Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x47wWwhZLaEmN4HaRxMzTTAJQPU.roa
File: x47wWwhZLaEmN4HaRxMzTTAJQPU.roa (raw, json)
Hash identifier: BG0/+VS7vugvJRy2HUUrlihtLrnO6adpGLXXuO6ztME=
Subject key identifier: C7:8E:F0:5B:08:59:2D:A1:26:37:81:DA:47:13:33:4D:30:09:40:F5
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 018C7D88CC756DCE38D51A77410B8661EC06
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x47wWwhZLaEmN4HaRxMzTTAJQPU.roa
Signing time: Mon 18 Dec 2023 15:26:06 +0000
ROA not before: Mon 18 Dec 2023 15:26:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40306
IP address blocks: 213.209.176.0/24 maxlen: 24
213.209.177.0/24 maxlen: 24
213.209.178.0/24 maxlen: 24
213.209.181.128/26 maxlen: 26
213.209.180.0/24 maxlen: 24
213.209.181.0/24 maxlen: 24
213.209.182.0/24 maxlen: 24
213.209.183.0/24 maxlen: 24
213.209.191.0/24 maxlen: 24
213.209.188.0/24 maxlen: 24
213.209.189.0/24 maxlen: 24
213.209.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:88:cc:75:6d:ce:38:d5:1a:77:41:0b:86:61:ec:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Dec 18 15:26:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c78ef05b08592da1263781da4713334d300940f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:45:76:4c:db:73:cd:99:e6:39:64:7a:55:d7:
2b:84:5c:42:2f:06:57:42:62:d1:bd:01:1b:ed:7f:
b1:6e:6a:00:b0:6d:0e:d0:52:c0:c4:1d:f9:46:bc:
45:20:5d:53:e9:d9:46:42:38:5d:9f:70:92:bd:8e:
a3:02:a5:53:f4:f4:10:c8:61:2c:99:13:8c:dc:be:
5c:4e:19:eb:2c:d2:c5:8c:c4:ba:f4:ef:75:c4:ff:
0c:9d:df:16:8f:66:a6:2c:ce:ee:63:17:be:46:a0:
38:93:f8:7f:59:a5:00:cc:59:86:d3:3f:0d:19:bd:
aa:9c:b6:d8:bc:d9:1b:7b:2f:18:da:c1:3d:27:97:
2a:be:c7:d1:5f:43:c0:f4:0f:20:e7:fc:be:6b:4d:
ee:de:32:4a:22:ab:2f:c7:e4:5d:dc:cc:d8:40:88:
bb:85:fe:6c:d8:6d:57:45:e3:62:ee:6c:47:94:51:
31:b4:00:0d:0a:a9:c4:c0:1d:d2:e6:81:f7:e7:10:
7f:58:ae:02:9a:54:35:0a:f7:30:b9:1d:46:26:45:
c1:02:6e:0f:38:45:7e:c7:36:e1:5f:11:c2:cd:de:
16:42:f8:11:9b:74:a6:88:ee:17:ec:39:8b:09:6a:
09:1d:14:1a:2b:d3:9b:c0:6f:bc:65:2a:b4:dd:f8:
aa:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8E:F0:5B:08:59:2D:A1:26:37:81:DA:47:13:33:4D:30:09:40:F5
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x47wWwhZLaEmN4HaRxMzTTAJQPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.176.0-213.209.178.255
213.209.180.0/22
213.209.188.0/22
Signature Algorithm: sha256WithRSAEncryption
29:4b:16:d8:43:4c:57:2c:f9:86:af:e7:77:0b:ad:de:17:4a:
a2:7f:9e:e0:1b:bc:5f:11:26:f1:4d:54:95:c2:9f:f2:f5:b5:
c4:df:5c:85:09:6c:2e:74:e8:cb:8f:0d:a5:6f:d1:b2:65:f0:
58:80:ad:ff:75:bb:44:cd:d4:37:cf:a9:13:c1:f0:e5:86:f4:
5a:eb:e0:e7:e5:85:37:c7:e3:d5:5e:b1:95:02:3c:ea:da:90:
44:4a:6f:25:12:25:ac:29:2e:41:94:60:6a:ca:86:0c:b1:10:
1e:6d:36:26:70:13:9b:5f:3b:da:c2:f7:2c:40:68:51:cc:f5:
e6:a1:3d:09:5d:3a:3a:e9:b2:34:49:fe:e4:7c:2e:ab:f8:84:
a4:13:9f:1d:f2:58:ef:2c:33:51:4b:ee:0e:6c:a5:9f:28:e3:
a0:2d:8e:cf:71:21:de:b4:d2:77:da:0a:b1:aa:7a:61:9b:0b:
6e:3c:3d:fa:a3:0b:5b:21:4c:ad:c9:42:c9:e7:1d:48:e0:80:
70:d2:ea:45:91:ce:4a:3f:e5:99:e3:19:65:c0:87:61:b3:83:
de:d8:73:5a:94:cf:9a:a1:44:96:96:c1:66:e7:2d:9c:24:d1:
de:a1:a0:c0:7a:09:8e:7e:48:80:7e:7b:50:49:e2:24:58:46:
f3:09:42:34
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYx9iMx1bc441Rp3QQuGYewGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjMxMjE4MTUyNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzhlZjA1YjA4NTkyZGExMjYzNzgxZGE0NzEzMzM0ZDMwMDk0MGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkV2TNtzzZnmOWR6VdcrhFxCLwZX
QmLRvQEb7X+xbmoAsG0O0FLAxB35RrxFIF1T6dlGQjhdn3CSvY6jAqVT9PQQyGEs
mROM3L5cThnrLNLFjMS69O91xP8Mnd8Wj2amLM7uYxe+RqA4k/h/WaUAzFmG0z8N
Gb2qnLbYvNkbey8Y2sE9J5cqvsfRX0PA9A8g5/y+a03u3jJKIqsvx+Rd3MzYQIi7
hf5s2G1XReNi7mxHlFExtAANCqnEwB3S5oH35xB/WK4CmlQ1CvcwuR1GJkXBAm4P
OEV+xzbhXxHCzd4WQvgRm3SmiO4X7DmLCWoJHRQaK9ObwG+8ZSq03fiqZQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMeO8FsIWS2hJjeB2kcTM00wCUD1MB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEveDQ3d1d3aFpMYUVtTjRIYVJ4TXpUVEFKUVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBATV0bAD
BADV0bIDBALV0bQDBALV0bwwDQYJKoZIhvcNAQELBQADggEBAClLFthDTFcs+Yav
53cLrd4XSqJ/nuAbvF8RJvFNVJXCn/L1tcTfXIUJbC506MuPDaVv0bJl8FiArf91
u0TN1DfPqRPB8OWG9Frr4OflhTfH49VesZUCPOrakERKbyUSJawpLkGUYGrKhgyx
EB5tNiZwE5tfO9rC9yxAaFHM9eahPQldOjrpsjRJ/uR8Lqv4hKQTnx3yWO8sM1FL
7g5spZ8o46Atjs9xId600nfaCrGqemGbC248PfqjC1shTK3JQsnnHUjggHDS6kWR
zko/5ZnjGWXAh2Gzg97Yc1qUz5qhRJaWwWbnLZwk0d6hoMB6CY5+SIB+e1BJ4iRY
RvMJQjQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:26 2024 by rpki-client on console-ams.rpki-client.org