Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/ZOJPfEq9mc3vHjtjZttdOglVeX8.roa
File: ZOJPfEq9mc3vHjtjZttdOglVeX8.roa (raw, json)
Hash identifier: IAmYfasGG3bJ8kAnZm1xSWfD/qIAZU2cK2PYtyf0arY=
Subject key identifier: 64:E2:4F:7C:4A:BD:99:CD:EF:1E:3B:63:66:DB:5D:3A:09:55:79:7F
Certificate issuer: /CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Certificate serial: 0185E359463D4EB9B868B3F69D4D798C2F0F
Authority key identifier: D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/ZOJPfEq9mc3vHjtjZttdOglVeX8.roa
Signing time: Tue 24 Jan 2023 10:35:56 +0000
ROA not before: Tue 24 Jan 2023 10:35:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43996
IP address blocks: 5.57.16.0/21 maxlen: 21
5.57.16.0/22 maxlen: 22
5.57.17.0/24 maxlen: 24
5.57.16.0/24 maxlen: 24
5.57.23.0/24 maxlen: 24
5.57.18.0/24 maxlen: 24
5.57.22.0/24 maxlen: 24
5.57.19.0/24 maxlen: 24
37.10.4.0/24 maxlen: 24
37.10.0.0/24 maxlen: 24
37.10.4.0/22 maxlen: 22
37.10.5.0/24 maxlen: 24
37.10.6.0/24 maxlen: 24
37.10.7.0/24 maxlen: 24
37.10.24.0/23 maxlen: 23
37.10.24.0/24 maxlen: 24
185.28.220.0/23 maxlen: 23
185.28.223.0/24 maxlen: 24
185.28.221.0/24 maxlen: 24
185.28.222.0/24 maxlen: 24
185.28.220.0/24 maxlen: 24
91.206.232.0/24 maxlen: 24
91.206.233.0/24 maxlen: 24
91.206.232.0/23 maxlen: 23
37.10.26.0/24 maxlen: 24
37.10.25.0/24 maxlen: 24
37.10.27.0/24 maxlen: 24
37.10.28.0/24 maxlen: 24
37.10.38.0/24 maxlen: 24
37.10.33.0/24 maxlen: 24
37.10.32.0/24 maxlen: 24
37.10.36.0/24 maxlen: 24
37.10.37.0/24 maxlen: 24
37.10.34.0/24 maxlen: 24
37.10.35.0/24 maxlen: 24
37.10.56.0/23 maxlen: 23
37.10.57.0/24 maxlen: 24
37.10.58.0/24 maxlen: 24
37.10.56.0/24 maxlen: 24
37.10.60.0/23 maxlen: 23
37.10.60.0/24 maxlen: 24
37.10.61.0/24 maxlen: 24
37.10.63.0/24 maxlen: 24
91.195.237.0/24 maxlen: 24
91.195.236.0/24 maxlen: 24
2a01:5040:40::/48 maxlen: 48
2a01:5040:2000::/48 maxlen: 48
2a01:5040:a000::/48 maxlen: 48
2a01:5040:a100::/48 maxlen: 48
2a01:5040::/48 maxlen: 48
2a01:5040:1000::/48 maxlen: 48
2a01:5041:200d::/48 maxlen: 48
2a01:5041:d::/48 maxlen: 48
2a01:5042:202::/48 maxlen: 48
2a01:5041:2005::/48 maxlen: 48
2a01:5041:5::/48 maxlen: 48
2a01:5041:100::/40 maxlen: 40
2a01:5041:200::/40 maxlen: 40
2a01:5042:200::/40 maxlen: 40
2a01:5042:100::/40 maxlen: 40
2a01:5042::/32 maxlen: 32
2a01:5041:2::/48 maxlen: 48
2a01:5041:2002::/48 maxlen: 48
2a01:5043::/32 maxlen: 32
2a01:5043:2000::/36 maxlen: 36
2a01:5041:2013::/48 maxlen: 48
2a01:5041:13::/48 maxlen: 48
2a01:5040:1000::/36 maxlen: 36
2a01:5040::/36 maxlen: 36
2a01:5040:a000::/36 maxlen: 36
2a01:5040:2000::/36 maxlen: 36
2a01:5040:6000::/36 maxlen: 36
2a01:5040:1020::/48 maxlen: 48
2a01:5040:20::/48 maxlen: 48
2a01:5040:2020::/48 maxlen: 48
2a01:5041:2009::/48 maxlen: 48
2a01:5041:9::/48 maxlen: 48
2a01:5041:2001::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e3:59:46:3d:4e:b9:b8:68:b3:f6:9d:4d:79:8c:2f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Validity
Not Before: Jan 24 10:35:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64e24f7c4abd99cdef1e3b6366db5d3a0955797f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:22:c0:66:08:bb:95:c3:f6:0f:8a:70:78:87:
37:df:97:3c:ef:40:75:06:b0:55:e6:26:f0:cf:ce:
9b:7a:8e:9f:53:29:7b:a3:dc:e2:03:61:1d:56:00:
5c:c8:8d:53:f0:64:9e:c2:62:69:1c:f6:71:0c:04:
39:16:1c:a5:b3:a8:f0:ac:af:48:36:2b:6b:e1:b7:
79:a1:59:9a:78:a1:82:cb:a6:98:70:ac:5c:9e:bc:
3b:7f:63:c0:72:63:c6:13:55:ff:a9:36:3a:f8:5a:
16:1f:f5:29:bf:57:5f:3d:12:5f:69:d8:d9:17:c6:
df:ec:b5:b5:0e:1e:77:47:2c:cb:87:31:bc:27:fc:
1d:b2:2b:b7:1c:8b:22:c2:d2:07:fe:70:d8:7b:e2:
9b:f8:a4:b8:3e:c5:a2:9e:88:5d:93:20:d0:9c:3d:
be:51:35:04:f2:44:4c:bb:ac:26:53:d8:86:14:a4:
4f:c9:33:20:19:74:52:f6:74:36:83:e8:99:83:24:
92:83:07:ca:9c:91:83:ce:9b:80:7a:30:ac:28:b7:
bf:23:34:40:87:2e:a4:eb:54:9a:18:37:0c:38:2a:
52:81:81:40:5c:68:fb:fd:cb:7c:a1:35:42:70:62:
13:59:00:f9:ac:e4:9d:4d:a3:27:29:73:56:bd:cd:
7a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E2:4F:7C:4A:BD:99:CD:EF:1E:3B:63:66:DB:5D:3A:09:55:79:7F
X509v3 Authority Key Identifier:
keyid:D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/ZOJPfEq9mc3vHjtjZttdOglVeX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.16.0/21
37.10.0.0/24
37.10.4.0/22
37.10.24.0-37.10.28.255
37.10.32.0-37.10.38.255
37.10.56.0-37.10.58.255
37.10.60.0/23
37.10.63.0/24
91.195.236.0/23
91.206.232.0/23
185.28.220.0/22
IPv6:
2a01:5040::-2a01:5040:2fff:ffff:ffff:ffff:ffff:ffff
2a01:5040:6000::/36
2a01:5040:a000::/36
2a01:5041:2::/48
2a01:5041:5::/48
2a01:5041:9::/48
2a01:5041:d::/48
2a01:5041:13::/48
2a01:5041:100::-2a01:5041:2ff:ffff:ffff:ffff:ffff:ffff
2a01:5041:2001::-2a01:5041:2002:ffff:ffff:ffff:ffff:ffff
2a01:5041:2005::/48
2a01:5041:2009::/48
2a01:5041:200d::/48
2a01:5041:2013::/48
2a01:5042::/31
Signature Algorithm: sha256WithRSAEncryption
96:53:07:9a:bc:5c:f1:62:3c:04:fd:0d:01:3b:3d:45:6d:7a:
21:d6:0c:79:5b:74:36:da:5e:a2:ae:2c:c2:f1:e8:5d:7b:c2:
6d:91:1e:2f:0e:ff:05:73:23:b1:eb:ab:2b:14:49:f5:64:76:
73:e2:6d:30:1d:d8:b5:a0:d0:c5:54:60:d3:b7:2b:4c:62:5f:
b0:a7:8a:33:68:73:59:13:c6:c9:00:c7:1c:cf:7b:b6:84:2c:
4a:bc:db:18:26:19:52:fb:fe:65:20:20:00:25:54:db:9b:bc:
e3:32:65:b1:67:93:de:26:03:cd:26:73:c4:99:9f:73:9b:a5:
d7:74:63:ab:bf:e3:5a:bf:98:61:00:c0:c5:d0:09:b9:af:6b:
57:5a:ba:b0:f1:4a:11:5f:62:4f:e0:26:26:6b:82:9a:b6:9f:
24:64:15:55:48:54:81:8c:64:9a:76:96:96:4c:61:0d:a6:55:
bc:a8:a8:6d:52:81:c1:8c:a2:9a:79:e8:5f:24:81:ca:43:e5:
9e:31:3d:94:d2:c7:f1:44:99:bf:38:70:ee:99:84:60:de:ae:
9f:8e:13:00:20:50:db:96:55:11:1d:1d:5f:25:84:9b:02:54:
05:7e:91:fc:2e:a9:c9:2d:23:ab:d0:d5:6a:7b:44:42:34:d2:
7f:91:05:d6
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAYXjWUY9Trm4aLP2nU15jC8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTc4NWRlNjJkY2Y5ZTc5MzBiYWJkN2IxZDM5YzU4NTNk
MTk0NGYwHhcNMjMwMTI0MTAzNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGUyNGY3YzRhYmQ5OWNkZWYxZTNiNjM2NmRiNWQzYTA5NTU3OTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyLAZgi7lcP2D4pweIc335c870B1
BrBV5ibwz86beo6fUyl7o9ziA2EdVgBcyI1T8GSewmJpHPZxDAQ5Fhyls6jwrK9I
Nitr4bd5oVmaeKGCy6aYcKxcnrw7f2PAcmPGE1X/qTY6+FoWH/Upv1dfPRJfadjZ
F8bf7LW1Dh53RyzLhzG8J/wdsiu3HIsiwtIH/nDYe+Kb+KS4PsWinohdkyDQnD2+
UTUE8kRMu6wmU9iGFKRPyTMgGXRS9nQ2g+iZgySSgwfKnJGDzpuAejCsKLe/IzRA
hy6k61SaGDcMOCpSgYFAXGj7/ct8oTVCcGITWQD5rOSdTaMnKXNWvc16zwIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFGTiT3xKvZnN7x47Y2bbXToJVXl/MB8GA1UdIwQY
MBaAFNeXhd5i3Pnnkwur17HTnFhT0ZRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEt
NzU4NTVkYjcxNTFmLzEvWk9KUGZFcTltYzN2SGp0alp0dGRPZ2xWZVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEtNzU4NTVkYjcxNTFm
LzEvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzBgBAIAATBaAwQD
BTkQAwQAJQoAAwQCJQoEMAwDBAMlChgDBAAlChwwDAMEBSUKIAMEACUKJjAMAwQD
JQo4AwQAJQo6AwQBJQo8AwQAJQo/AwQBW8PsAwQBW87oAwQCuRzcMIGmBAIAAjCB
nzAPAwUGKgFQQAMGBCoBUEAgAwYEKgFQQGADBgQqAVBAoAMHACoBUEEAAgMHACoB
UEEABQMHACoBUEEACQMHACoBUEEADQMHACoBUEEAEzAQAwYAKgFQQQEDBgAqAVBB
AjASAwcAKgFQQSABAwcAKgFQQSACAwcAKgFQQSAFAwcAKgFQQSAJAwcAKgFQQSAN
AwcAKgFQQSATAwUBKgFQQjANBgkqhkiG9w0BAQsFAAOCAQEAllMHmrxc8WI8BP0N
ATs9RW16IdYMeVt0Ntpeoq4swvHoXXvCbZEeLw7/BXMjseurKxRJ9WR2c+JtMB3Y
taDQxVRg07crTGJfsKeKM2hzWRPGyQDHHM97toQsSrzbGCYZUvv+ZSAgACVU25u8
4zJlsWeT3iYDzSZzxJmfc5ul13Rjq7/jWr+YYQDAxdAJua9rV1q6sPFKEV9iT+Am
JmuCmrafJGQVVUhUgYxkmnaWlkxhDaZVvKiobVKBwYyimnnoXySBykPlnjE9lNLH
8USZvzhw7pmEYN6un44TACBQ25ZVER0dXyWEmwJUBX6R/C6pyS0jq9DVantEQjTS
f5EF1g==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:23 2024 by rpki-client on console-ams.rpki-client.org