Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/etF6q3HorrGBwxWEAOa8AS6HhuY.roa
File: etF6q3HorrGBwxWEAOa8AS6HhuY.roa (raw, json)
Hash identifier: aCkIpsnYlgU6qexamJqeKhyv6rNVr7+QD9KAaFiem5s=
Subject key identifier: 7A:D1:7A:AB:71:E8:AE:B1:81:C3:15:84:00:E6:BC:01:2E:87:86:E6
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 01856B8A14254EA736537D0884C570FD39D9
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/etF6q3HorrGBwxWEAOa8AS6HhuY.roa
Signing time: Sun 01 Jan 2023 04:14:49 +0000
ROA not before: Sun 01 Jan 2023 04:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23764
IP address blocks: 5.10.136.112/29 maxlen: 29
95.130.192.0/24 maxlen: 24
95.130.194.0/24 maxlen: 24
5.154.128.0/24 maxlen: 24
5.154.129.0/24 maxlen: 24
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.154.144.0/24 maxlen: 24
5.154.145.0/24 maxlen: 24
5.154.146.0/24 maxlen: 24
5.154.147.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
5.154.154.0/24 maxlen: 24
5.154.155.0/24 maxlen: 24
5.154.156.0/24 maxlen: 24
5.154.157.0/24 maxlen: 24
87.120.16.0/24 maxlen: 24
87.120.17.0/24 maxlen: 24
87.120.23.0/24 maxlen: 24
87.120.24.0/24 maxlen: 24
87.120.18.0/24 maxlen: 24
87.120.19.0/24 maxlen: 24
87.120.20.0/24 maxlen: 24
87.120.21.0/24 maxlen: 24
87.120.22.0/24 maxlen: 24
87.120.25.0/24 maxlen: 24
87.120.26.0/24 maxlen: 24
87.120.27.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
79.139.0.0/24 maxlen: 24
79.139.1.0/24 maxlen: 24
79.139.2.0/24 maxlen: 24
79.139.3.0/24 maxlen: 24
79.139.4.0/24 maxlen: 24
79.139.6.0/24 maxlen: 24
79.139.7.0/24 maxlen: 24
79.139.8.0/24 maxlen: 24
79.139.9.0/24 maxlen: 24
79.139.10.0/24 maxlen: 24
79.139.11.0/24 maxlen: 24
79.139.5.0/24 maxlen: 24
79.139.13.0/24 maxlen: 24
79.139.14.0/24 maxlen: 24
79.139.12.0/24 maxlen: 24
5.10.136.208/30 maxlen: 30
145.14.66.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
2a04:f581:a00e:a004::/64 maxlen: 64
2a04:f581:a00f::/48 maxlen: 48
2a04:f581:a00e:a003::/64 maxlen: 64
2a04:f581:110b::/48 maxlen: 48
2a04:f581:81b0::/48 maxlen: 48
2a04:f581:80b0::/48 maxlen: 48
2a04:f581:82b0::/48 maxlen: 48
2a04:f581:8170::/48 maxlen: 48
2a04:f581:8270::/48 maxlen: 48
2a04:f581:8070::/48 maxlen: 48
2a04:f580:9210::/48 maxlen: 48
2a04:f581:110a::/48 maxlen: 48
2a04:f581:8240::/48 maxlen: 48
2a04:f581:8040::/48 maxlen: 48
2a04:f581:8140::/48 maxlen: 48
2a04:f580:9030:100::/56 maxlen: 56
2a04:f581:a00e:a002::/64 maxlen: 64
2a04:f581:a00e:a001::/64 maxlen: 64
2a04:f581:8190::/48 maxlen: 48
2a04:f581:8290::/48 maxlen: 48
2a04:f581:8090::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:14:25:4e:a7:36:53:7d:08:84:c5:70:fd:39:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Jan 1 04:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ad17aab71e8aeb181c3158400e6bc012e8786e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:20:c6:d1:12:3c:cb:c8:6a:47:69:10:63:5b:
ac:4c:f3:86:3d:50:cd:0e:f6:b9:c0:dc:00:8b:42:
55:e4:86:b7:21:9e:72:68:cc:c9:22:fc:8d:62:2e:
4e:f8:be:4f:88:8b:2e:3a:c7:20:7a:9b:03:b2:d5:
65:46:69:bd:13:b1:96:be:be:f8:1b:bf:ad:cd:0a:
c4:9c:8e:81:e6:0b:64:38:e5:aa:fd:1a:b2:5f:d8:
b0:ad:8c:48:ea:a1:87:34:17:3b:8e:3a:42:1b:0c:
59:97:86:bd:cf:a6:b3:44:e1:f1:34:4e:ea:ef:23:
c4:4d:77:df:22:3c:9e:b1:79:3d:48:cd:5a:d4:84:
8f:67:a7:d8:f9:35:aa:b3:ff:65:66:03:8d:f6:df:
fe:1f:c3:7f:66:5a:be:b6:c9:ef:2f:2a:45:9d:83:
a6:64:2a:60:02:bd:d7:05:6b:42:2e:0b:b1:dd:46:
d9:c9:ae:e6:0b:49:d5:5a:3e:df:2d:df:35:c7:e1:
33:b6:cd:1c:14:11:8b:34:9d:c0:fb:bd:a1:6c:df:
99:4f:11:21:2e:2e:ad:c3:98:fc:43:09:2a:a7:88:
10:7c:6a:e9:a1:16:8e:8b:f1:87:4b:1c:1d:0d:87:
5e:a7:8e:0b:f7:74:1b:70:34:36:bc:58:61:47:a2:
4a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:D1:7A:AB:71:E8:AE:B1:81:C3:15:84:00:E6:BC:01:2E:87:86:E6
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/etF6q3HorrGBwxWEAOa8AS6HhuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.112/29
5.10.136.208/30
5.10.141.8/30
5.10.141.136/30
5.154.128.0/23
5.154.144.0/22
5.154.154.0-5.154.159.255
79.139.0.0-79.139.14.255
87.120.16.0-87.120.27.255
95.130.192.0/24
95.130.194.0/24
145.14.66.0/24
145.14.68.0/24
145.14.70.0/24
145.14.73.0/24
145.14.76.0-145.14.78.255
145.14.80.0/24
145.14.83.0/24
145.14.85.0/24
145.14.87.0/24
145.14.89.0/24
145.14.91.0/24
145.14.93.0/24
IPv6:
2a04:f580:9030:100::/56
2a04:f580:9210::/48
2a04:f581:110a::/47
2a04:f581:8040::/48
2a04:f581:8070::/48
2a04:f581:8090::/48
2a04:f581:80b0::/48
2a04:f581:8140::/48
2a04:f581:8170::/48
2a04:f581:8190::/48
2a04:f581:81b0::/48
2a04:f581:8240::/48
2a04:f581:8270::/48
2a04:f581:8290::/48
2a04:f581:82b0::/48
2a04:f581:a00e:a001::-2a04:f581:a00e:a004:ffff:ffff:ffff:ffff
2a04:f581:a00f::/48
Signature Algorithm: sha256WithRSAEncryption
63:43:07:bc:e5:b6:41:8b:19:e2:7d:04:e2:3c:c0:3b:37:17:
48:ef:84:ec:05:27:af:b1:79:ce:5c:61:7f:17:73:4c:27:08:
f3:26:cf:76:40:69:29:db:88:94:64:52:5b:6c:2e:3f:90:ed:
d4:07:ea:9b:84:21:99:75:ad:3e:ad:19:6a:eb:e0:e3:92:79:
c9:a9:bc:ee:b8:a0:ef:ad:1b:b9:09:9e:ca:da:54:3a:8b:a1:
f3:0c:be:f0:48:e6:17:a1:b9:19:e3:49:e9:7b:d6:ea:08:43:
e1:18:fc:2d:08:ac:62:18:d1:d6:99:32:03:63:1f:09:ac:e4:
bd:ec:76:a2:42:1a:eb:cd:95:6b:4b:02:36:37:24:db:cc:d7:
19:ea:32:e9:69:ff:b4:0f:55:9c:88:0c:78:92:20:dc:de:2f:
c8:f5:34:22:48:43:33:7f:8f:c9:6c:27:ef:13:6f:43:a3:ad:
80:2c:05:75:2e:85:08:48:56:f5:ae:e0:38:14:64:8f:c5:30:
84:48:75:d1:1d:5f:e6:e7:07:82:c5:4c:e7:8b:c1:05:8d:4d:
17:b1:9e:f1:f5:dc:26:a8:d6:74:a0:72:c0:59:29:6c:58:da:
6a:ec:bc:a2:66:aa:87:f7:ef:9c:c2:26:3f:bb:62:a8:11:a4:
d6:8b:be:c5
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgISAYVrihQlTqc2U30IhMVw/TnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjMwMTAxMDQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWQxN2FhYjcxZThhZWIxODFjMzE1ODQwMGU2YmMwMTJlODc4NmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyDG0RI8y8hqR2kQY1usTPOGPVDN
Dva5wNwAi0JV5Ia3IZ5yaMzJIvyNYi5O+L5PiIsuOscgepsDstVlRmm9E7GWvr74
G7+tzQrEnI6B5gtkOOWq/RqyX9iwrYxI6qGHNBc7jjpCGwxZl4a9z6azROHxNE7q
7yPETXffIjyesXk9SM1a1ISPZ6fY+TWqs/9lZgON9t/+H8N/Zlq+tsnvLypFnYOm
ZCpgAr3XBWtCLgux3UbZya7mC0nVWj7fLd81x+Ezts0cFBGLNJ3A+72hbN+ZTxEh
Li6tw5j8Qwkqp4gQfGrpoRaOi/GHSxwdDYdep44L93QbcDQ2vFhhR6JKLwIDAQAB
o4IDazCCA2cwHQYDVR0OBBYEFHrReqtx6K6xgcMVhADmvAEuh4bmMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvZXRGNnEzSG9yckdCd3hXRUFPYThBUzZIaHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfwYIKwYBBQUHAQcBAf8EggFuMIIBajCBtAQCAAEwga0D
BQMFCohwAwUCBQqI0AMFAgUKjQgDBQIFCo2IAwQBBZqAAwQCBZqQMAwDBAEFmpoD
BAUFmoAwCwMDAE+LAwQAT4sOMAwDBARXeBADBAJXeBgDBABfgsADBABfgsIDBACR
DkIDBACRDkQDBACRDkYDBACRDkkwDAMEApEOTAMEAJEOTgMEAJEOUAMEAJEOUwME
AJEOVQMEAJEOVwMEAJEOWQMEAJEOWwMEAJEOXTCBsAQCAAIwgakDCAAqBPWAkDAB
AwcAKgT1gJIQAwcBKgT1gREKAwcAKgT1gYBAAwcAKgT1gYBwAwcAKgT1gYCQAwcA
KgT1gYCwAwcAKgT1gYFAAwcAKgT1gYFwAwcAKgT1gYGQAwcAKgT1gYGwAwcAKgT1
gYJAAwcAKgT1gYJwAwcAKgT1gYKQAwcAKgT1gYKwMBYDCQAqBPWBoA6gAQMJACoE
9YGgDqAEAwcAKgT1gaAPMA0GCSqGSIb3DQEBCwUAA4IBAQBjQwe85bZBixnifQTi
PMA7NxdI74TsBSevsXnOXGF/F3NMJwjzJs92QGkp24iUZFJbbC4/kO3UB+qbhCGZ
da0+rRlq6+DjknnJqbzuuKDvrRu5CZ7K2lQ6i6HzDL7wSOYXobkZ40npe9bqCEPh
GPwtCKxiGNHWmTIDYx8JrOS97HaiQhrrzZVrSwI2NyTbzNcZ6jLpaf+0D1WciAx4
kiDc3i/I9TQiSEMzf4/JbCfvE29Do62ALAV1LoUISFb1ruA4FGSPxTCESHXRHV/m
5weCxUzni8EFjU0XsZ7x9dwmqNZ0oHLAWSlsWNpq7LyiZqqH9++cwiY/u2KoEaTW
i77F
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:16 2023 by rpki-client on console-fra.rpki-client.org