Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/P8SEpm-kYcPvLRhEBjCh-9XQUek.roa
File: P8SEpm-kYcPvLRhEBjCh-9XQUek.roa (raw, json)
Hash identifier: VqbMW6kYJHbG5Z+btte+UxfhJsRkLFciI2/1leEpg9E=
Subject key identifier: 3F:C4:84:A6:6F:A4:61:C3:EF:2D:18:44:06:30:A1:FB:D5:D0:51:E9
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 0187BEF3364A441130971DC00C95DD3E2AC6
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/P8SEpm-kYcPvLRhEBjCh-9XQUek.roa
Signing time: Wed 26 Apr 2023 19:03:42 +0000
ROA not before: Wed 26 Apr 2023 19:03:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12541
IP address blocks: 213.9.128.0/17 maxlen: 17
213.9.144.0/24 maxlen: 24
213.9.142.0/23 maxlen: 23
213.9.162.0/23 maxlen: 23
212.49.189.0/24 maxlen: 24
213.9.240.0/23 maxlen: 23
213.9.246.0/24 maxlen: 24
213.9.245.0/24 maxlen: 24
213.9.244.0/24 maxlen: 24
213.9.247.0/24 maxlen: 24
213.9.248.0/24 maxlen: 24
213.9.182.0/24 maxlen: 24
213.9.186.0/24 maxlen: 24
213.9.185.0/24 maxlen: 24
213.9.190.0/23 maxlen: 23
213.9.217.0/24 maxlen: 24
212.163.185.0/24 maxlen: 24
212.163.193.0/24 maxlen: 24
212.163.92.0/24 maxlen: 24
212.163.94.0/24 maxlen: 24
212.163.130.0/24 maxlen: 24
212.49.129.0/24 maxlen: 24
212.49.128.0/18 maxlen: 18
212.163.216.0/22 maxlen: 22
212.163.220.0/22 maxlen: 22
212.163.225.0/24 maxlen: 24
212.163.226.0/24 maxlen: 24
212.163.227.0/24 maxlen: 24
212.163.235.0/24 maxlen: 24
185.66.60.0/22 maxlen: 22
185.66.60.0/24 maxlen: 24
185.66.62.0/24 maxlen: 24
185.66.61.0/24 maxlen: 24
212.163.240.0/20 maxlen: 20
84.18.0.0/19 maxlen: 19
212.163.48.0/24 maxlen: 24
212.163.91.0/24 maxlen: 24
212.163.1.0/24 maxlen: 24
212.163.5.0/24 maxlen: 24
212.163.0.0/16 maxlen: 16
212.163.31.0/24 maxlen: 24
92.60.160.0/20 maxlen: 20
92.60.170.0/24 maxlen: 24
92.60.174.0/24 maxlen: 24
92.60.173.0/24 maxlen: 24
2001:ac0:30fd::/48 maxlen: 48
2001:ac0::/32 maxlen: 32
2001:ac0:c040::/44 maxlen: 44
2001:ac0:c0c0::/44 maxlen: 44
2001:ac0:c880::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:be:f3:36:4a:44:11:30:97:1d:c0:0c:95:dd:3e:2a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Apr 26 19:03:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fc484a66fa461c3ef2d18440630a1fbd5d051e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a4:09:e5:aa:a7:28:b1:df:aa:0d:58:4e:f7:
3d:b0:25:c0:fb:67:60:ee:b0:a9:ba:e4:8d:e2:3a:
63:29:6c:bf:4b:61:a3:09:02:65:77:97:9b:30:c6:
88:ea:d2:0e:9e:ba:67:9c:2b:c2:d7:04:d3:6c:1c:
8a:3a:4c:d2:8e:58:70:10:20:86:97:17:e1:47:83:
0d:76:2f:d1:05:d2:f8:33:59:bf:f8:73:22:8d:ca:
47:27:36:68:b6:fd:f2:32:03:5d:48:cd:70:03:db:
f3:58:32:e1:5b:ec:c6:85:f4:10:bd:64:66:2d:f2:
cb:57:c1:c3:af:8e:a6:1f:ba:1c:35:b9:36:69:50:
6d:66:7d:89:f6:ac:92:0b:eb:04:77:75:a3:0a:9a:
74:25:17:54:9f:7b:b9:da:f6:d5:ba:6a:90:25:0d:
ae:0c:a6:9d:1a:51:2f:c1:d3:be:4e:e0:11:af:01:
e2:f9:82:da:7d:1d:84:48:2d:84:da:ee:7e:ce:17:
d9:38:84:b5:af:38:57:6a:bd:a0:03:06:f8:55:f3:
b5:12:88:f9:46:6d:95:06:fd:94:75:93:63:e9:ce:
cf:3b:84:22:4b:da:d7:48:ca:a9:f0:44:45:23:2a:
02:f7:aa:c9:7d:20:fc:55:04:8a:42:a9:89:76:7d:
09:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C4:84:A6:6F:A4:61:C3:EF:2D:18:44:06:30:A1:FB:D5:D0:51:E9
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/P8SEpm-kYcPvLRhEBjCh-9XQUek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.0.0/19
92.60.160.0/20
185.66.60.0/22
212.49.128.0/18
212.163.0.0/16
213.9.128.0/17
IPv6:
2001:ac0::/32
Signature Algorithm: sha256WithRSAEncryption
99:f9:54:2b:ad:35:2d:81:9d:15:e8:cc:46:4a:3a:d6:6b:b3:
14:02:dd:3e:25:27:cf:7c:a1:77:d7:13:1f:68:5b:f3:9e:39:
4d:5b:46:31:4e:27:06:59:9d:d5:ce:b4:5f:72:5e:9b:b8:82:
1b:74:75:61:a6:00:ee:28:0a:f0:52:42:bd:94:73:51:2d:df:
2c:c7:06:14:04:47:78:2f:8a:77:1a:50:1b:72:61:bc:a1:4e:
52:c8:d5:c3:e7:f7:0b:9d:3d:e0:4d:d5:ab:23:2a:80:8d:f5:
10:b4:ba:6e:9d:ad:a7:d8:79:db:a8:9b:7e:98:7f:c7:95:20:
4e:b9:6c:96:e7:a2:cb:80:a6:f2:84:7e:21:05:db:60:a3:4e:
9c:ae:cf:42:63:ec:da:2c:4a:35:81:1e:a2:c0:11:91:96:0b:
31:58:2d:0f:a7:4f:ed:02:c2:f9:02:6e:ad:f5:06:4e:f9:43:
92:ac:be:1b:3c:a9:d1:b0:89:30:5b:46:a9:f9:1b:7f:da:b3:
5d:3c:9c:11:5e:ef:51:c7:51:9b:a2:b2:d9:a1:ef:e5:4c:57:
50:ea:9a:55:4c:9e:04:34:c9:9c:1e:8f:27:5a:07:8b:ce:6e:
a5:7b:00:12:61:72:74:50:40:09:67:db:87:c3:f9:bc:dd:9c:
29:cc:8b:e1
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYe+8zZKRBEwlx3ADJXdPirGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjMwNDI2MTkwMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmM0ODRhNjZmYTQ2MWMzZWYyZDE4NDQwNjMwYTFmYmQ1ZDA1MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKQJ5aqnKLHfqg1YTvc9sCXA+2dg
7rCpuuSN4jpjKWy/S2GjCQJld5ebMMaI6tIOnrpnnCvC1wTTbByKOkzSjlhwECCG
lxfhR4MNdi/RBdL4M1m/+HMijcpHJzZotv3yMgNdSM1wA9vzWDLhW+zGhfQQvWRm
LfLLV8HDr46mH7ocNbk2aVBtZn2J9qySC+sEd3WjCpp0JRdUn3u52vbVumqQJQ2u
DKadGlEvwdO+TuARrwHi+YLafR2ESC2E2u5+zhfZOIS1rzhXar2gAwb4VfO1Eoj5
Rm2VBv2UdZNj6c7PO4QiS9rXSMqp8ERFIyoC96rJfSD8VQSKQqmJdn0JYQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFD/EhKZvpGHD7y0YRAYwofvV0FHpMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvUDhTRXBtLWtZY1B2TFJoRUJqQ2gtOVhRVWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQFVBIAAwQE
XDygAwQCuUI8AwQG1DGAAwMA1KMDBAfVCYAwDQQCAAIwBwMFACABCsAwDQYJKoZI
hvcNAQELBQADggEBAJn5VCutNS2BnRXozEZKOtZrsxQC3T4lJ898oXfXEx9oW/Oe
OU1bRjFOJwZZndXOtF9yXpu4ght0dWGmAO4oCvBSQr2Uc1Et3yzHBhQER3gvinca
UBtyYbyhTlLI1cPn9wudPeBN1asjKoCN9RC0um6drafYeduom36Yf8eVIE65bJbn
osuApvKEfiEF22CjTpyuz0Jj7NosSjWBHqLAEZGWCzFYLQ+nT+0CwvkCbq31Bk75
Q5Ksvhs8qdGwiTBbRqn5G3/as108nBFe71HHUZuistmh7+VMV1DqmlVMngQ0yZwe
jydaB4vObqV7ABJhcnRQQAln24fD+bzdnCnMi+E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:32 2023 by rpki-client on console-ams.rpki-client.org