Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/JchxmU1zQ--vpTWsmKY__Qn8KAU.roa
File: JchxmU1zQ--vpTWsmKY__Qn8KAU.roa (raw, json)
Hash identifier: 8XxxhnHuTO/vlrSq/Xwq00IySka2DKj3YfWMwz16ufc=
Subject key identifier: 25:C8:71:99:4D:73:43:EF:AF:A5:35:AC:98:A6:3F:FD:09:FC:28:05
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 018900F841CCF741942E41EDB2A88A8ED391
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/JchxmU1zQ--vpTWsmKY__Qn8KAU.roa
Signing time: Wed 28 Jun 2023 07:46:57 +0000
ROA not before: Wed 28 Jun 2023 07:46:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5400
IP address blocks: 213.9.138.0/24 maxlen: 24
212.163.169.0/24 maxlen: 24
213.9.148.0/24 maxlen: 24
213.9.160.0/24 maxlen: 24
212.49.181.0/24 maxlen: 24
212.49.190.0/24 maxlen: 24
212.49.191.0/24 maxlen: 24
212.163.141.0/24 maxlen: 24
213.9.232.0/24 maxlen: 24
212.163.40.0/24 maxlen: 24
212.49.131.0/24 maxlen: 24
212.163.55.0/24 maxlen: 24
212.49.142.0/24 maxlen: 24
212.49.163.0/24 maxlen: 24
212.49.167.0/24 maxlen: 24
213.9.173.0/24 maxlen: 24
213.9.177.0/24 maxlen: 24
212.163.206.0/24 maxlen: 24
212.163.3.0/24 maxlen: 24
212.163.215.0/24 maxlen: 24
213.9.188.0/24 maxlen: 24
212.163.6.0/24 maxlen: 24
212.163.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jul 2023 09:32:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:00:f8:41:cc:f7:41:94:2e:41:ed:b2:a8:8a:8e:d3:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Jun 28 07:46:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25c871994d7343efafa535ac98a63ffd09fc2805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:65:6b:cc:c2:9b:c2:25:ea:f3:8c:b8:c6:38:
ad:8e:be:d2:fd:5c:e6:ac:d5:53:7d:0a:bc:9d:55:
a8:2f:e0:fb:18:e9:85:2d:f6:ef:90:86:6d:38:d2:
ef:ac:16:5c:ad:20:0a:c8:29:23:5a:10:d8:c6:79:
af:b9:cf:fe:e6:ab:d9:e8:f4:df:dd:0f:29:d0:2b:
79:af:41:2a:eb:af:4f:d1:b4:af:56:9d:16:0e:10:
3d:ad:ea:ff:6d:b2:f6:3e:d6:33:d8:8e:b9:7b:a9:
44:65:c8:a6:d0:0a:e5:7a:b9:a4:af:cc:92:5c:88:
87:f0:9a:d4:f3:83:71:08:03:e7:ca:f6:8f:9d:2c:
4e:13:1d:84:23:a5:54:ff:57:e0:5e:dc:14:7d:62:
ca:44:e8:ab:0b:3e:0b:fc:85:8e:33:5d:8d:c9:1c:
c6:c1:81:23:99:f0:89:7b:26:0e:f6:a5:06:cc:63:
02:fd:8e:bd:7d:36:35:39:fa:ea:0d:94:a9:57:fd:
a3:7f:7d:e8:07:0b:f7:b0:e9:f1:50:71:2b:26:ce:
8a:ef:f7:6c:ee:e0:55:17:e6:45:c6:61:8f:60:39:
b3:31:10:6c:da:77:a4:33:d2:13:c9:ec:42:ce:5a:
6e:8e:5b:6a:9f:92:5f:3b:24:e8:1b:5e:f3:ba:38:
40:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C8:71:99:4D:73:43:EF:AF:A5:35:AC:98:A6:3F:FD:09:FC:28:05
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/JchxmU1zQ--vpTWsmKY__Qn8KAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.49.131.0/24
212.49.142.0/24
212.49.163.0/24
212.49.167.0/24
212.49.181.0/24
212.49.190.0/23
212.163.3.0/24
212.163.6.0/24
212.163.24.0/24
212.163.40.0/24
212.163.55.0/24
212.163.141.0/24
212.163.169.0/24
212.163.206.0/24
212.163.215.0/24
213.9.138.0/24
213.9.148.0/24
213.9.160.0/24
213.9.173.0/24
213.9.177.0/24
213.9.188.0/24
213.9.232.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:fe:cc:a1:b9:70:02:93:31:e0:ba:46:5d:0b:e4:9a:60:bd:
89:a1:a1:a0:34:48:05:35:04:00:c2:d1:4a:5d:43:61:57:55:
a6:6b:fb:5e:60:aa:99:95:97:4f:5d:d5:af:83:9f:e0:49:b5:
ce:a1:8e:d4:ef:8b:b9:ab:90:25:f6:84:c9:2f:9d:c6:d4:55:
43:39:e7:5d:e8:3b:96:d8:07:45:29:6e:80:17:fd:13:4f:2c:
db:c3:bc:a9:56:2f:1a:38:b8:a1:cf:3a:af:7c:3b:18:ec:d7:
07:76:c9:09:d0:e1:08:44:4c:d0:7f:3b:75:d4:28:1d:e6:8f:
a4:60:2b:07:86:8f:0c:03:cd:ba:1a:03:52:89:bc:ae:88:6d:
30:78:81:94:49:4b:d1:45:2d:cd:b0:ad:2b:db:33:61:2b:0d:
fd:89:7d:4c:30:59:9b:4c:a7:7f:ee:a6:39:59:ce:b0:aa:e9:
9b:53:49:4d:89:83:35:76:fa:d1:7c:be:bc:4f:d5:85:95:cd:
17:29:a0:cb:05:c9:c2:4f:eb:56:b4:8b:3b:dd:37:36:ac:dd:
bb:6c:36:28:4f:c1:1c:1a:84:a6:d1:d0:bf:a5:f9:d3:e5:25:
01:a2:82:b2:cd:d1:eb:c2:27:77:2e:db:0b:e8:aa:44:cf:66:
ec:51:0c:b4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYkA+EHM90GULkHtsqiKjtORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjMwNjI4MDc0NjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWM4NzE5OTRkNzM0M2VmYWZhNTM1YWM5OGE2M2ZmZDA5ZmMyODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGVrzMKbwiXq84y4xjitjr7S/Vzm
rNVTfQq8nVWoL+D7GOmFLfbvkIZtONLvrBZcrSAKyCkjWhDYxnmvuc/+5qvZ6PTf
3Q8p0Ct5r0Eq669P0bSvVp0WDhA9rer/bbL2PtYz2I65e6lEZcim0Arlermkr8yS
XIiH8JrU84NxCAPnyvaPnSxOEx2EI6VU/1fgXtwUfWLKROirCz4L/IWOM12NyRzG
wYEjmfCJeyYO9qUGzGMC/Y69fTY1OfrqDZSpV/2jf33oBwv3sOnxUHErJs6K7/ds
7uBVF+ZFxmGPYDmzMRBs2nekM9ITyexCzlpujltqn5JfOyToG17zujhAJQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFCXIcZlNc0Pvr6U1rJimP/0J/CgFMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvSmNoeG1VMXpRLS12cFRXc21LWV9fUW44S0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBADU
MYMDBADUMY4DBADUMaMDBADUMacDBADUMbUDBAHUMb4DBADUowMDBADUowYDBADU
oxgDBADUoygDBADUozcDBADUo40DBADUo6kDBADUo84DBADUo9cDBADVCYoDBADV
CZQDBADVCaADBADVCa0DBADVCbEDBADVCbwDBADVCegwDQYJKoZIhvcNAQELBQAD
ggEBAIr+zKG5cAKTMeC6Rl0L5JpgvYmhoaA0SAU1BADC0UpdQ2FXVaZr+15gqpmV
l09d1a+Dn+BJtc6hjtTvi7mrkCX2hMkvncbUVUM5513oO5bYB0UpboAX/RNPLNvD
vKlWLxo4uKHPOq98Oxjs1wd2yQnQ4QhETNB/O3XUKB3mj6RgKweGjwwDzboaA1KJ
vK6IbTB4gZRJS9FFLc2wrSvbM2ErDf2JfUwwWZtMp3/upjlZzrCq6ZtTSU2JgzV2
+tF8vrxP1YWVzRcpoMsFycJP61a0izvdNzas3btsNihPwRwahKbR0L+l+dPlJQGi
grLN0evCJ3cu2wvoqkTPZuxRDLQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:03 2024 by rpki-client on console-fra.rpki-client.org