Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/g_dJzPEazmTf1YvaJtyphcgpoWc.roa
File: g_dJzPEazmTf1YvaJtyphcgpoWc.roa (raw, json)
Hash identifier: vC9upa0SUAHItPIYDncIHooYIrC2Qh7DO2AcJXx52EE=
Subject key identifier: 83:F7:49:CC:F1:1A:CE:64:DF:D5:8B:DA:26:DC:A9:85:C8:29:A1:67
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 018CC86F8383E8F9F5602200301EE989160A
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/g_dJzPEazmTf1YvaJtyphcgpoWc.roa
Signing time: Tue 02 Jan 2024 04:30:00 +0000
ROA not before: Tue 02 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5400
IP address blocks: 213.9.138.0/24 maxlen: 24
212.163.169.0/24 maxlen: 24
213.9.148.0/24 maxlen: 24
212.49.181.0/24 maxlen: 24
212.49.190.0/24 maxlen: 24
213.9.232.0/24 maxlen: 24
212.163.40.0/24 maxlen: 24
212.49.131.0/24 maxlen: 24
212.163.55.0/24 maxlen: 24
212.49.142.0/24 maxlen: 24
212.49.167.0/24 maxlen: 24
213.9.173.0/24 maxlen: 24
213.9.177.0/24 maxlen: 24
212.163.206.0/24 maxlen: 24
212.163.3.0/24 maxlen: 24
213.9.188.0/24 maxlen: 24
212.163.6.0/24 maxlen: 24
212.163.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 13:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:83:83:e8:f9:f5:60:22:00:30:1e:e9:89:16:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Jan 2 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83f749ccf11ace64dfd58bda26dca985c829a167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c8:eb:08:36:a3:b3:3f:94:73:44:be:57:91:
16:dc:f1:d3:52:e1:84:2b:6c:25:2f:bb:58:70:54:
70:db:0a:07:fc:c7:a5:6d:f6:9b:ed:de:e6:f3:78:
15:ef:61:be:d3:83:65:ef:ab:e6:38:c1:e1:67:fb:
51:87:fa:a1:80:71:c6:ac:20:6c:18:47:13:27:58:
8e:3f:c4:20:53:a6:33:be:28:19:1c:e0:1d:6a:75:
dd:88:57:06:13:15:fc:65:94:10:ea:66:a4:c5:08:
b9:ea:10:42:d3:64:aa:3a:86:a6:23:d6:fb:bd:a3:
ea:d7:da:5e:c8:d8:9b:b3:f6:ca:56:58:ca:8d:a7:
d3:48:4e:cd:5f:61:59:c8:5e:cd:d5:43:7a:0c:69:
c4:84:e8:b0:ef:7c:c9:59:0a:db:6f:be:f2:e1:d9:
0b:cd:f4:68:1a:74:55:3a:1c:5a:ad:c1:e9:2a:f4:
8a:27:83:dc:68:39:4b:21:1e:11:a0:ab:b1:8b:5c:
7d:07:a3:88:c7:db:8d:0a:01:3e:f5:6b:2b:ff:01:
6b:3a:15:1a:12:03:92:00:3c:ec:09:22:20:e5:fa:
26:b2:7b:a0:c8:89:bf:9e:83:f4:84:69:17:aa:39:
82:10:5f:41:3a:ca:72:2c:6c:ef:39:3c:55:74:4d:
c3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F7:49:CC:F1:1A:CE:64:DF:D5:8B:DA:26:DC:A9:85:C8:29:A1:67
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/g_dJzPEazmTf1YvaJtyphcgpoWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.49.131.0/24
212.49.142.0/24
212.49.167.0/24
212.49.181.0/24
212.49.190.0/24
212.163.3.0/24
212.163.6.0/24
212.163.24.0/24
212.163.40.0/24
212.163.55.0/24
212.163.169.0/24
212.163.206.0/24
213.9.138.0/24
213.9.148.0/24
213.9.173.0/24
213.9.177.0/24
213.9.188.0/24
213.9.232.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:a6:6c:0c:2d:e9:ae:72:54:74:57:dc:49:30:16:b1:c4:68:
0a:14:ce:1d:85:97:c1:4c:db:85:cc:65:70:2d:a0:13:88:b7:
c4:11:a8:6b:5c:f2:89:69:0c:90:69:64:05:b5:34:69:7f:0f:
56:f2:25:70:f0:0c:8a:fc:d6:4c:c2:9f:2e:d4:c5:ed:5a:ad:
9f:c2:dc:eb:af:9d:b9:71:92:ae:bd:62:0b:1f:5a:d2:80:15:
00:4f:73:bc:42:cb:b8:bd:4c:59:ab:5c:a8:f9:51:7d:cd:d7:
51:cb:d3:85:3d:e7:0f:8f:ea:27:60:df:f3:30:e1:fe:b7:bc:
fc:53:4f:a3:ed:de:e1:ba:ba:bb:1a:7b:c6:b8:b5:95:7c:fb:
f0:a2:6b:ad:db:94:5d:5a:4c:aa:a3:98:60:bb:a8:91:74:54:
a6:a6:ee:f6:e0:8c:02:57:a9:bb:1c:0e:7b:bc:58:13:b3:86:
9d:f7:97:32:52:1d:0a:8f:98:20:ef:34:27:5d:a0:fe:75:9a:
f3:82:ae:65:99:df:76:6f:e7:11:6e:c0:21:2c:83:1e:d5:4b:
2d:08:82:60:79:32:34:53:fc:8b:bc:ff:b8:23:ce:66:72:bc:
47:4a:7c:2a:12:7e:24:aa:be:64:ef:83:df:0c:33:53:5e:90:
dd:66:2e:a3
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYzIb4OD6Pn1YCIAMB7piRYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwMTAyMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Y3NDljY2YxMWFjZTY0ZGZkNThiZGEyNmRjYTk4NWM4MjlhMTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicjrCDajsz+Uc0S+V5EW3PHTUuGE
K2wlL7tYcFRw2woH/Melbfab7d7m83gV72G+04Nl76vmOMHhZ/tRh/qhgHHGrCBs
GEcTJ1iOP8QgU6YzvigZHOAdanXdiFcGExX8ZZQQ6makxQi56hBC02SqOoamI9b7
vaPq19peyNibs/bKVljKjafTSE7NX2FZyF7N1UN6DGnEhOiw73zJWQrbb77y4dkL
zfRoGnRVOhxarcHpKvSKJ4PcaDlLIR4RoKuxi1x9B6OIx9uNCgE+9Wsr/wFrOhUa
EgOSADzsCSIg5fomsnugyIm/noP0hGkXqjmCEF9BOspyLGzvOTxVdE3DDwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFIP3SczxGs5k39WL2ibcqYXIKaFnMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvZ19kSnpQRWF6bVRmMVl2YUp0eXBoY2dwb1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEANQxgwME
ANQxjgMEANQxpwMEANQxtQMEANQxvgMEANSjAwMEANSjBgMEANSjGAMEANSjKAME
ANSjNwMEANSjqQMEANSjzgMEANUJigMEANUJlAMEANUJrQMEANUJsQMEANUJvAME
ANUJ6DANBgkqhkiG9w0BAQsFAAOCAQEAuKZsDC3prnJUdFfcSTAWscRoChTOHYWX
wUzbhcxlcC2gE4i3xBGoa1zyiWkMkGlkBbU0aX8PVvIlcPAMivzWTMKfLtTF7Vqt
n8Lc66+duXGSrr1iCx9a0oAVAE9zvELLuL1MWatcqPlRfc3XUcvThT3nD4/qJ2Df
8zDh/re8/FNPo+3e4bq6uxp7xri1lXz78KJrrduUXVpMqqOYYLuokXRUpqbu9uCM
AlepuxwOe7xYE7OGnfeXMlIdCo+YIO80J12g/nWa84KuZZnfdm/nEW7AISyDHtVL
LQiCYHkyNFP8i7z/uCPOZnK8R0p8KhJ+JKq+ZO+D3wwzU16Q3WYuow==
-----END CERTIFICATE-----
Generated at Mon Jan 22 16:40:15 2024 by rpki-client on console-ams.rpki-client.org