Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/xhktKEUNXrjDPmqocmRTyb6yWKU.roa
File: xhktKEUNXrjDPmqocmRTyb6yWKU.roa (raw, json)
Hash identifier: RUhL4jgpgbVGbkru7HXOEGxWpazWAJxd+XkBxfoKjq4=
Subject key identifier: C6:19:2D:28:45:0D:5E:B8:C3:3E:6A:A8:72:64:53:C9:BE:B2:58:A5
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 01915111FF523DEA006F7F2A311AD4379853
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/xhktKEUNXrjDPmqocmRTyb6yWKU.roa
Signing time: Wed 14 Aug 2024 13:26:59 +0000
ROA not before: Wed 14 Aug 2024 13:26:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23764
IP address blocks: 5.10.136.112/29 maxlen: 29
5.10.136.208/30 maxlen: 30
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.154.128.0/24 maxlen: 24
5.154.129.0/24 maxlen: 24
5.154.144.0/24 maxlen: 24
5.154.145.0/24 maxlen: 24
5.154.146.0/24 maxlen: 24
5.154.147.0/24 maxlen: 24
5.154.154.0/24 maxlen: 24
5.154.155.0/24 maxlen: 24
5.154.156.0/24 maxlen: 24
5.154.157.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
79.139.0.0/24 maxlen: 24
79.139.1.0/24 maxlen: 24
79.139.2.0/24 maxlen: 24
79.139.3.0/24 maxlen: 24
79.139.4.0/24 maxlen: 24
79.139.5.0/24 maxlen: 24
79.139.6.0/24 maxlen: 24
79.139.7.0/24 maxlen: 24
79.139.8.0/24 maxlen: 24
79.139.9.0/24 maxlen: 24
79.139.10.0/24 maxlen: 24
79.139.11.0/24 maxlen: 24
79.139.12.0/24 maxlen: 24
79.139.13.0/24 maxlen: 24
79.139.14.0/24 maxlen: 24
87.120.16.0/24 maxlen: 24
87.120.17.0/24 maxlen: 24
87.120.18.0/24 maxlen: 24
87.120.19.0/24 maxlen: 24
87.120.20.0/24 maxlen: 24
87.120.21.0/24 maxlen: 24
87.120.22.0/24 maxlen: 24
87.120.23.0/24 maxlen: 24
87.120.24.0/24 maxlen: 24
87.120.25.0/24 maxlen: 24
87.120.26.0/24 maxlen: 24
87.120.27.0/24 maxlen: 24
95.130.192.0/24 maxlen: 24
95.130.194.0/24 maxlen: 24
95.130.199.0/24 maxlen: 24
145.14.66.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.92.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
2a04:f580:9030:100::/56 maxlen: 56
2a04:f580:9210::/48 maxlen: 48
2a04:f581:110a::/48 maxlen: 48
2a04:f581:110b::/48 maxlen: 48
2a04:f581:8040::/48 maxlen: 48
2a04:f581:8070::/48 maxlen: 48
2a04:f581:8090::/48 maxlen: 48
2a04:f581:80b0::/48 maxlen: 48
2a04:f581:8140::/48 maxlen: 48
2a04:f581:8170::/48 maxlen: 48
2a04:f581:8190::/48 maxlen: 48
2a04:f581:81b0::/48 maxlen: 48
2a04:f581:8240::/48 maxlen: 48
2a04:f581:8270::/48 maxlen: 48
2a04:f581:8290::/48 maxlen: 48
2a04:f581:82b0::/48 maxlen: 48
2a04:f581:a00e:a001::/64 maxlen: 64
2a04:f581:a00e:a002::/64 maxlen: 64
2a04:f581:a00e:a003::/64 maxlen: 64
2a04:f581:a00e:a004::/64 maxlen: 64
2a04:f581:a00f::/48 maxlen: 48
2a04:f581:a111::/48 maxlen: 48
2a04:f581:a125::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 15 Aug 2024 14:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:51:11:ff:52:3d:ea:00:6f:7f:2a:31:1a:d4:37:98:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Aug 14 13:26:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6192d28450d5eb8c33e6aa8726453c9beb258a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f0:14:e4:fc:66:0b:ad:e7:60:66:24:37:55:
fc:d5:f6:ef:ea:35:83:c8:d9:79:00:11:7b:67:3e:
25:ac:72:c6:d2:78:94:10:97:d3:3b:92:8a:e2:2b:
cc:2c:64:4a:c1:0c:95:d5:b3:38:6d:f9:44:d4:31:
56:bd:9e:48:04:69:f2:7e:92:59:77:24:42:3a:a8:
73:60:33:14:38:b5:0d:d8:4f:b1:73:a9:89:45:17:
fe:f1:e7:6e:f1:61:1a:79:00:14:ac:42:d8:c1:0b:
62:d7:68:05:f0:6a:9a:a8:d8:d2:31:46:86:8c:42:
4d:fb:ba:78:dd:84:11:96:3b:75:e7:c6:61:4f:0c:
2b:38:f3:7c:45:44:d7:5b:0b:92:f3:35:b7:28:17:
a3:0a:64:d6:32:22:47:41:33:bf:45:42:85:76:47:
75:6f:71:c4:d3:66:b1:c9:50:0b:31:98:08:b6:01:
fd:be:4f:72:da:aa:a4:25:7c:f6:20:28:a1:90:dd:
51:40:cc:84:39:8d:76:01:5a:b4:1c:6a:77:dc:d4:
a7:c9:2e:58:95:48:91:33:db:b5:82:bb:bd:7c:bb:
e4:eb:df:e2:36:7a:bf:ea:61:9b:b4:1a:ac:0e:04:
7d:50:84:07:43:bc:a9:9e:ec:54:4a:ad:95:05:da:
0b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:19:2D:28:45:0D:5E:B8:C3:3E:6A:A8:72:64:53:C9:BE:B2:58:A5
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/xhktKEUNXrjDPmqocmRTyb6yWKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.112/29
5.10.136.208/30
5.10.141.8/30
5.10.141.136/30
5.154.128.0/23
5.154.144.0/22
5.154.154.0-5.154.159.255
79.139.0.0-79.139.14.255
87.120.16.0-87.120.27.255
95.130.192.0/24
95.130.194.0/24
95.130.199.0/24
145.14.66.0/24
145.14.68.0/24
145.14.70.0/24
145.14.73.0/24
145.14.76.0-145.14.78.255
145.14.80.0/24
145.14.83.0/24
145.14.85.0/24
145.14.87.0/24
145.14.89.0/24
145.14.91.0-145.14.93.255
IPv6:
2a04:f580:9030:100::/56
2a04:f580:9210::/48
2a04:f581:110a::/47
2a04:f581:8040::/48
2a04:f581:8070::/48
2a04:f581:8090::/48
2a04:f581:80b0::/48
2a04:f581:8140::/48
2a04:f581:8170::/48
2a04:f581:8190::/48
2a04:f581:81b0::/48
2a04:f581:8240::/48
2a04:f581:8270::/48
2a04:f581:8290::/48
2a04:f581:82b0::/48
2a04:f581:a00e:a001::-2a04:f581:a00e:a004:ffff:ffff:ffff:ffff
2a04:f581:a00f::/48
2a04:f581:a111::/48
2a04:f581:a125::/48
Signature Algorithm: sha256WithRSAEncryption
c2:fc:a1:f7:af:d3:95:af:01:c2:82:86:ab:4d:09:4c:68:83:
64:dd:b3:bd:cb:a6:b0:cf:68:81:ff:4b:e6:4a:33:0d:85:91:
ca:89:cf:ce:ce:5c:ce:a2:d4:b3:53:77:9d:bb:7c:a6:42:08:
16:ee:1c:1d:af:b7:92:14:7e:4e:a8:bc:1b:46:f3:e1:53:6e:
6e:f2:69:1e:bb:72:46:3a:cd:13:81:31:99:f4:e1:60:53:e8:
e4:d5:c9:06:ab:8d:af:62:55:74:14:8f:c3:46:5f:49:a5:58:
1d:9e:36:0d:d8:34:a6:78:79:fa:2c:20:ae:1e:3a:da:73:1a:
e2:2f:9a:04:10:58:87:b0:d7:cd:db:9b:57:36:ba:59:87:e6:
e8:3d:80:dd:5b:4b:11:e8:fd:57:71:5b:dd:cb:ab:19:33:fc:
8e:32:55:a0:76:e0:00:14:19:ad:a2:9b:59:d4:bd:e6:3b:62:
f2:52:58:b7:c6:d0:74:d9:fb:9a:47:56:2f:5a:d2:2c:c4:0c:
dc:96:6a:88:0b:57:63:86:76:d7:b1:22:9f:84:ec:7d:b8:7c:
d2:08:71:46:bd:a1:60:85:33:15:9e:26:94:76:ab:31:3a:d1:
d5:4c:5b:74:fd:0b:b7:2d:08:6a:e8:33:38:16:f2:3a:af:88:
4a:15:37:16
-----BEGIN CERTIFICATE-----
MIIGeTCCBWGgAwIBAgISAZFREf9SPeoAb38qMRrUN5hTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjQwODE0MTMyNjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjE5MmQyODQ1MGQ1ZWI4YzMzZTZhYTg3MjY0NTNjOWJlYjI1OGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vAU5PxmC63nYGYkN1X81fbv6jWD
yNl5ABF7Zz4lrHLG0niUEJfTO5KK4ivMLGRKwQyV1bM4bflE1DFWvZ5IBGnyfpJZ
dyRCOqhzYDMUOLUN2E+xc6mJRRf+8edu8WEaeQAUrELYwQti12gF8GqaqNjSMUaG
jEJN+7p43YQRljt158ZhTwwrOPN8RUTXWwuS8zW3KBejCmTWMiJHQTO/RUKFdkd1
b3HE02axyVALMZgItgH9vk9y2qqkJXz2ICihkN1RQMyEOY12AVq0HGp33NSnyS5Y
lUiRM9u1gru9fLvk69/iNnq/6mGbtBqsDgR9UIQHQ7ypnuxUSq2VBdoLvwIDAQAB
o4IDhTCCA4EwHQYDVR0OBBYEFMYZLShFDV64wz5qqHJkU8m+slilMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEveGhrdEtFVU5YcmpEUG1xb2NtUlR5YjZ5V0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmQYIKwYBBQUHAQcBAf8EggGIMIIBhDCBvAQCAAEwgbUD
BQMFCohwAwUCBQqI0AMFAgUKjQgDBQIFCo2IAwQBBZqAAwQCBZqQMAwDBAEFmpoD
BAUFmoAwCwMDAE+LAwQAT4sOMAwDBARXeBADBAJXeBgDBABfgsADBABfgsIDBABf
gscDBACRDkIDBACRDkQDBACRDkYDBACRDkkwDAMEApEOTAMEAJEOTgMEAJEOUAME
AJEOUwMEAJEOVQMEAJEOVwMEAJEOWTAMAwQAkQ5bAwQBkQ5cMIHCBAIAAjCBuwMI
ACoE9YCQMAEDBwAqBPWAkhADBwEqBPWBEQoDBwAqBPWBgEADBwAqBPWBgHADBwAq
BPWBgJADBwAqBPWBgLADBwAqBPWBgUADBwAqBPWBgXADBwAqBPWBgZADBwAqBPWB
gbADBwAqBPWBgkADBwAqBPWBgnADBwAqBPWBgpADBwAqBPWBgrAwFgMJACoE9YGg
DqABAwkAKgT1gaAOoAQDBwAqBPWBoA8DBwAqBPWBoREDBwAqBPWBoSUwDQYJKoZI
hvcNAQELBQADggEBAML8ofev05WvAcKChqtNCUxog2Tds73LprDPaIH/S+ZKMw2F
kcqJz87OXM6i1LNTd527fKZCCBbuHB2vt5IUfk6ovBtG8+FTbm7yaR67ckY6zROB
MZn04WBT6OTVyQarja9iVXQUj8NGX0mlWB2eNg3YNKZ4efosIK4eOtpzGuIvmgQQ
WIew183bm1c2ulmH5ug9gN1bSxHo/VdxW93Lqxkz/I4yVaB24AAUGa2im1nUveY7
YvJSWLfG0HTZ+5pHVi9a0izEDNyWaogLV2OGdtexIp+E7H24fNIIcUa9oWCFMxWe
JpR2qzE60dVMW3T9C7ctCGroMzgW8jqviEoVNxY=
-----END CERTIFICATE-----
Generated at Thu Aug 15 19:59:47 2024 by rpki-client on console-fra.rpki-client.org