Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/Tnm-XD0emOaH1m81W2sp6JLYBVo.roa
File: Tnm-XD0emOaH1m81W2sp6JLYBVo.roa (raw, json)
Hash identifier: QJeivdmydWWR8gPnHPsG/B1RgaoBvgYawb4rY8u4Fzk=
Subject key identifier: 4E:79:BE:5C:3D:1E:98:E6:87:D6:6F:35:5B:6B:29:E8:92:D8:05:5A
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 0194236A2AE0A330B13161F54278BCCDBAA1
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/Tnm-XD0emOaH1m81W2sp6JLYBVo.roa
Signing time: Wed 01 Jan 2025 19:49:07 +0000
ROA not before: Wed 01 Jan 2025 19:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50810
IP address blocks: 5.201.128.0/18 maxlen: 18
5.201.128.0/21 maxlen: 21
5.201.128.0/22 maxlen: 22
5.201.132.0/22 maxlen: 22
5.201.136.0/22 maxlen: 22
5.201.138.0/24 maxlen: 24
5.201.140.0/22 maxlen: 22
5.201.142.0/23 maxlen: 23
5.201.144.0/21 maxlen: 21
5.201.144.0/22 maxlen: 22
5.201.144.0/23 maxlen: 23
5.201.148.0/22 maxlen: 22
5.201.152.0/22 maxlen: 22
5.201.156.0/22 maxlen: 22
5.201.160.0/22 maxlen: 22
5.201.160.0/23 maxlen: 23
5.201.162.0/24 maxlen: 24
5.201.164.0/22 maxlen: 22
5.201.168.0/22 maxlen: 22
5.201.172.0/22 maxlen: 22
5.201.174.0/24 maxlen: 24
5.201.176.0/22 maxlen: 22
5.201.180.0/22 maxlen: 22
5.201.184.0/22 maxlen: 22
5.201.188.0/22 maxlen: 22
37.156.16.0/21 maxlen: 21
37.156.16.0/22 maxlen: 22
37.156.20.0/22 maxlen: 22
37.156.24.0/22 maxlen: 22
37.156.28.0/22 maxlen: 22
37.156.30.0/23 maxlen: 23
37.156.31.0/24 maxlen: 24
89.37.0.0/20 maxlen: 20
89.37.0.0/22 maxlen: 22
89.37.0.0/24 maxlen: 24
89.37.4.0/22 maxlen: 22
89.37.8.0/22 maxlen: 22
89.37.8.0/24 maxlen: 24
89.37.12.0/22 maxlen: 22
89.37.12.0/24 maxlen: 24
89.37.14.0/24 maxlen: 24
89.37.15.0/24 maxlen: 24
89.43.0.0/21 maxlen: 21
89.43.0.0/22 maxlen: 22
89.43.4.0/22 maxlen: 22
89.43.8.0/22 maxlen: 22
89.43.10.0/23 maxlen: 23
89.43.12.0/22 maxlen: 22
89.43.12.0/23 maxlen: 23
91.209.183.0/24 maxlen: 24
91.209.184.0/24 maxlen: 24
91.209.186.0/24 maxlen: 24
92.114.16.0/20 maxlen: 24
92.114.20.0/22 maxlen: 22
92.114.20.0/23 maxlen: 23
92.114.21.0/24 maxlen: 24
92.114.22.0/23 maxlen: 23
92.114.24.0/21 maxlen: 21
92.114.24.0/22 maxlen: 22
92.114.25.0/24 maxlen: 24
92.114.28.0/22 maxlen: 22
94.101.128.0/20 maxlen: 24
94.101.128.0/21 maxlen: 21
94.101.128.0/22 maxlen: 22
94.101.132.0/22 maxlen: 22
94.101.136.0/22 maxlen: 22
94.101.139.0/24 maxlen: 24
94.101.140.0/22 maxlen: 22
94.101.140.0/23 maxlen: 23
94.101.142.0/23 maxlen: 23
94.101.142.0/24 maxlen: 24
185.22.30.0/23 maxlen: 23
185.103.84.0/22 maxlen: 22
185.103.84.0/24 maxlen: 24
185.103.85.0/24 maxlen: 24
185.135.228.0/22 maxlen: 22
185.135.230.0/24 maxlen: 24
185.135.231.0/24 maxlen: 24
185.136.100.0/22 maxlen: 22
185.162.40.0/22 maxlen: 22
185.175.76.0/23 maxlen: 23
185.175.78.0/23 maxlen: 23
185.176.32.0/22 maxlen: 22
185.182.220.0/22 maxlen: 22
185.182.220.0/24 maxlen: 24
185.182.221.0/24 maxlen: 24
185.182.222.0/23 maxlen: 23
188.213.64.0/20 maxlen: 21
188.213.64.0/22 maxlen: 22
188.213.64.0/24 maxlen: 24
188.213.68.0/22 maxlen: 22
188.213.71.0/24 maxlen: 24
188.213.72.0/22 maxlen: 22
188.213.72.0/24 maxlen: 24
188.213.73.0/24 maxlen: 24
188.213.74.0/24 maxlen: 24
188.213.75.0/24 maxlen: 24
188.213.76.0/22 maxlen: 22
2a00:5ca0::/29 maxlen: 29
2a00:5ca0::/31 maxlen: 31
2a00:5ca0::/32 maxlen: 32
2a00:5ca2::/31 maxlen: 31
2a00:5ca4::/31 maxlen: 31
Validation: Failed, certificate revoked on Sat 01 Feb 2025 10:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2a:e0:a3:30:b1:31:61:f5:42:78:bc:cd:ba:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jan 1 19:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e79be5c3d1e98e687d66f355b6b29e892d8055a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:12:3b:68:57:34:70:84:ac:a5:38:92:aa:23:
2b:1d:ee:83:f1:44:d6:37:46:f4:ec:a8:90:9e:4a:
78:34:3b:31:01:07:11:ba:85:14:50:68:fa:17:23:
a3:d4:fa:d5:af:f4:03:f2:82:6d:e6:af:35:fa:23:
f0:6b:9b:2b:95:92:00:10:8e:0b:91:dc:ad:de:bf:
6d:73:32:41:6a:01:37:aa:c6:b4:25:9e:d6:43:fe:
17:52:cf:05:ed:7d:d0:4c:45:a9:0e:ca:eb:33:3b:
e9:83:d9:97:c8:50:a3:90:38:f8:a3:1f:ea:a4:e0:
2a:d4:54:e1:0d:5a:e6:47:f6:57:95:5c:87:53:62:
fb:8d:43:1b:c5:9c:83:c5:30:e0:24:08:e4:03:95:
c4:fd:b4:a4:c8:3e:e2:6f:58:cf:6c:95:a5:b4:b2:
b2:eb:24:98:4a:1d:f6:85:5a:17:20:35:77:83:26:
71:5d:03:86:65:a8:bb:11:77:eb:e9:4e:bc:be:6c:
60:83:a8:fe:2f:65:15:c5:b8:cf:04:50:1c:af:a6:
c9:9e:80:e0:9c:1c:cf:c2:62:4c:48:bc:9c:0a:65:
fe:e8:fe:5d:45:ea:b0:0f:ed:0c:8c:ba:a1:ce:96:
e7:63:7e:9f:e3:7f:bd:fd:a7:1b:be:e4:7d:5a:46:
33:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:79:BE:5C:3D:1E:98:E6:87:D6:6F:35:5B:6B:29:E8:92:D8:05:5A
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/Tnm-XD0emOaH1m81W2sp6JLYBVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.128.0/18
37.156.16.0/20
89.37.0.0/20
89.43.0.0/20
91.209.183.0-91.209.184.255
91.209.186.0/24
92.114.16.0/20
94.101.128.0/20
185.22.30.0/23
185.103.84.0/22
185.135.228.0/22
185.136.100.0/22
185.162.40.0/22
185.175.76.0/22
185.176.32.0/22
185.182.220.0/22
188.213.64.0/20
IPv6:
2a00:5ca0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:17:49:c5:be:a1:03:d5:4e:9d:6f:c5:05:ce:bd:8f:1f:ab:
99:9c:f6:cc:79:bc:70:88:0e:bd:60:ae:d2:99:96:07:67:f2:
a7:09:9e:ef:23:ee:21:48:1b:fe:09:a7:d6:6c:a6:19:e7:65:
7f:71:41:70:8b:4c:55:3b:dd:f7:ab:1e:6b:40:8f:3c:fe:ca:
08:72:11:1f:10:8f:61:ef:b9:3e:6f:c8:fe:7a:70:d5:62:d3:
64:f6:f0:e7:c7:7e:80:9b:84:c6:c6:b0:c0:0c:a3:5c:94:d0:
00:b9:12:82:74:23:50:a1:74:ef:47:3e:14:48:12:4b:a6:cb:
47:21:38:8d:e1:60:60:6e:da:21:fb:35:3f:94:e9:74:e8:12:
4a:b9:81:37:f2:d9:02:d3:23:fc:20:e9:8c:bf:4f:00:9e:bf:
60:9e:ee:52:bb:21:44:10:94:2d:e1:03:c1:6b:29:d9:f2:6d:
3d:eb:37:18:96:9a:36:30:02:6f:e3:1c:2d:c9:4f:23:64:79:
ee:da:c5:d9:ab:fa:ed:87:94:b2:44:36:47:85:f3:c4:13:c7:
01:f8:05:1a:8d:ea:0d:bf:88:34:1a:bd:b5:a8:86:12:99:df:
d6:a9:3a:5b:4d:22:c0:74:ac:6c:86:c8:c6:58:d8:12:3a:be:
73:ae:7c:a3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZQjairgozCxMWH1Qni8zbqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjUwMTAxMTk0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTc5YmU1YzNkMWU5OGU2ODdkNjZmMzU1YjZiMjllODkyZDgwNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBI7aFc0cISspTiSqiMrHe6D8UTW
N0b07KiQnkp4NDsxAQcRuoUUUGj6FyOj1PrVr/QD8oJt5q81+iPwa5srlZIAEI4L
kdyt3r9tczJBagE3qsa0JZ7WQ/4XUs8F7X3QTEWpDsrrMzvpg9mXyFCjkDj4ox/q
pOAq1FThDVrmR/ZXlVyHU2L7jUMbxZyDxTDgJAjkA5XE/bSkyD7ib1jPbJWltLKy
6ySYSh32hVoXIDV3gyZxXQOGZai7EXfr6U68vmxgg6j+L2UVxbjPBFAcr6bJnoDg
nBzPwmJMSLycCmX+6P5dReqwD+0MjLqhzpbnY36f43+9/acbvuR9WkYzBQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFE55vlw9Hpjmh9ZvNVtrKeiS2AVaMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvVG5tLVhEMGVtT2FIMW04MVcyc3A2SkxZQlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQGBcmA
AwQEJZwQAwQEWSUAAwQEWSsAMAwDBABb0bcDBABb0bgDBABb0boDBARcchADBARe
ZYADBAG5Fh4DBAK5Z1QDBAK5h+QDBAK5iGQDBAK5oigDBAK5r0wDBAK5sCADBAK5
ttwDBAS81UAwDQQCAAIwBwMFAyoAXKAwDQYJKoZIhvcNAQELBQADggEBAFwXScW+
oQPVTp1vxQXOvY8fq5mc9sx5vHCIDr1grtKZlgdn8qcJnu8j7iFIG/4Jp9Zsphnn
ZX9xQXCLTFU73ferHmtAjzz+yghyER8Qj2HvuT5vyP56cNVi02T28OfHfoCbhMbG
sMAMo1yU0AC5EoJ0I1ChdO9HPhRIEkumy0chOI3hYGBu2iH7NT+U6XToEkq5gTfy
2QLTI/wg6Yy/TwCev2Ce7lK7IUQQlC3hA8FrKdnybT3rNxiWmjYwAm/jHC3JTyNk
ee7axdmr+u2HlLJENkeF88QTxwH4BRqN6g2/iDQavbWohhKZ39apOltNIsB0rGyG
yMZY2BI6vnOufKM=
-----END CERTIFICATE-----
Generated at Wed Apr 23 15:28:21 2025 by rpki-client