ZjA0MWMxOWUzNTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto5DYTtPhV/Gi7T0GrfQJK4VCEzH
4gB5baG8NSjiLupgGESzeqeBAoglhDw3YbngSagOR3CYr0OPoWs+amBSsZi9n7Wg
kuHfmmtW1EMTqAd11TSdFcwZd+lZjhvc1dTwUXO1FUk6Diy9M0FiMITiPBkvJ6UT
fgCpSjamaqsqIBw56BSTvgeuvD+B2QwEG3c/TqU9sqOwbMx2lEOySJ64xlllinHH
Z7vlMh7y6B8b1CZi3r+Ve0xkXdw4vux/Pi8L5X1R4tggUw1/d0lvZ9YKExPxo2Pj
WaDCDH/sM1tZfZ6lqisW9h1N68rw0OkLOgO6ZF+39Il05Lh8nAmxdmzTiQIDAQAB
o4IDjTCCA4kwHQYDVR0OBBYEFGaGI/Ftb57pALKPZzaF8EHBnjVpMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvWm9ZajhXMXZudWtBc285bk5vWHdRY0dlTldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBoQYIKwYBBQUHAQcBAf8EggGQMIIBjDCBuwQCAAEwgbQD
BAAFCogDBQIFCo0IAwUCBQqNiAMEAAUKjgMEAQWagAMEAgWakDAMAwQBBZqaAwQF
BZqAAwQET4sAMAwDBARXeBADBAJXeBgDBABfgsADBABfgsIDBABfgscDBACRDkAD
BACRDkIwDAMEApEORAMEAJEORgMEAJEOSTAMAwQCkQ5MAwQAkQ5OAwQAkQ5QAwQA
kQ5TAwQAkQ5VAwQAkQ5XAwQAkQ5ZMAwDBACRDlsDBAGRDlwwgcsEAgACMIHEAwgA
KgT1gJAwAQMHACoE9YCSEAMHASoE9YERCgMHACoE9YGAQAMHACoE9YGAcAMHACoE
9YGAkAMHACoE9YGAsAMHACoE9YGBQAMHACoE9YGBcAMHACoE9YGBkAMHACoE9YGB
sAMHACoE9YGCQAMHACoE9YGCcAMHACoE9YGCkAMHACoE9YGCsDAWAwkAKgT1gaAO
oAEDCQAqBPWBoA6gBAMHACoE9YGgDwMHACoE9YGhEQMHACoE9YGhIwMHACoE9YGh
JTANBgkqhkiG9w0BAQsFAAOCAQEAYu1jBozit3ud2NK6NDzHedi4Gzdh0LcDbmVh
DM8SLEWAzsIi+5Xl+WUSWQCyPpwLl0Ra9aLuf77U5F3R6eFlgR4kgom1qlYx8iHf
GN3OnQtWr3e+8MLDimZccOESGMlZP/yzATlThAoxowVO6h8HkRhOYiT5tDD1sFL0
Qw2N7+usMRz6mdntSWMPhU9YVN6PW7BoVuzWwuxkmGgS1zlEY5MSTcH3Z1706dKp
83UXYKiyvB+29v+zKccbLimcXXliB2pewd1QZdGaE/PbmzIr1pPfSRmx3TrSRuyb
9ZZRE7vIvYRqFKyD8MCIOuwFi193iAu84GdAGA5V19QO0UoHGQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:49:17 2025 by rpki-client