Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/Tfl2vrHsIzC5TLzUdOfTUazl30I.roa
File: Tfl2vrHsIzC5TLzUdOfTUazl30I.roa (raw, json)
Hash identifier: MqSJaJJpKttst7NTlgNlstOaQ+boqpR/CaI0SI9wU7Y=
Subject key identifier: 4D:F9:76:BE:B1:EC:23:30:B9:4C:BC:D4:74:E7:D3:51:AC:E5:DF:42
Certificate issuer: /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial: 01941FFA6DD3FA2858D8916EFD87CB881FEC
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/Tfl2vrHsIzC5TLzUdOfTUazl30I.roa
Signing time: Wed 01 Jan 2025 03:48:13 +0000
ROA not before: Wed 01 Jan 2025 03:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197207
IP address blocks: 5.22.0.0/17 maxlen: 24
5.52.0.0/16 maxlen: 24
5.106.0.0/16 maxlen: 24
5.201.192.0/18 maxlen: 24
5.208.0.0/16 maxlen: 24
5.208.1.0/24 maxlen: 24
5.209.0.0/16 maxlen: 24
5.210.0.0/16 maxlen: 24
5.211.0.0/16 maxlen: 24
5.212.0.0/16 maxlen: 24
5.213.0.0/16 maxlen: 24
5.213.255.0/26 maxlen: 26
5.214.0.0/16 maxlen: 24
5.215.0.0/16 maxlen: 24
5.216.0.0/16 maxlen: 24
5.217.0.0/16 maxlen: 24
5.218.0.0/16 maxlen: 24
5.250.0.0/17 maxlen: 24
31.2.128.0/17 maxlen: 24
37.63.128.0/17 maxlen: 24
37.98.0.0/18 maxlen: 24
37.129.0.0/16 maxlen: 24
46.51.0.0/17 maxlen: 24
46.164.64.0/18 maxlen: 24
62.102.128.0/21 maxlen: 22
62.102.136.0/22 maxlen: 22
69.194.64.0/18 maxlen: 24
80.242.0.0/20 maxlen: 24
82.180.192.0/18 maxlen: 24
82.180.192.0/19 maxlen: 20
82.180.224.0/19 maxlen: 20
83.120.0.0/16 maxlen: 24
83.120.0.0/17 maxlen: 20
83.121.0.0/16 maxlen: 24
83.122.0.0/16 maxlen: 24
83.123.0.0/16 maxlen: 24
85.239.192.0/19 maxlen: 24
86.55.0.0/16 maxlen: 24
86.55.0.0/17 maxlen: 20
86.55.128.0/17 maxlen: 20
86.107.0.0/20 maxlen: 24
86.107.208.0/20 maxlen: 24
86.107.208.0/24 maxlen: 24
86.107.209.0/24 maxlen: 24
86.107.210.0/27 maxlen: 27
86.107.211.0/24 maxlen: 24
89.45.48.0/20 maxlen: 24
89.45.48.0/24 maxlen: 29
89.45.49.0/24 maxlen: 24
89.45.54.0/24 maxlen: 24
89.196.0.0/16 maxlen: 24
89.198.0.0/15 maxlen: 24
89.198.0.0/16 maxlen: 20
89.198.0.0/17 maxlen: 20
89.198.128.0/17 maxlen: 20
89.199.0.0/16 maxlen: 20
89.199.0.0/17 maxlen: 20
89.199.128.0/17 maxlen: 20
91.133.128.0/17 maxlen: 24
91.133.128.0/18 maxlen: 20
91.133.192.0/18 maxlen: 20
91.251.0.0/16 maxlen: 24
91.251.128.0/17 maxlen: 20
93.110.0.0/16 maxlen: 24
93.110.0.0/20 maxlen: 20
93.110.64.0/18 maxlen: 20
94.101.240.0/20 maxlen: 24
95.64.0.0/17 maxlen: 24
109.108.160.0/19 maxlen: 24
109.203.128.0/19 maxlen: 24
109.225.128.0/18 maxlen: 24
113.203.0.0/17 maxlen: 24
113.203.0.0/18 maxlen: 20
113.203.64.0/18 maxlen: 20
130.255.192.0/18 maxlen: 24
130.255.224.0/19 maxlen: 20
158.58.0.0/17 maxlen: 24
164.138.128.0/18 maxlen: 24
164.138.128.0/24 maxlen: 24
164.138.130.0/24 maxlen: 24
172.80.128.0/17 maxlen: 24
172.80.160.0/19 maxlen: 20
172.80.192.0/18 maxlen: 24
172.80.253.0/24 maxlen: 24
172.80.254.0/24 maxlen: 24
172.80.255.0/24 maxlen: 24
176.65.192.0/19 maxlen: 24
176.65.193.0/24 maxlen: 24
176.65.194.0/24 maxlen: 24
176.65.195.0/24 maxlen: 24
178.131.192.0/18 maxlen: 24
185.5.156.0/22 maxlen: 24
185.5.156.0/24 maxlen: 24
185.5.157.0/24 maxlen: 24
185.5.159.0/24 maxlen: 24
185.22.28.0/24 maxlen: 24
185.22.29.0/24 maxlen: 24
188.122.96.0/19 maxlen: 24
188.209.192.0/20 maxlen: 24
188.210.64.0/20 maxlen: 24
188.210.192.0/20 maxlen: 24
188.212.48.0/20 maxlen: 24
188.229.0.0/17 maxlen: 24
188.229.24.0/23 maxlen: 23
188.229.24.0/24 maxlen: 24
188.229.116.0/24 maxlen: 24
192.15.0.0/16 maxlen: 24
204.18.0.0/16 maxlen: 24
204.18.0.0/18 maxlen: 20
204.18.64.0/18 maxlen: 20
204.18.128.0/18 maxlen: 20
204.18.192.0/18 maxlen: 20
2a02:4540::/42 maxlen: 42
2a02:4540::100/120 maxlen: 120
2a02:4540:f::/49 maxlen: 49
2a02:4540:40::/42 maxlen: 42
2a02:4540:40::/44 maxlen: 44
2a02:4540:50::/44 maxlen: 44
2a02:4540:60::/44 maxlen: 44
2a02:4540:70::/44 maxlen: 44
2a02:4540:80::/42 maxlen: 42
2a02:4540:c0::/43 maxlen: 43
2a02:4540:c0::/46 maxlen: 46
2a02:4540:c4::/46 maxlen: 46
2a02:4540:f8::/45 maxlen: 49
2a02:4540:100::/46 maxlen: 46
2a02:4540:5000::/42 maxlen: 42
2a02:4540:5000::/44 maxlen: 44
2a02:4540:5010::/44 maxlen: 44
2a02:4540:5040::/42 maxlen: 42
2a02:4540:5040::/46 maxlen: 46
2a02:4540:5080::/44 maxlen: 44
2a02:4540:5090::/44 maxlen: 44
2a02:4540:6fc0::/64 maxlen: 64
2a02:4540:7000::/42 maxlen: 42
2a02:4540:7000::/43 maxlen: 43
2a02:4540:7040::/42 maxlen: 42
2a02:4540:7040::/46 maxlen: 46
2a02:4540:7040::/48 maxlen: 48
2a02:4540:7040::/49 maxlen: 49
2a02:4540:7044::/46 maxlen: 46
2a02:4540:7048::/46 maxlen: 46
2a02:4540:7080::/43 maxlen: 43
2a02:4540:70a0::/43 maxlen: 43
2a02:4540:9000::/42 maxlen: 42
2a02:4540:9000::/44 maxlen: 44
2a02:4540:9000::/49 maxlen: 49
2a02:4540:9010::/44 maxlen: 44
2a02:4540:9010::/49 maxlen: 49
2a02:4540:9040::/42 maxlen: 42
2a02:4540:9040::/46 maxlen: 46
2a02:4540:9080::/42 maxlen: 42
2a02:4540:90c0::/42 maxlen: 42
2a02:4540:c000::/42 maxlen: 42
2a02:4540:c000::/43 maxlen: 43
2a02:4540:c020::/44 maxlen: 44
2a02:4540:c030::/44 maxlen: 44
2a02:4540:c040::/42 maxlen: 42
2a02:4540:c040::/46 maxlen: 46
2a02:4540:e000::/42 maxlen: 42
2a02:4540:e000::/43 maxlen: 43
2a02:4540:e000::/44 maxlen: 44
2a02:4540:e010::/44 maxlen: 44
2a02:4540:e020::/48 maxlen: 48
2a02:4540:e020::/64 maxlen: 64
2a02:4540:e030::/44 maxlen: 44
2a02:4540:e040::/42 maxlen: 42
2a02:4540:e040::/46 maxlen: 46
2a02:4540:e080::/48 maxlen: 48
2a02:4544:10:200::/64 maxlen: 64
2a02:4544:e0::/46 maxlen: 46
2a02:4544:e0:300::/112 maxlen: 112
2a02:4544:e0:500::/112 maxlen: 112
2a02:4544:e4::/46 maxlen: 46
2a02:4544:e8::/46 maxlen: 46
2a02:4545:e0::/46 maxlen: 46
2a02:4545:e0::/48 maxlen: 48
2a02:4545:e0::/56 maxlen: 56
2a02:4545:e0::b/128 maxlen: 128
2a02:4545:e0::c/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 20 Jan 2025 13:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:6d:d3:fa:28:58:d8:91:6e:fd:87:cb:88:1f:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Validity
Not Before: Jan 1 03:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4df976beb1ec2330b94cbcd474e7d351ace5df42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:05:06:0d:dd:39:27:95:c8:b3:a0:c4:19:00:
67:d2:b1:f8:6d:87:bb:75:aa:05:85:75:7f:0f:98:
87:35:91:7b:4f:56:2e:7b:1f:c0:e8:f2:4b:4c:d2:
fc:51:56:03:e6:8e:e1:50:2c:71:a4:ab:03:dc:9a:
68:e7:ce:2c:ec:39:67:a5:2d:3b:50:7a:d1:89:62:
1c:c2:8a:69:ff:c3:c6:75:25:e2:7a:b6:83:39:f9:
75:63:28:cb:3a:26:18:e5:1a:f9:17:e0:1f:dc:ac:
c6:cb:1c:0f:d1:cd:46:ce:d9:5e:07:0c:22:53:b5:
59:7d:de:c6:8c:d2:1c:ab:c9:25:8c:f0:4e:3a:fd:
d5:7d:dd:8f:85:70:2a:87:4c:52:ef:ac:38:5f:b4:
45:82:8f:e0:f9:9c:2a:83:da:a1:d3:6e:7e:31:72:
a2:f9:17:92:8d:01:90:1e:af:6d:1b:fd:40:5b:ef:
5f:09:24:ca:b0:fa:b3:27:a9:78:45:c1:90:9d:7b:
08:96:94:e5:7c:a2:bc:87:ac:15:67:87:2b:60:22:
ed:4d:51:f9:e4:75:1d:2e:94:7a:32:79:ed:33:dd:
e3:83:da:ac:1f:39:f6:ea:e5:4b:e2:c9:a2:cd:1f:
10:34:ed:c8:d5:d7:be:1f:cb:60:8f:0d:91:dd:ef:
bf:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F9:76:BE:B1:EC:23:30:B9:4C:BC:D4:74:E7:D3:51:AC:E5:DF:42
X509v3 Authority Key Identifier:
keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/Tfl2vrHsIzC5TLzUdOfTUazl30I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.0.0/17
5.52.0.0/16
5.106.0.0/16
5.201.192.0/18
5.208.0.0-5.218.255.255
5.250.0.0/17
31.2.128.0/17
37.63.128.0/17
37.98.0.0/18
37.129.0.0/16
46.51.0.0/17
46.164.64.0/18
62.102.128.0-62.102.139.255
69.194.64.0/18
80.242.0.0/20
82.180.192.0/18
83.120.0.0/14
85.239.192.0/19
86.55.0.0/16
86.107.0.0/20
86.107.208.0/20
89.45.48.0/20
89.196.0.0/16
89.198.0.0/15
91.133.128.0/17
91.251.0.0/16
93.110.0.0/16
94.101.240.0/20
95.64.0.0/17
109.108.160.0/19
109.203.128.0/19
109.225.128.0/18
113.203.0.0/17
130.255.192.0/18
158.58.0.0/17
164.138.128.0/18
172.80.128.0/17
176.65.192.0/19
178.131.192.0/18
185.5.156.0/22
185.22.28.0/23
188.122.96.0/19
188.209.192.0/20
188.210.64.0/20
188.210.192.0/20
188.212.48.0/20
188.229.0.0/17
192.15.0.0/16
204.18.0.0/16
IPv6:
2a02:4540::-2a02:4540:df:ffff:ffff:ffff:ffff:ffff
2a02:4540:f8::-2a02:4540:103:ffff:ffff:ffff:ffff:ffff
2a02:4540:5000::-2a02:4540:509f:ffff:ffff:ffff:ffff:ffff
2a02:4540:6fc0::/64
2a02:4540:7000::-2a02:4540:70bf:ffff:ffff:ffff:ffff:ffff
2a02:4540:9000::/40
2a02:4540:c000::/41
2a02:4540:e000::-2a02:4540:e080:ffff:ffff:ffff:ffff:ffff
2a02:4544:10:200::/64
2a02:4544:e0::-2a02:4544:eb:ffff:ffff:ffff:ffff:ffff
2a02:4545:e0::/46
Signature Algorithm: sha256WithRSAEncryption
28:ed:8e:b6:34:64:3f:b9:a2:3a:e4:a0:12:a7:73:4e:26:e5:
54:b3:db:1f:4d:1a:18:05:d5:df:5f:61:6c:38:ab:2c:b3:a2:
14:e9:31:5c:13:c6:d8:46:13:bd:9f:11:5e:1b:a9:a7:24:21:
0f:c6:ce:f9:cc:37:4d:99:74:1d:11:27:31:c7:6f:d9:e5:a7:
eb:6e:51:38:98:74:8c:7c:64:f3:0e:eb:23:69:f6:7b:3c:31:
df:72:f4:4d:f7:80:04:b9:ba:ef:e0:02:44:02:5f:19:63:ea:
ad:8c:81:60:45:47:88:25:6b:38:b9:70:a2:cf:05:40:fe:7c:
7f:7a:6c:5d:10:33:46:ee:30:0f:52:9d:00:d8:18:4b:31:4d:
80:0d:bf:f8:3b:a7:4f:d9:e8:3a:58:e4:4f:57:1e:6b:11:17:
e5:04:49:1f:47:fb:1a:5a:4b:aa:c1:1c:c2:bf:6e:5a:aa:6f:
d0:73:46:c4:1a:47:e9:fa:6d:8a:33:c1:9e:10:c2:61:2d:8d:
a3:9d:3f:c7:76:59:90:b0:a4:df:0f:b3:d2:3b:1f:91:98:36:
f3:17:fd:96:53:a8:c0:b0:c1:ee:3f:a2:c8:b3:82:40:ba:fa:
d3:36:2d:0a:ae:5e:b0:21:ae:9d:a2:20:ff:0e:a1:7a:94:a9:
6c:38:08:e7
-----BEGIN CERTIFICATE-----
MIIG1zCCBb+gAwIBAgISAZQf+m3T+ihY2JFu/YfLiB/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjUwMTAxMDM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGY5NzZiZWIxZWMyMzMwYjk0Y2JjZDQ3NGU3ZDM1MWFjZTVkZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywUGDd05J5XIs6DEGQBn0rH4bYe7
daoFhXV/D5iHNZF7T1Yuex/A6PJLTNL8UVYD5o7hUCxxpKsD3Jpo584s7DlnpS07
UHrRiWIcwopp/8PGdSXieraDOfl1YyjLOiYY5Rr5F+Af3KzGyxwP0c1GztleBwwi
U7VZfd7GjNIcq8kljPBOOv3Vfd2PhXAqh0xS76w4X7RFgo/g+Zwqg9qh025+MXKi
+ReSjQGQHq9tG/1AW+9fCSTKsPqzJ6l4RcGQnXsIlpTlfKK8h6wVZ4crYCLtTVH5
5HUdLpR6MnntM93jg9qsHzn26uVL4smizR8QNO3I1de+H8tgjw2R3e+/cQIDAQAB
o4ID4zCCA98wHQYDVR0OBBYEFE35dr6x7CMwuUy81HTn01Gs5d9CMB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvVGZsMnZySHNJekM1VEx6VWRPZlRVYXpsMzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB9wYIKwYBBQUHAQcBAf8EggHmMIIB4jCCATEEAgABMIIB
KQMEBwUWAAMDAAU0AwMABWoDBAYFycAwCgMDBAXQAwMABdoDBAcF+gADBAcfAoAD
BAclP4ADBAYlYgADAwAlgQMEBy4zAAMEBi6kQDAMAwQHPmaAAwQCPmaIAwQGRcJA
AwQEUPIAAwQGUrTAAwMCU3gDBAVV78ADAwBWNwMEBFZrAAMEBFZr0AMEBFktMAMD
AFnEAwMBWcYDBAdbhYADAwBb+wMDAF1uAwQEXmXwAwQHX0AAAwQFbWygAwQFbcuA
AwQGbeGAAwQHccsAAwQGgv/AAwQHnjoAAwQGpIqAAwQHrFCAAwQFsEHAAwQGsoPA
AwQCuQWcAwQBuRYcAwQFvHpgAwQEvNHAAwQEvNJAAwQEvNLAAwQEvNQwAwQHvOUA
AwMAwA8DAwDMEjCBqgQCAAIwgaMwEAMFBioCRUADBwUqAkVAAMAwEgMHAyoCRUAA
+AMHAioCRUABADARAwYEKgJFQFADBwUqAkVAUIADCQAqAkVAb8AAADARAwYEKgJF
QHADBwYqAkVAcIADBgAqAkVAkAMHByoCRUDAADARAwYFKgJFQOADBwAqAkVA4IAD
CQAqAkVEABACADASAwcFKgJFRADgAwcCKgJFRADoAwcCKgJFRQDgMA0GCSqGSIb3
DQEBCwUAA4IBAQAo7Y62NGQ/uaI65KASp3NOJuVUs9sfTRoYBdXfX2FsOKsss6IU
6TFcE8bYRhO9nxFeG6mnJCEPxs75zDdNmXQdEScxx2/Z5afrblE4mHSMfGTzDusj
afZ7PDHfcvRN94AEubrv4AJEAl8ZY+qtjIFgRUeIJWs4uXCizwVA/nx/emxdEDNG
7jAPUp0A2BhLMU2ADb/4O6dP2eg6WORPVx5rERflBEkfR/saWkuqwRzCv25aqm/Q
c0bEGkfp+m2KM8GeEMJhLY2jnT/HdlmQsKTfD7PSOx+RmDbzF/2WU6jAsMHuP6LI
s4JAuvrTNi0Krl6wIa6doiD/DqF6lKlsOAjn
-----END CERTIFICATE-----
Generated at Mon Jan 20 19:38:50 2025 by rpki-client on console.sobornost.net