Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/hBPgT9UmU5DgriTOyhRZYe20LgA.roa
File: hBPgT9UmU5DgriTOyhRZYe20LgA.roa (raw, json)
Hash identifier: 1P3d86Ieh6bnfg89enJln6d1MD/vHpCnxVPTMOwJd/0=
Subject key identifier: 84:13:E0:4F:D5:26:53:90:E0:AE:24:CE:CA:14:59:61:ED:B4:2E:00
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 018BCD576078E98C65B443C342B36FFCCAE4
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/hBPgT9UmU5DgriTOyhRZYe20LgA.roa
Signing time: Tue 14 Nov 2023 10:18:57 +0000
ROA not before: Tue 14 Nov 2023 10:18:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23764
IP address blocks: 5.10.136.112/29 maxlen: 29
95.130.192.0/24 maxlen: 24
95.130.199.0/24 maxlen: 24
95.130.194.0/24 maxlen: 24
5.154.128.0/24 maxlen: 24
5.154.129.0/24 maxlen: 24
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.154.144.0/24 maxlen: 24
5.154.145.0/24 maxlen: 24
5.154.146.0/24 maxlen: 24
5.154.147.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
5.154.154.0/24 maxlen: 24
5.154.155.0/24 maxlen: 24
5.154.156.0/24 maxlen: 24
5.154.157.0/24 maxlen: 24
87.120.16.0/24 maxlen: 24
87.120.17.0/24 maxlen: 24
87.120.23.0/24 maxlen: 24
87.120.24.0/24 maxlen: 24
87.120.18.0/24 maxlen: 24
87.120.19.0/24 maxlen: 24
87.120.20.0/24 maxlen: 24
87.120.21.0/24 maxlen: 24
87.120.22.0/24 maxlen: 24
87.120.25.0/24 maxlen: 24
87.120.26.0/24 maxlen: 24
87.120.27.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.92.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
79.139.0.0/24 maxlen: 24
79.139.1.0/24 maxlen: 24
79.139.2.0/24 maxlen: 24
79.139.3.0/24 maxlen: 24
79.139.4.0/24 maxlen: 24
79.139.6.0/24 maxlen: 24
79.139.7.0/24 maxlen: 24
79.139.8.0/24 maxlen: 24
79.139.9.0/24 maxlen: 24
79.139.10.0/24 maxlen: 24
79.139.11.0/24 maxlen: 24
79.139.5.0/24 maxlen: 24
79.139.13.0/24 maxlen: 24
79.139.14.0/24 maxlen: 24
79.139.12.0/24 maxlen: 24
5.10.136.208/30 maxlen: 30
145.14.66.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
2a04:f581:a00e:a004::/64 maxlen: 64
2a04:f581:a00f::/48 maxlen: 48
2a04:f581:a00e:a003::/64 maxlen: 64
2a04:f581:110b::/48 maxlen: 48
2a04:f581:81b0::/48 maxlen: 48
2a04:f581:80b0::/48 maxlen: 48
2a04:f581:82b0::/48 maxlen: 48
2a04:f581:8170::/48 maxlen: 48
2a04:f581:8270::/48 maxlen: 48
2a04:f581:8070::/48 maxlen: 48
2a04:f580:9210::/48 maxlen: 48
2a04:f581:110a::/48 maxlen: 48
2a04:f581:8240::/48 maxlen: 48
2a04:f581:8040::/48 maxlen: 48
2a04:f581:8140::/48 maxlen: 48
2a04:f580:9030:100::/56 maxlen: 56
2a04:f581:a00e:a002::/64 maxlen: 64
2a04:f581:a00e:a001::/64 maxlen: 64
2a04:f581:8190::/48 maxlen: 48
2a04:f581:8290::/48 maxlen: 48
2a04:f581:8090::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:57:60:78:e9:8c:65:b4:43:c3:42:b3:6f:fc:ca:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Nov 14 10:18:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8413e04fd5265390e0ae24ceca145961edb42e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f3:99:3c:4d:d4:46:28:70:56:4c:d3:ea:a7:
65:e1:79:0d:da:66:0c:b4:bc:7b:4a:35:9a:c1:d7:
9d:a0:84:c1:b2:b9:f8:de:3a:36:81:1b:02:1e:03:
2c:45:85:e1:82:48:5f:3a:58:a2:1a:8c:35:e5:8e:
ef:79:b5:a0:80:67:92:1c:7b:7e:72:95:80:d4:4b:
27:5d:14:b8:00:b4:96:a6:5f:a7:94:c9:9a:98:33:
26:c0:73:4d:2d:1e:1c:40:92:bc:b8:22:7d:5e:99:
31:59:e6:a4:00:c1:61:dd:25:92:49:bd:a9:e6:d0:
88:81:7e:82:b7:b0:45:e5:67:85:bf:1d:66:c1:f7:
62:73:6b:2a:e8:ce:d7:89:dd:f4:00:23:e2:61:fe:
f4:d5:6a:01:d5:8b:88:f9:55:08:cc:a0:43:d3:19:
eb:2f:9e:e3:a4:de:f9:5e:02:44:87:7f:23:a1:bb:
2e:d1:0d:80:4c:7f:ca:b9:06:f9:3e:32:b4:24:5c:
9f:94:fd:80:b0:93:ff:94:14:65:31:0b:03:c6:14:
0e:97:a5:ec:de:ca:a6:4e:df:72:d1:57:a7:44:b9:
5b:3c:91:af:06:0a:16:8a:01:45:19:32:7a:fb:e2:
e5:26:36:1e:71:08:31:44:05:fc:67:92:92:fb:31:
1d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:13:E0:4F:D5:26:53:90:E0:AE:24:CE:CA:14:59:61:ED:B4:2E:00
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/hBPgT9UmU5DgriTOyhRZYe20LgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.112/29
5.10.136.208/30
5.10.141.8/30
5.10.141.136/30
5.154.128.0/23
5.154.144.0/22
5.154.154.0-5.154.159.255
79.139.0.0-79.139.14.255
87.120.16.0-87.120.27.255
95.130.192.0/24
95.130.194.0/24
95.130.199.0/24
145.14.66.0/24
145.14.68.0/24
145.14.70.0/24
145.14.73.0/24
145.14.76.0-145.14.78.255
145.14.80.0/24
145.14.83.0/24
145.14.85.0/24
145.14.87.0/24
145.14.89.0/24
145.14.91.0-145.14.93.255
IPv6:
2a04:f580:9030:100::/56
2a04:f580:9210::/48
2a04:f581:110a::/47
2a04:f581:8040::/48
2a04:f581:8070::/48
2a04:f581:8090::/48
2a04:f581:80b0::/48
2a04:f581:8140::/48
2a04:f581:8170::/48
2a04:f581:8190::/48
2a04:f581:81b0::/48
2a04:f581:8240::/48
2a04:f581:8270::/48
2a04:f581:8290::/48
2a04:f581:82b0::/48
2a04:f581:a00e:a001::-2a04:f581:a00e:a004:ffff:ffff:ffff:ffff
2a04:f581:a00f::/48
Signature Algorithm: sha256WithRSAEncryption
0e:a4:37:f7:d6:23:74:16:12:f2:69:17:18:76:64:55:fd:47:
be:f2:61:0b:c8:6e:89:d9:0a:89:7c:24:ab:a2:1c:22:ba:65:
4e:09:89:41:07:56:23:23:c5:9b:d4:f3:47:36:6e:6d:1a:ae:
1b:10:66:7e:d6:5e:e6:37:14:9f:35:43:5c:eb:a9:c3:9a:50:
d7:81:ad:9b:39:00:44:f6:97:0f:15:64:4c:b4:fa:8f:df:60:
58:b4:99:8a:82:2f:4c:dc:99:d5:90:d7:ac:88:57:d7:f5:78:
3c:8a:69:c8:44:a2:32:2d:23:af:de:6a:94:f9:54:1d:87:8b:
25:4b:be:3a:e5:6e:87:97:5c:37:90:7e:f9:1b:51:df:f7:3c:
34:dc:b5:45:e8:b0:f2:16:2a:dc:8a:26:3a:83:c1:23:78:75:
b4:6f:dc:af:c1:34:54:4b:11:11:e2:cd:45:7c:01:1b:cd:86:
09:4f:77:eb:a0:a1:50:dc:6b:56:8a:a7:a5:0d:bd:ed:91:58:
24:6f:5e:47:21:d5:15:2f:ef:66:a3:67:e7:4b:ea:7a:74:bc:
cf:ba:41:b4:27:e4:1a:9c:5b:bf:ff:15:32:2a:e7:99:10:1a:
af:e9:58:88:3a:01:9d:f7:0f:bf:8d:3f:29:ce:d6:df:6b:3a:
d6:08:5b:6b
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgISAYvNV2B46YxltEPDQrNv/MrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjMxMTE0MTAxODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDEzZTA0ZmQ1MjY1MzkwZTBhZTI0Y2VjYTE0NTk2MWVkYjQyZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/OZPE3URihwVkzT6qdl4XkN2mYM
tLx7SjWawdedoITBsrn43jo2gRsCHgMsRYXhgkhfOliiGow15Y7vebWggGeSHHt+
cpWA1EsnXRS4ALSWpl+nlMmamDMmwHNNLR4cQJK8uCJ9XpkxWeakAMFh3SWSSb2p
5tCIgX6Ct7BF5WeFvx1mwfdic2sq6M7Xid30ACPiYf701WoB1YuI+VUIzKBD0xnr
L57jpN75XgJEh38jobsu0Q2ATH/KuQb5PjK0JFyflP2AsJP/lBRlMQsDxhQOl6Xs
3sqmTt9y0VenRLlbPJGvBgoWigFFGTJ6++LlJjYecQgxRAX8Z5KS+zEdoQIDAQAB
o4IDczCCA28wHQYDVR0OBBYEFIQT4E/VJlOQ4K4kzsoUWWHttC4AMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvaEJQZ1Q5VW1VNURncmlUT3loUlpZZTIwTGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhwYIKwYBBQUHAQcBAf8EggF2MIIBcjCBvAQCAAEwgbUD
BQMFCohwAwUCBQqI0AMFAgUKjQgDBQIFCo2IAwQBBZqAAwQCBZqQMAwDBAEFmpoD
BAUFmoAwCwMDAE+LAwQAT4sOMAwDBARXeBADBAJXeBgDBABfgsADBABfgsIDBABf
gscDBACRDkIDBACRDkQDBACRDkYDBACRDkkwDAMEApEOTAMEAJEOTgMEAJEOUAME
AJEOUwMEAJEOVQMEAJEOVwMEAJEOWTAMAwQAkQ5bAwQBkQ5cMIGwBAIAAjCBqQMI
ACoE9YCQMAEDBwAqBPWAkhADBwEqBPWBEQoDBwAqBPWBgEADBwAqBPWBgHADBwAq
BPWBgJADBwAqBPWBgLADBwAqBPWBgUADBwAqBPWBgXADBwAqBPWBgZADBwAqBPWB
gbADBwAqBPWBgkADBwAqBPWBgnADBwAqBPWBgpADBwAqBPWBgrAwFgMJACoE9YGg
DqABAwkAKgT1gaAOoAQDBwAqBPWBoA8wDQYJKoZIhvcNAQELBQADggEBAA6kN/fW
I3QWEvJpFxh2ZFX9R77yYQvIbonZCol8JKuiHCK6ZU4JiUEHViMjxZvU80c2bm0a
rhsQZn7WXuY3FJ81Q1zrqcOaUNeBrZs5AET2lw8VZEy0+o/fYFi0mYqCL0zcmdWQ
16yIV9f1eDyKachEojItI6/eapT5VB2HiyVLvjrlboeXXDeQfvkbUd/3PDTctUXo
sPIWKtyKJjqDwSN4dbRv3K/BNFRLERHizUV8ARvNhglPd+ugoVDca1aKp6UNve2R
WCRvXkch1RUv72ajZ+dL6np0vM+6QbQn5BqcW7//FTIq55kQGq/pWIg6AZ33D7+N
PynO1t9rOtYIW2s=
-----END CERTIFICATE-----
Generated at Wed Nov 15 03:40:12 2023 by rpki-client on console-ams.rpki-client.org