Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/vz5JkO70CSNOJ8hBR5RQS_dbbJ8.roa
File: vz5JkO70CSNOJ8hBR5RQS_dbbJ8.roa (raw, json)
Hash identifier: SuTPLoONncX28emQWThE34T5cHSmxja2PIAeUH7sX5M=
Subject key identifier: BF:3E:49:90:EE:F4:09:23:4E:27:C8:41:47:94:50:4B:F7:5B:6C:9F
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 018BF7C84EC1AB33A64AD4CC9145465BA891
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/vz5JkO70CSNOJ8hBR5RQS_dbbJ8.roa
Signing time: Wed 22 Nov 2023 16:06:21 +0000
ROA not before: Wed 22 Nov 2023 16:06:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23764
IP address blocks: 5.10.136.112/29 maxlen: 29
95.130.192.0/24 maxlen: 24
95.130.199.0/24 maxlen: 24
95.130.194.0/24 maxlen: 24
5.154.128.0/24 maxlen: 24
5.154.129.0/24 maxlen: 24
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.154.144.0/24 maxlen: 24
5.154.145.0/24 maxlen: 24
5.154.146.0/24 maxlen: 24
5.154.147.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
5.154.154.0/24 maxlen: 24
5.154.155.0/24 maxlen: 24
5.154.156.0/24 maxlen: 24
5.154.157.0/24 maxlen: 24
87.120.16.0/24 maxlen: 24
87.120.17.0/24 maxlen: 24
87.120.23.0/24 maxlen: 24
87.120.24.0/24 maxlen: 24
87.120.18.0/24 maxlen: 24
87.120.19.0/24 maxlen: 24
87.120.20.0/24 maxlen: 24
87.120.21.0/24 maxlen: 24
87.120.22.0/24 maxlen: 24
87.120.25.0/24 maxlen: 24
87.120.26.0/24 maxlen: 24
87.120.27.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.92.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
79.139.0.0/24 maxlen: 24
79.139.1.0/24 maxlen: 24
79.139.2.0/24 maxlen: 24
79.139.3.0/24 maxlen: 24
79.139.4.0/24 maxlen: 24
79.139.6.0/24 maxlen: 24
79.139.7.0/24 maxlen: 24
79.139.8.0/24 maxlen: 24
79.139.9.0/24 maxlen: 24
79.139.10.0/24 maxlen: 24
79.139.11.0/24 maxlen: 24
79.139.5.0/24 maxlen: 24
79.139.13.0/24 maxlen: 24
79.139.14.0/24 maxlen: 24
79.139.12.0/24 maxlen: 24
5.10.136.208/30 maxlen: 30
145.14.66.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
2a04:f581:a00e:a004::/64 maxlen: 64
2a04:f581:a00f::/48 maxlen: 48
2a04:f581:a00e:a003::/64 maxlen: 64
2a04:f581:110b::/48 maxlen: 48
2a04:f581:81b0::/48 maxlen: 48
2a04:f581:80b0::/48 maxlen: 48
2a04:f581:82b0::/48 maxlen: 48
2a04:f581:8170::/48 maxlen: 48
2a04:f581:8270::/48 maxlen: 48
2a04:f581:8070::/48 maxlen: 48
2a04:f580:9210::/48 maxlen: 48
2a04:f581:110a::/48 maxlen: 48
2a04:f581:8240::/48 maxlen: 48
2a04:f581:8040::/48 maxlen: 48
2a04:f581:8140::/48 maxlen: 48
2a04:f580:9030:100::/56 maxlen: 56
2a04:f581:a00e:a002::/64 maxlen: 64
2a04:f581:a00e:a001::/64 maxlen: 64
2a04:f581:8190::/48 maxlen: 48
2a04:f581:8290::/48 maxlen: 48
2a04:f581:8090::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:c8:4e:c1:ab:33:a6:4a:d4:cc:91:45:46:5b:a8:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Nov 22 16:06:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf3e4990eef409234e27c8414794504bf75b6c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d1:66:1f:c4:29:69:22:b8:0a:b2:a3:58:97:
f1:99:37:40:98:7b:7b:e0:65:4f:f0:29:fb:a9:5b:
2d:3b:df:15:fe:ba:42:96:ec:b0:49:a7:a5:e8:11:
c7:e3:57:1b:9d:fd:e4:50:e2:ad:b8:0e:63:21:9c:
04:8b:f6:5f:4c:97:6e:00:2c:68:1f:3b:33:78:c4:
b1:a1:30:86:dd:1f:f3:29:f6:c1:3f:d1:17:a9:1f:
f0:66:ee:26:5e:8f:ee:0f:88:9d:de:cd:d9:e7:92:
53:43:fc:dc:89:0a:69:51:6a:0a:03:c1:a1:5a:c9:
82:58:7c:55:8b:fb:00:88:fd:fd:e0:b1:83:51:9c:
7d:44:d2:fe:82:41:4a:6f:5f:f3:7b:91:98:8e:8e:
80:86:d2:8d:c8:ee:cd:e8:6f:0a:b9:cd:e0:13:7e:
c1:19:41:aa:c7:d3:83:bd:a5:dc:b0:c1:8d:a7:65:
e2:ef:32:65:64:02:c8:4e:79:65:cc:e7:e4:dc:df:
5b:b0:24:56:bf:40:9e:e6:ea:ba:68:cf:ee:0f:3c:
88:27:4b:62:d2:5a:6e:bb:78:9f:b0:d0:e7:e3:39:
f6:cf:b3:4e:72:00:29:50:23:d6:d3:52:1f:82:b0:
a8:30:ea:8e:e2:45:7c:02:c6:35:9e:5f:60:0f:05:
1d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3E:49:90:EE:F4:09:23:4E:27:C8:41:47:94:50:4B:F7:5B:6C:9F
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/vz5JkO70CSNOJ8hBR5RQS_dbbJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.112/29
5.10.136.208/30
5.10.141.8/30
5.10.141.136/30
5.154.128.0/23
5.154.144.0/22
5.154.154.0-5.154.159.255
79.139.0.0-79.139.14.255
87.120.16.0-87.120.27.255
95.130.192.0/24
95.130.194.0/24
95.130.199.0/24
145.14.66.0/24
145.14.68.0/24
145.14.70.0/24
145.14.73.0/24
145.14.76.0-145.14.78.255
145.14.80.0/24
145.14.83.0/24
145.14.85.0/24
145.14.87.0/24
145.14.89.0/24
145.14.91.0-145.14.93.255
IPv6:
2a04:f580:9030:100::/56
2a04:f580:9210::/48
2a04:f581:110a::/47
2a04:f581:8040::/48
2a04:f581:8070::/48
2a04:f581:8090::/48
2a04:f581:80b0::/48
2a04:f581:8140::/48
2a04:f581:8170::/48
2a04:f581:8190::/48
2a04:f581:81b0::/48
2a04:f581:8240::/48
2a04:f581:8270::/48
2a04:f581:8290::/48
2a04:f581:82b0::/48
2a04:f581:a00e:a001::-2a04:f581:a00e:a004:ffff:ffff:ffff:ffff
2a04:f581:a00f::/48
Signature Algorithm: sha256WithRSAEncryption
12:0c:94:15:a8:62:e6:55:2d:31:a7:b3:0a:ee:c5:9e:b8:bc:
2d:10:5b:54:76:cb:dd:e5:32:56:d2:d7:46:18:c0:cb:d7:ae:
ca:f5:eb:d3:67:e6:60:03:29:c4:84:c5:10:9f:41:54:e8:9d:
3c:9c:64:a9:bd:65:2b:9b:5b:c7:78:3f:cb:7d:ec:47:e0:15:
3f:22:bf:82:c8:c1:65:83:01:74:80:b0:51:0e:50:0b:65:e3:
00:31:a4:7e:1b:a0:86:dc:2f:de:e2:3d:50:b2:c1:0e:ca:65:
3b:d3:4f:ab:6d:1c:15:c8:11:4a:f0:6f:ac:ea:77:ee:9e:eb:
6c:86:3a:e2:2b:d3:bc:9c:b7:a1:b3:33:6d:2a:eb:eb:55:69:
da:05:35:8d:c2:67:91:4b:64:ba:55:71:2a:84:b7:a6:db:32:
60:85:0f:df:5b:06:5d:80:90:75:7c:82:61:8b:2c:ae:b7:f7:
05:45:db:b2:07:e9:ff:ab:26:d3:69:ba:80:e4:bb:90:32:00:
4d:a5:7f:74:39:8d:cb:51:38:9f:44:cf:ec:0c:2f:56:64:bc:
48:1f:3a:d4:ad:b8:d4:41:30:fd:4b:bf:b9:11:97:07:b1:25:
5c:d3:2a:8c:fb:78:eb:f9:a7:9b:23:9a:27:6f:fe:3e:0f:55:
28:0a:b8:7d
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgISAYv3yE7BqzOmStTMkUVGW6iRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjMxMTIyMTYwNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjNlNDk5MGVlZjQwOTIzNGUyN2M4NDE0Nzk0NTA0YmY3NWI2YzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdFmH8QpaSK4CrKjWJfxmTdAmHt7
4GVP8Cn7qVstO98V/rpCluywSael6BHH41cbnf3kUOKtuA5jIZwEi/ZfTJduACxo
HzszeMSxoTCG3R/zKfbBP9EXqR/wZu4mXo/uD4id3s3Z55JTQ/zciQppUWoKA8Gh
WsmCWHxVi/sAiP394LGDUZx9RNL+gkFKb1/ze5GYjo6AhtKNyO7N6G8Kuc3gE37B
GUGqx9ODvaXcsMGNp2Xi7zJlZALITnllzOfk3N9bsCRWv0Ce5uq6aM/uDzyIJ0ti
0lpuu3ifsNDn4zn2z7NOcgApUCPW01IfgrCoMOqO4kV8AsY1nl9gDwUd+QIDAQAB
o4IDczCCA28wHQYDVR0OBBYEFL8+SZDu9AkjTifIQUeUUEv3W2yfMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvdno1SmtPNzBDU05PSjhoQlI1UlFTX2RiYko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhwYIKwYBBQUHAQcBAf8EggF2MIIBcjCBvAQCAAEwgbUD
BQMFCohwAwUCBQqI0AMFAgUKjQgDBQIFCo2IAwQBBZqAAwQCBZqQMAwDBAEFmpoD
BAUFmoAwCwMDAE+LAwQAT4sOMAwDBARXeBADBAJXeBgDBABfgsADBABfgsIDBABf
gscDBACRDkIDBACRDkQDBACRDkYDBACRDkkwDAMEApEOTAMEAJEOTgMEAJEOUAME
AJEOUwMEAJEOVQMEAJEOVwMEAJEOWTAMAwQAkQ5bAwQBkQ5cMIGwBAIAAjCBqQMI
ACoE9YCQMAEDBwAqBPWAkhADBwEqBPWBEQoDBwAqBPWBgEADBwAqBPWBgHADBwAq
BPWBgJADBwAqBPWBgLADBwAqBPWBgUADBwAqBPWBgXADBwAqBPWBgZADBwAqBPWB
gbADBwAqBPWBgkADBwAqBPWBgnADBwAqBPWBgpADBwAqBPWBgrAwFgMJACoE9YGg
DqABAwkAKgT1gaAOoAQDBwAqBPWBoA8wDQYJKoZIhvcNAQELBQADggEBABIMlBWo
YuZVLTGnswruxZ64vC0QW1R2y93lMlbS10YYwMvXrsr169Nn5mADKcSExRCfQVTo
nTycZKm9ZSubW8d4P8t97EfgFT8iv4LIwWWDAXSAsFEOUAtl4wAxpH4boIbcL97i
PVCywQ7KZTvTT6ttHBXIEUrwb6zqd+6e62yGOuIr07yct6GzM20q6+tVadoFNY3C
Z5FLZLpVcSqEt6bbMmCFD99bBl2AkHV8gmGLLK639wVF27IH6f+rJtNpuoDku5Ay
AE2lf3Q5jctROJ9Ez+wML1ZkvEgfOtStuNRBMP1Lv7kRlwexJVzTKoz7eOv5p5sj
midv/j4PVSgKuH0=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:37 2024 by rpki-client on console-ams.rpki-client.org