Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/ET9eYXX8alnMWYKJnixLNeVWASo.roa
File: ET9eYXX8alnMWYKJnixLNeVWASo.roa (raw, json)
Hash identifier: QUcTDvtFfHywe2Zt7DZisA3fkQrTZBehQM41I6wG6Dc=
Subject key identifier: 11:3F:5E:61:75:FC:6A:59:CC:59:82:89:9E:2C:4B:35:E5:56:01:2A
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 0187C33DD397754F92FD6B638B2D52855BEF
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/ET9eYXX8alnMWYKJnixLNeVWASo.roa
Signing time: Thu 27 Apr 2023 15:03:41 +0000
ROA not before: Thu 27 Apr 2023 15:03:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8903
IP address blocks: 213.9.128.0/17 maxlen: 17
213.9.144.0/24 maxlen: 24
213.9.142.0/23 maxlen: 23
213.9.162.0/23 maxlen: 23
212.49.189.0/24 maxlen: 24
212.66.164.0/22 maxlen: 22
212.66.162.0/23 maxlen: 23
212.66.163.0/24 maxlen: 24
212.66.161.0/24 maxlen: 24
212.66.168.0/21 maxlen: 21
212.66.176.0/20 maxlen: 20
213.9.240.0/23 maxlen: 23
213.9.245.0/24 maxlen: 24
213.9.244.0/24 maxlen: 24
213.9.246.0/24 maxlen: 24
213.9.248.0/24 maxlen: 24
213.9.247.0/24 maxlen: 24
213.9.182.0/24 maxlen: 24
213.9.186.0/24 maxlen: 24
213.9.185.0/24 maxlen: 24
213.9.190.0/23 maxlen: 23
213.9.217.0/24 maxlen: 24
212.163.185.0/24 maxlen: 24
212.163.193.0/24 maxlen: 24
212.163.92.0/24 maxlen: 24
212.163.94.0/24 maxlen: 24
212.163.130.0/24 maxlen: 24
212.49.129.0/24 maxlen: 24
212.49.128.0/18 maxlen: 18
212.163.216.0/22 maxlen: 22
212.163.225.0/24 maxlen: 24
212.163.226.0/24 maxlen: 24
212.163.220.0/22 maxlen: 22
212.163.227.0/24 maxlen: 24
212.163.235.0/24 maxlen: 24
185.66.60.0/22 maxlen: 22
185.66.60.0/24 maxlen: 24
185.66.62.0/24 maxlen: 24
185.66.61.0/24 maxlen: 24
212.163.240.0/20 maxlen: 20
84.18.0.0/19 maxlen: 19
213.192.216.0/21 maxlen: 21
213.192.224.0/22 maxlen: 22
213.192.232.0/22 maxlen: 22
213.192.228.0/23 maxlen: 23
213.192.238.0/24 maxlen: 24
213.192.240.0/24 maxlen: 24
213.192.239.0/24 maxlen: 24
213.192.235.0/24 maxlen: 24
213.192.246.0/24 maxlen: 24
213.192.241.0/24 maxlen: 24
213.192.244.0/23 maxlen: 23
213.192.242.0/23 maxlen: 23
213.192.251.0/24 maxlen: 24
213.192.253.0/24 maxlen: 24
213.192.249.0/24 maxlen: 24
213.192.247.0/24 maxlen: 24
213.192.252.0/23 maxlen: 23
213.192.248.0/21 maxlen: 21
213.192.254.0/24 maxlen: 24
213.192.255.0/24 maxlen: 24
212.163.48.0/24 maxlen: 24
212.163.91.0/24 maxlen: 24
212.163.1.0/24 maxlen: 24
212.163.5.0/24 maxlen: 24
212.163.0.0/16 maxlen: 16
212.163.31.0/24 maxlen: 24
92.60.160.0/20 maxlen: 20
92.60.170.0/24 maxlen: 24
92.60.174.0/24 maxlen: 24
92.60.173.0/24 maxlen: 24
213.192.192.0/18 maxlen: 18
213.192.193.0/24 maxlen: 24
213.192.200.0/22 maxlen: 22
213.192.206.0/23 maxlen: 23
213.192.203.0/24 maxlen: 24
213.192.212.0/22 maxlen: 22
213.192.213.0/24 maxlen: 24
2001:ac0:30fd::/48 maxlen: 48
2001:ac0::/32 maxlen: 32
2001:ac0:c040::/44 maxlen: 44
2001:ac0:c880::/44 maxlen: 44
2001:ac0:c0c0::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c3:3d:d3:97:75:4f:92:fd:6b:63:8b:2d:52:85:5b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Apr 27 15:03:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=113f5e6175fc6a59cc5982899e2c4b35e556012a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:09:ab:c4:53:34:62:1f:58:a6:58:1d:00:66:
20:b5:88:3c:6b:04:23:ef:7a:19:a7:5c:10:45:b8:
b9:5f:07:70:37:4b:8e:21:02:2d:52:66:e5:9d:ca:
06:4b:ef:07:1d:c7:5f:03:7f:89:8e:e2:b5:ae:96:
88:5c:b8:0d:ce:8c:9d:ac:5b:ab:a0:96:d6:f4:22:
25:ce:5e:0d:de:80:a8:f1:a0:25:6e:35:6f:d5:5f:
b9:6a:12:d6:52:64:b0:27:fe:b9:2c:4e:27:3f:db:
c1:ce:ac:7c:70:f4:20:be:ea:a1:3c:10:53:ce:7a:
3d:66:3a:5d:93:d0:4f:40:38:f2:58:09:3f:32:57:
fd:51:5b:6a:0e:b6:c3:3c:fd:74:23:3c:2d:f9:3c:
f6:f2:54:d6:93:82:54:e8:86:9e:9b:07:9a:7b:13:
40:07:b0:73:1e:6c:86:84:14:3b:b0:9c:d2:37:ba:
9c:d5:86:ca:0c:cc:33:f7:ce:ae:d9:56:60:b5:62:
4f:41:9f:05:c4:5d:3f:4b:7c:52:69:c5:d3:00:33:
b9:87:ea:7c:35:0d:d8:87:39:c4:81:0c:78:5e:b1:
6c:c1:b5:5c:4c:a4:45:b9:1e:88:3f:99:a8:92:b5:
22:a3:b2:7d:7a:9e:e6:e0:53:7c:67:c3:48:26:11:
3a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:3F:5E:61:75:FC:6A:59:CC:59:82:89:9E:2C:4B:35:E5:56:01:2A
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/ET9eYXX8alnMWYKJnixLNeVWASo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.0.0/19
92.60.160.0/20
185.66.60.0/22
212.49.128.0/18
212.66.161.0-212.66.191.255
212.163.0.0/16
213.9.128.0/17
213.192.192.0/18
IPv6:
2001:ac0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:4b:ef:1b:43:f4:8d:63:c0:d0:1d:34:6f:0a:3f:86:cd:91:
26:8b:c6:d1:a6:3b:ad:ab:1a:30:c0:3e:b9:41:be:ea:5f:f2:
c3:db:16:ea:11:7b:80:74:8e:0d:72:d4:1c:02:ab:76:5c:8a:
b4:e3:73:0d:8a:1d:d2:d1:61:68:2a:6b:27:cb:88:8f:e2:8d:
a6:a9:78:e4:98:3c:0a:33:11:a7:75:78:cc:f8:31:4e:b3:56:
4f:ce:c5:30:49:92:47:d9:52:03:0d:23:a2:ff:5f:e3:ba:be:
02:5e:99:8e:0d:36:c3:2a:dd:9b:80:08:b9:49:0c:61:62:ec:
b6:e4:eb:cd:f1:05:fb:c1:e5:7f:12:74:d3:36:24:b8:30:50:
b9:84:5c:fa:6d:9b:97:2a:55:c3:a6:1e:28:26:66:51:84:7e:
95:8f:ad:d8:c4:ae:bf:a3:77:8d:47:fd:ac:23:8a:7d:5b:8d:
30:db:07:46:48:d2:9b:67:d6:8c:8c:ef:4a:da:ae:b9:bb:e6:
89:2b:c7:93:8f:c5:2b:50:53:8b:f8:1d:66:e8:77:05:80:a8:
e0:6e:6e:ef:7e:05:0a:f7:05:a9:bc:21:98:00:29:dc:3e:08:
e5:fd:1c:d7:65:3f:da:ea:63:f1:6a:82:51:20:f5:6b:14:6a:
8c:5c:68:51
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYfDPdOXdU+S/Wtjiy1ShVvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjMwNDI3MTUwMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTNmNWU2MTc1ZmM2YTU5Y2M1OTgyODk5ZTJjNGIzNWU1NTYwMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAmrxFM0Yh9YplgdAGYgtYg8awQj
73oZp1wQRbi5XwdwN0uOIQItUmblncoGS+8HHcdfA3+JjuK1rpaIXLgNzoydrFur
oJbW9CIlzl4N3oCo8aAlbjVv1V+5ahLWUmSwJ/65LE4nP9vBzqx8cPQgvuqhPBBT
zno9Zjpdk9BPQDjyWAk/Mlf9UVtqDrbDPP10Izwt+Tz28lTWk4JU6IaemweaexNA
B7BzHmyGhBQ7sJzSN7qc1YbKDMwz986u2VZgtWJPQZ8FxF0/S3xSacXTADO5h+p8
NQ3YhznEgQx4XrFswbVcTKRFuR6IP5mokrUio7J9ep7m4FN8Z8NIJhE6UwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFBE/XmF1/GpZzFmCiZ4sSzXlVgEqMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvRVQ5ZVlYWDhhbG5NV1lLSm5peExOZVZXQVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA9BAIAATA3AwQFVBIAAwQE
XDygAwQCuUI8AwQG1DGAMAwDBADUQqEDBAbUQoADAwDUowMEB9UJgAMEBtXAwDAN
BAIAAjAHAwUAIAEKwDANBgkqhkiG9w0BAQsFAAOCAQEALEvvG0P0jWPA0B00bwo/
hs2RJovG0aY7rasaMMA+uUG+6l/yw9sW6hF7gHSODXLUHAKrdlyKtONzDYod0tFh
aCprJ8uIj+KNpql45Jg8CjMRp3V4zPgxTrNWT87FMEmSR9lSAw0jov9f47q+Al6Z
jg02wyrdm4AIuUkMYWLstuTrzfEF+8HlfxJ00zYkuDBQuYRc+m2blypVw6YeKCZm
UYR+lY+t2MSuv6N3jUf9rCOKfVuNMNsHRkjSm2fWjIzvStquubvmiSvHk4/FK1BT
i/gdZuh3BYCo4G5u734FCvcFqbwhmAAp3D4I5f0c12U/2upj8WqCUSD1axRqjFxo
UQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:08 2024 by rpki-client on console-ams.rpki-client.org