Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/pxmYwNpNEor_-91gmk2Af_kYryU.roa
File: pxmYwNpNEor_-91gmk2Af_kYryU.roa (raw, json)
Hash identifier: v4Bz9QhxEUveNkSmn8N6yQLBmTpmzil4mNzvOeCBSnc=
Subject key identifier: A7:19:98:C0:DA:4D:12:8A:FF:FB:DD:60:9A:4D:80:7F:F9:18:AF:25
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 018CC86F84915D6A09CD1100FBA3DEBBC3C2
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/pxmYwNpNEor_-91gmk2Af_kYryU.roa
Signing time: Tue 02 Jan 2024 04:30:00 +0000
ROA not before: Tue 02 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8903
IP address blocks: 213.9.128.0/17 maxlen: 17
213.9.144.0/24 maxlen: 24
213.9.142.0/23 maxlen: 23
213.9.162.0/23 maxlen: 23
212.49.189.0/24 maxlen: 24
212.66.164.0/22 maxlen: 22
212.66.162.0/23 maxlen: 23
212.66.163.0/24 maxlen: 24
212.66.161.0/24 maxlen: 24
212.66.168.0/21 maxlen: 21
212.66.176.0/20 maxlen: 20
213.9.240.0/23 maxlen: 23
213.9.245.0/24 maxlen: 24
213.9.244.0/24 maxlen: 24
213.9.246.0/24 maxlen: 24
213.9.248.0/24 maxlen: 24
213.9.247.0/24 maxlen: 24
213.9.182.0/24 maxlen: 24
213.9.186.0/24 maxlen: 24
213.9.185.0/24 maxlen: 24
213.9.190.0/23 maxlen: 23
213.9.217.0/24 maxlen: 24
212.163.185.0/24 maxlen: 24
212.163.193.0/24 maxlen: 24
212.163.92.0/24 maxlen: 24
212.163.94.0/24 maxlen: 24
212.163.130.0/24 maxlen: 24
212.49.129.0/24 maxlen: 24
212.49.128.0/18 maxlen: 18
212.163.216.0/22 maxlen: 22
212.163.225.0/24 maxlen: 24
212.163.226.0/24 maxlen: 24
212.163.220.0/22 maxlen: 22
212.163.227.0/24 maxlen: 24
212.163.235.0/24 maxlen: 24
185.66.60.0/22 maxlen: 22
185.66.60.0/24 maxlen: 24
185.66.62.0/24 maxlen: 24
185.66.61.0/24 maxlen: 24
212.163.240.0/20 maxlen: 20
84.18.0.0/19 maxlen: 19
213.192.216.0/21 maxlen: 21
213.192.224.0/22 maxlen: 22
213.192.232.0/22 maxlen: 22
213.192.228.0/23 maxlen: 23
213.192.238.0/24 maxlen: 24
213.192.240.0/24 maxlen: 24
213.192.239.0/24 maxlen: 24
213.192.235.0/24 maxlen: 24
213.192.246.0/24 maxlen: 24
213.192.241.0/24 maxlen: 24
213.192.244.0/23 maxlen: 23
213.192.242.0/23 maxlen: 23
213.192.251.0/24 maxlen: 24
213.192.253.0/24 maxlen: 24
213.192.249.0/24 maxlen: 24
213.192.247.0/24 maxlen: 24
213.192.252.0/23 maxlen: 23
213.192.248.0/21 maxlen: 21
213.192.254.0/24 maxlen: 24
213.192.255.0/24 maxlen: 24
212.163.48.0/24 maxlen: 24
212.163.91.0/24 maxlen: 24
212.163.1.0/24 maxlen: 24
212.163.5.0/24 maxlen: 24
212.163.0.0/16 maxlen: 16
212.163.31.0/24 maxlen: 24
92.60.160.0/20 maxlen: 20
92.60.170.0/24 maxlen: 24
92.60.174.0/24 maxlen: 24
92.60.173.0/24 maxlen: 24
213.192.192.0/18 maxlen: 18
213.192.193.0/24 maxlen: 24
213.192.200.0/22 maxlen: 22
213.192.206.0/23 maxlen: 23
213.192.203.0/24 maxlen: 24
213.192.212.0/22 maxlen: 22
213.192.213.0/24 maxlen: 24
2001:ac0:30fd::/48 maxlen: 48
2001:ac0::/32 maxlen: 32
2001:ac0:c040::/44 maxlen: 44
2001:ac0:c880::/44 maxlen: 44
2001:ac0:c0c0::/44 maxlen: 44
Validation: Failed, certificate revoked on Fri 16 Feb 2024 10:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:84:91:5d:6a:09:cd:11:00:fb:a3:de:bb:c3:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Jan 2 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a71998c0da4d128afffbdd609a4d807ff918af25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2d:f2:ae:b0:b6:c3:93:f3:6b:13:f8:de:6c:
0a:bd:c8:0a:18:62:99:28:e6:a2:cf:32:af:b2:7b:
77:e2:fc:ae:33:38:a6:5c:f3:a4:5e:f8:c4:b5:30:
c8:31:d2:5b:47:03:89:dc:11:14:8d:88:48:0c:72:
aa:76:29:66:79:77:f4:0d:a1:d2:0d:c5:93:17:bd:
00:ef:ae:33:88:72:db:ea:b6:24:35:37:64:29:8e:
b6:29:5f:89:e6:55:ad:f4:ef:df:14:5c:01:be:3b:
f7:7d:1d:fd:de:1f:b0:d8:58:c2:17:fd:ae:1c:af:
f5:d4:f3:00:70:b3:e5:85:4c:f2:ee:a0:ba:25:5a:
55:04:f6:e8:6d:5f:de:e4:6a:1a:fc:60:13:56:de:
03:c4:f5:93:14:c5:04:a2:cb:68:4f:7b:ca:ec:52:
b5:23:f3:47:22:79:4e:bd:c7:2c:6f:80:8f:69:d2:
fd:fa:22:25:0f:1e:99:fa:1d:f5:f9:15:43:73:72:
78:ec:6c:0d:94:91:5a:da:cf:19:3a:f5:ce:75:ea:
f7:7f:d2:2f:0f:f0:c8:88:79:0b:f1:93:5a:31:64:
1a:75:b3:04:07:52:7e:b2:e5:00:16:5c:29:da:c8:
60:b8:b9:5e:6b:99:e1:c7:a4:b5:04:f6:24:2e:5c:
72:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:19:98:C0:DA:4D:12:8A:FF:FB:DD:60:9A:4D:80:7F:F9:18:AF:25
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/pxmYwNpNEor_-91gmk2Af_kYryU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.0.0/19
92.60.160.0/20
185.66.60.0/22
212.49.128.0/18
212.66.161.0-212.66.191.255
212.163.0.0/16
213.9.128.0/17
213.192.192.0/18
IPv6:
2001:ac0::/32
Signature Algorithm: sha256WithRSAEncryption
40:07:a1:d3:4c:0d:2f:d8:d9:2f:89:39:27:20:d4:38:50:05:
64:a0:ef:f1:ce:96:de:71:ea:21:33:d9:a0:4b:7c:2e:73:c9:
0e:a9:95:0c:de:b0:a8:87:e3:47:ff:79:69:44:93:ea:97:31:
fc:0f:47:f6:b4:7f:3a:e4:1e:d2:f7:9a:cb:ad:02:64:d0:da:
60:df:e3:84:82:90:73:46:bf:b4:dd:b2:7a:ea:b6:18:cd:61:
28:1f:1e:be:7b:fc:f5:6b:08:cd:08:07:95:fd:b6:d2:5f:3e:
26:e0:27:be:78:42:d8:73:be:a3:ce:1b:b7:ea:d5:f6:a3:fa:
81:b9:67:f9:58:1e:53:08:0e:28:d0:6e:22:22:48:8d:aa:bf:
59:78:c6:9c:f9:5e:28:09:3a:df:e9:3a:1a:f0:88:4b:4d:f5:
04:4e:14:6a:e4:05:9f:e7:25:be:36:06:b1:f3:05:a5:ce:19:
7d:65:21:f2:54:a1:06:13:87:ad:1e:6d:3f:10:4d:57:56:ca:
57:71:21:c4:20:39:f9:88:61:08:94:6f:b9:59:86:2c:89:88:
1b:06:8f:35:41:06:8e:89:bc:ec:7c:4f:a8:ab:28:30:96:23:
f3:ae:d3:0e:cd:62:6b:bf:aa:21:3e:bb:2b:4d:25:bd:ec:1d:
f6:f6:d6:46
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzIb4SRXWoJzREA+6Peu8PCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwMTAyMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzE5OThjMGRhNGQxMjhhZmZmYmRkNjA5YTRkODA3ZmY5MThhZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAty3yrrC2w5PzaxP43mwKvcgKGGKZ
KOaizzKvsnt34vyuMzimXPOkXvjEtTDIMdJbRwOJ3BEUjYhIDHKqdilmeXf0DaHS
DcWTF70A764ziHLb6rYkNTdkKY62KV+J5lWt9O/fFFwBvjv3fR393h+w2FjCF/2u
HK/11PMAcLPlhUzy7qC6JVpVBPbobV/e5Goa/GATVt4DxPWTFMUEostoT3vK7FK1
I/NHInlOvccsb4CPadL9+iIlDx6Z+h31+RVDc3J47GwNlJFa2s8ZOvXOder3f9Iv
D/DIiHkL8ZNaMWQadbMEB1J+suUAFlwp2shguLlea5nhx6S1BPYkLlxyXwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKcZmMDaTRKK//vdYJpNgH/5GK8lMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvcHhtWXdOcE5Fb3JfLTkxZ21rMkFmX2tZcnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA9BAIAATA3AwQFVBIAAwQE
XDygAwQCuUI8AwQG1DGAMAwDBADUQqEDBAbUQoADAwDUowMEB9UJgAMEBtXAwDAN
BAIAAjAHAwUAIAEKwDANBgkqhkiG9w0BAQsFAAOCAQEAQAeh00wNL9jZL4k5JyDU
OFAFZKDv8c6W3nHqITPZoEt8LnPJDqmVDN6wqIfjR/95aUST6pcx/A9H9rR/OuQe
0veay60CZNDaYN/jhIKQc0a/tN2yeuq2GM1hKB8evnv89WsIzQgHlf220l8+JuAn
vnhC2HO+o84bt+rV9qP6gbln+VgeUwgOKNBuIiJIjaq/WXjGnPleKAk63+k6GvCI
S031BE4UauQFn+clvjYGsfMFpc4ZfWUh8lShBhOHrR5tPxBNV1bKV3EhxCA5+Yhh
CJRvuVmGLImIGwaPNUEGjom87HxPqKsoMJYj867TDs1ia7+qIT67K00lvewd9vbW
Rg==
-----END CERTIFICATE-----
Generated at Fri Feb 16 15:29:04 2024 by rpki-client on console-ams.rpki-client.org