Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/ELUkdIaDmHCzdJ1jKF6atOwpQrA.roa
File: ELUkdIaDmHCzdJ1jKF6atOwpQrA.roa (raw, json)
Hash identifier: v8cCBtVVLi5zxTyJOmDs0jN5Ap8cbQpfbXWFNf4bxUs=
Subject key identifier: 10:B5:24:74:86:83:98:70:B3:74:9D:63:28:5E:9A:B4:EC:29:42:B0
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 01942369189A0C7F4766980612EB81A3B3A6
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/ELUkdIaDmHCzdJ1jKF6atOwpQrA.roa
Signing time: Wed 01 Jan 2025 19:47:57 +0000
ROA not before: Wed 01 Jan 2025 19:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58065
IP address blocks: 5.157.6.0/24 maxlen: 24
5.157.11.0/24 maxlen: 24
5.157.19.0/24 maxlen: 24
5.157.21.0/24 maxlen: 24
5.157.23.0/24 maxlen: 24
5.157.24.0/24 maxlen: 24
5.157.26.0/24 maxlen: 24
5.157.29.0/24 maxlen: 24
5.157.32.0/24 maxlen: 24
5.157.33.0/24 maxlen: 24
5.157.34.0/24 maxlen: 24
5.157.37.0/24 maxlen: 24
5.157.43.0/24 maxlen: 24
5.157.51.0/24 maxlen: 24
5.157.53.0/24 maxlen: 24
5.157.55.0/24 maxlen: 24
23.92.115.0/24 maxlen: 24
23.92.116.0/24 maxlen: 24
23.92.126.0/24 maxlen: 24
37.72.186.0/24 maxlen: 24
104.160.16.0/24 maxlen: 24
104.160.17.0/24 maxlen: 24
107.150.64.0/24 maxlen: 24
107.150.65.0/24 maxlen: 24
107.150.67.0/24 maxlen: 24
107.150.69.0/24 maxlen: 24
107.150.70.0/24 maxlen: 24
107.150.71.0/24 maxlen: 24
107.150.88.0/24 maxlen: 24
107.150.89.0/24 maxlen: 24
107.150.90.0/24 maxlen: 24
107.150.91.0/24 maxlen: 24
130.185.153.0/24 maxlen: 24
151.237.188.0/24 maxlen: 24
162.212.168.0/24 maxlen: 24
162.212.169.0/24 maxlen: 24
162.212.170.0/24 maxlen: 24
162.212.171.0/24 maxlen: 24
162.212.172.0/24 maxlen: 24
162.212.173.0/24 maxlen: 24
162.212.174.0/24 maxlen: 24
162.212.175.0/24 maxlen: 24
2a02:5740:4::/48 maxlen: 48
2a02:5740:9::/48 maxlen: 48
2a02:5740:14::/48 maxlen: 48
2a02:5740:24::/48 maxlen: 48
2a02:5740:26::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 30 Mar 2025 15:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:18:9a:0c:7f:47:66:98:06:12:eb:81:a3:b3:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Jan 1 19:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10b5247486839870b3749d63285e9ab4ec2942b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e4:b5:12:92:f2:13:9e:81:36:23:5e:20:00:
7d:8d:ed:56:cb:75:83:b3:9a:1f:e0:72:d2:04:eb:
09:89:00:da:d9:f9:53:9f:5c:30:e5:df:ed:07:55:
cb:6d:d1:cb:c1:f7:fc:1e:e6:f8:01:71:f6:89:64:
c6:07:3b:8f:73:cd:be:6e:43:e2:79:53:dd:17:76:
fb:11:07:01:1d:46:99:66:3b:f0:27:e5:d0:3a:c3:
58:7b:ff:ce:cf:80:e1:75:d8:3f:81:61:d7:e2:6c:
92:71:2c:49:d3:18:f2:7a:96:e2:8a:f6:af:e7:4d:
e1:83:9d:7c:3b:68:15:64:b7:cd:c3:1e:20:eb:2d:
05:b7:5d:09:ff:3e:5b:52:b6:17:30:98:e3:24:43:
73:ae:d8:18:96:7b:aa:6b:26:4c:52:4c:7f:91:cd:
dd:09:4a:89:e1:bb:5e:42:91:db:19:b4:9b:e7:60:
ad:b2:8a:fe:08:90:9c:8e:2d:76:f3:fd:a6:24:b5:
7d:15:1a:19:41:21:ac:6d:7f:56:18:b9:09:b2:31:
58:50:5b:9b:06:19:20:8c:42:3e:b1:d8:f1:35:02:
1f:0b:13:01:16:2c:e4:43:6e:f0:9b:72:31:78:e5:
38:5b:ce:59:c3:c9:ab:92:e3:93:86:52:7f:26:56:
53:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B5:24:74:86:83:98:70:B3:74:9D:63:28:5E:9A:B4:EC:29:42:B0
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/ELUkdIaDmHCzdJ1jKF6atOwpQrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.6.0/24
5.157.11.0/24
5.157.19.0/24
5.157.21.0/24
5.157.23.0-5.157.24.255
5.157.26.0/24
5.157.29.0/24
5.157.32.0-5.157.34.255
5.157.37.0/24
5.157.43.0/24
5.157.51.0/24
5.157.53.0/24
5.157.55.0/24
23.92.115.0-23.92.116.255
23.92.126.0/24
37.72.186.0/24
104.160.16.0/23
107.150.64.0/23
107.150.67.0/24
107.150.69.0-107.150.71.255
107.150.88.0/22
130.185.153.0/24
151.237.188.0/24
162.212.168.0/21
IPv6:
2a02:5740:4::/48
2a02:5740:9::/48
2a02:5740:14::/48
2a02:5740:24::/48
2a02:5740:26::/48
Signature Algorithm: sha256WithRSAEncryption
4f:cb:90:e7:dc:6f:d5:50:4a:c1:df:3b:af:ff:dd:81:36:72:
ca:b9:6a:e2:dd:35:00:0d:f1:f1:c1:be:1f:98:04:5d:0f:84:
0a:52:1f:bd:d0:fe:31:fe:fb:3a:95:96:f8:2f:44:71:ea:2b:
20:7e:e0:c8:0b:ab:c0:d2:58:b7:7c:6b:69:38:9d:0f:7c:64:
2e:2b:55:85:ea:be:45:92:61:62:4a:36:b6:68:29:fd:13:f5:
0e:34:64:26:a0:e6:ed:35:d5:0d:81:dc:3f:88:96:71:5f:77:
0e:2b:63:f5:8f:b5:48:d3:73:38:f8:04:7a:10:86:a0:94:f3:
f7:ae:82:a1:aa:26:4d:eb:43:55:62:38:af:04:14:c7:8a:f1:
f0:06:30:49:c9:9f:8e:c2:65:b6:65:92:fd:78:21:a0:8b:6e:
01:d9:5b:e3:10:41:b8:44:39:90:9c:80:a5:5f:8a:ac:8d:3c:
a7:5a:40:24:c3:07:25:59:6c:69:25:ad:26:eb:1c:6d:da:eb:
3c:06:f4:4a:dd:9a:84:b5:08:3c:2e:44:dd:78:56:ca:7a:cf:
d3:8e:04:30:7e:24:e4:34:4b:c9:92:6c:42:68:25:9e:64:81:
ed:aa:9c:e2:a0:94:cd:58:ff:be:1a:a8:b7:fc:36:7e:51:dd:
45:ed:76:d7
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAZQjaRiaDH9HZpgGEuuBo7OmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjUwMTAxMTk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGI1MjQ3NDg2ODM5ODcwYjM3NDlkNjMyODVlOWFiNGVjMjk0MmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOS1EpLyE56BNiNeIAB9je1Wy3WD
s5of4HLSBOsJiQDa2flTn1ww5d/tB1XLbdHLwff8Hub4AXH2iWTGBzuPc82+bkPi
eVPdF3b7EQcBHUaZZjvwJ+XQOsNYe//Oz4Dhddg/gWHX4myScSxJ0xjyepbiivav
503hg518O2gVZLfNwx4g6y0Ft10J/z5bUrYXMJjjJENzrtgYlnuqayZMUkx/kc3d
CUqJ4bteQpHbGbSb52Ctsor+CJCcji128/2mJLV9FRoZQSGsbX9WGLkJsjFYUFub
BhkgjEI+sdjxNQIfCxMBFizkQ27wm3IxeOU4W85Zw8mrkuOThlJ/JlZT/QIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFBC1JHSGg5hws3SdYyhemrTsKUKwMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvRUxVa2RJYURtSEN6ZEoxaktGNmF0T3dwUXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgbcEAgABMIGwAwQA
BZ0GAwQABZ0LAwQABZ0TAwQABZ0VMAwDBAAFnRcDBAAFnRgDBAAFnRoDBAAFnR0w
DAMEBQWdIAMEAAWdIgMEAAWdJQMEAAWdKwMEAAWdMwMEAAWdNQMEAAWdNzAMAwQA
F1xzAwQAF1x0AwQAF1x+AwQAJUi6AwQBaKAQAwQBa5ZAAwQAa5ZDMAwDBABrlkUD
BANrlkADBAJrllgDBACCuZkDBACX7bwDBAOi1KgwMwQCAAIwLQMHACoCV0AABAMH
ACoCV0AACQMHACoCV0AAFAMHACoCV0AAJAMHACoCV0AAJjANBgkqhkiG9w0BAQsF
AAOCAQEAT8uQ59xv1VBKwd87r//dgTZyyrlq4t01AA3x8cG+H5gEXQ+EClIfvdD+
Mf77OpWW+C9EceorIH7gyAurwNJYt3xraTidD3xkLitVheq+RZJhYko2tmgp/RP1
DjRkJqDm7TXVDYHcP4iWcV93Ditj9Y+1SNNzOPgEehCGoJTz966CoaomTetDVWI4
rwQUx4rx8AYwScmfjsJltmWS/XghoItuAdlb4xBBuEQ5kJyApV+KrI08p1pAJMMH
JVlsaSWtJuscbdrrPAb0St2ahLUIPC5E3XhWynrP044EMH4k5DRLyZJsQmglnmSB
7aqc4qCUzVj/vhqot/w2flHdRe121w==
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:38:08 2025 by rpki-client