Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/0lQdRD2uln6weY3tOl7Zt-kASVo.roa
File: 0lQdRD2uln6weY3tOl7Zt-kASVo.roa (raw, json)
Hash identifier: Qdtun/QXxdP1YotTfFnG+dv7K336OEhXMzvZZipIYyA=
Subject key identifier: D2:54:1D:44:3D:AE:96:7E:B0:79:8D:ED:3A:5E:D9:B7:E9:00:49:5A
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018AB76448E5F8734F7CC3B369C506A6B592
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/0lQdRD2uln6weY3tOl7Zt-kASVo.roa
Signing time: Thu 21 Sep 2023 10:58:37 +0000
ROA not before: Thu 21 Sep 2023 10:58:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137502
IP address blocks: 213.248.254.0/24 maxlen: 24
213.248.255.0/24 maxlen: 24
2a01:618:402::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:64:48:e5:f8:73:4f:7c:c3:b3:69:c5:06:a6:b5:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 21 10:58:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2541d443dae967eb0798ded3a5ed9b7e900495a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:52:1a:7a:31:85:d3:de:0c:ee:11:83:ed:a7:
01:6a:28:b9:6d:93:04:62:5b:d8:c9:70:9b:2e:ff:
35:df:84:71:20:cc:22:d4:6f:ae:00:4a:9c:30:6d:
b0:a3:3d:34:16:70:d9:c3:0e:8a:ea:db:87:aa:55:
06:27:f1:b0:82:22:4a:a3:2e:fe:24:1e:69:fe:57:
ef:45:fd:b0:d8:87:24:cc:59:75:92:dc:46:79:86:
43:25:33:bf:c3:6b:0c:dd:9c:3f:15:84:45:d3:91:
4a:a3:f4:41:b8:53:ef:a0:d0:50:43:6f:9c:99:d1:
bf:69:de:ee:ff:54:73:96:43:1f:14:b7:3e:e7:49:
82:fe:67:65:41:f8:27:32:98:1a:81:47:60:94:5e:
c2:ba:95:31:48:ac:e0:76:df:29:c2:ff:0a:87:d6:
79:d0:62:26:f1:1f:67:b2:bd:29:0a:0e:0c:54:c1:
24:d0:23:da:9b:96:a4:38:38:78:77:5d:2b:38:4e:
a4:03:d5:7b:b4:24:3d:09:62:8c:13:d9:3b:0c:69:
03:36:08:20:5e:f0:73:60:0e:34:93:f4:9b:c3:be:
b8:9c:e4:72:f0:48:09:1b:f1:d6:81:50:83:5e:e9:
48:e7:73:23:14:b4:59:47:ce:80:f8:a5:af:19:be:
04:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:54:1D:44:3D:AE:96:7E:B0:79:8D:ED:3A:5E:D9:B7:E9:00:49:5A
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/0lQdRD2uln6weY3tOl7Zt-kASVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.254.0/23
IPv6:
2a01:618:400::-2a01:618:404:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
20:84:ae:c3:1d:58:11:82:29:c8:bd:19:a7:47:ac:96:42:a1:
06:20:d9:a0:8f:f9:29:6d:ba:37:48:da:f3:29:9e:96:41:51:
6f:58:a5:02:9e:37:53:05:5e:90:ac:a0:28:07:3f:b5:25:20:
7d:b3:32:1f:6e:81:c9:53:b9:f7:16:78:c5:fa:0c:ab:ff:cb:
85:26:3b:bc:ac:68:b9:38:01:f2:d3:77:cc:4a:e9:28:f6:60:
a2:da:51:0b:68:44:69:f3:f9:af:c0:32:d8:c9:be:02:bc:16:
f4:7c:3e:57:d8:6b:5d:f5:7e:73:a2:20:39:04:77:c2:15:29:
f0:7a:c4:22:8e:de:f0:f2:e2:f4:ef:2f:a8:9e:fe:5c:78:c2:
6d:18:6b:b7:15:63:38:ec:e1:0a:e0:c6:b3:16:d3:37:2a:a0:
70:ca:65:7d:b1:5a:92:d6:11:6c:b3:dc:c5:5d:54:6f:99:16:
60:e5:5d:38:df:af:f7:fe:5d:b0:0b:c3:66:7a:55:e7:da:e5:
d0:d9:8b:8f:30:e5:da:63:b9:6c:90:77:0f:d6:ad:96:11:db:
d2:0e:66:56:f4:2f:e6:14:d3:46:6a:79:51:10:55:5f:d4:64:
1c:1f:1e:7a:78:40:3b:36:b2:f0:79:23:d4:e9:e0:72:7c:ea:
bf:17:c4:f8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYq3ZEjl+HNPfMOzacUGprWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTIxMTA1ODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU0MWQ0NDNkYWU5NjdlYjA3OThkZWQzYTVlZDliN2U5MDA0OTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFIaejGF094M7hGD7acBaii5bZME
YlvYyXCbLv8134RxIMwi1G+uAEqcMG2woz00FnDZww6K6tuHqlUGJ/GwgiJKoy7+
JB5p/lfvRf2w2IckzFl1ktxGeYZDJTO/w2sM3Zw/FYRF05FKo/RBuFPvoNBQQ2+c
mdG/ad7u/1RzlkMfFLc+50mC/mdlQfgnMpgagUdglF7CupUxSKzgdt8pwv8Kh9Z5
0GIm8R9nsr0pCg4MVMEk0CPam5akODh4d10rOE6kA9V7tCQ9CWKME9k7DGkDNggg
XvBzYA40k/Sbw764nORy8EgJG/HWgVCDXulI53MjFLRZR86A+KWvGb4E2QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNJUHUQ9rpZ+sHmN7Tpe2bfpAElaMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvMGxRZFJEMnVsbjZ3ZVkzdE9sN1p0LWtBU1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQB1fj+MBkE
AgACMBMwEQMGAioBBhgEAwcAKgEGGAQEMA0GCSqGSIb3DQEBCwUAA4IBAQAghK7D
HVgRginIvRmnR6yWQqEGINmgj/kpbbo3SNrzKZ6WQVFvWKUCnjdTBV6QrKAoBz+1
JSB9szIfboHJU7n3FnjF+gyr/8uFJju8rGi5OAHy03fMSuko9mCi2lELaERp8/mv
wDLYyb4CvBb0fD5X2Gtd9X5zoiA5BHfCFSnwesQijt7w8uL07y+onv5ceMJtGGu3
FWM47OEK4MazFtM3KqBwymV9sVqS1hFss9zFXVRvmRZg5V0436/3/l2wC8NmelXn
2uXQ2YuPMOXaY7lskHcP1q2WEdvSDmZW9C/mFNNGanlREFVf1GQcHx56eEA7NrLw
eSPU6eByfOq/F8T4
-----END CERTIFICATE-----
Generated at Thu Sep 21 15:28:30 2023 by rpki-client on console-fra.rpki-client.org