Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/2qO5AYpZwsQvH1hGmqIIRfPxpeM.roa
File: 2qO5AYpZwsQvH1hGmqIIRfPxpeM.roa (raw, json)
Hash identifier: 2uJ/U6VupHf3W5zTf+VWpNRlUt8chLMciHtm8pq9FP8=
Subject key identifier: DA:A3:B9:01:8A:59:C2:C4:2F:1F:58:46:9A:A2:08:45:F3:F1:A5:E3
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018AD17C6764BE1C3C5BEA8B04FECF3AC998
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/2qO5AYpZwsQvH1hGmqIIRfPxpeM.roa
Signing time: Tue 26 Sep 2023 12:35:05 +0000
ROA not before: Tue 26 Sep 2023 12:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137502
IP address blocks: 213.248.219.0/24 maxlen: 24
213.248.254.0/24 maxlen: 24
213.248.255.0/24 maxlen: 24
2a01:618:407::/48 maxlen: 48
2a01:618:402::/48 maxlen: 48
2a01:618:405::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:406::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Sep 2023 15:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:7c:67:64:be:1c:3c:5b:ea:8b:04:fe:cf:3a:c9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 26 12:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daa3b9018a59c2c42f1f58469aa20845f3f1a5e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:57:f1:c0:4b:b4:78:67:3f:96:65:62:0d:cd:
67:19:fa:45:97:95:e6:e4:ea:18:74:74:55:bd:e9:
8e:58:07:52:e2:d7:5c:b7:76:f5:40:65:95:8a:06:
bd:3b:6a:63:dd:cc:41:1f:34:d9:74:59:ce:b6:0a:
e9:57:b3:1e:8e:8d:2c:f0:14:e0:70:c3:ef:a7:7c:
f7:94:9d:0c:44:da:09:c3:6c:7c:48:b2:03:ba:64:
26:d1:a5:e3:13:7f:ec:20:69:49:d6:fa:57:3c:92:
3f:d3:0e:d0:a1:9c:01:e9:76:ff:ac:0b:1d:8d:c1:
32:dc:4b:f4:d8:d5:f3:65:ea:00:6b:72:9e:f6:81:
eb:74:60:47:9b:0c:8a:d2:94:5c:8f:c1:3d:04:eb:
e2:1d:a8:02:e2:f6:8b:72:28:d1:76:dd:d8:3c:b4:
b3:63:6b:3b:fa:d2:b8:fb:f9:af:77:a9:11:53:47:
cf:87:b2:77:0d:cb:a8:c6:af:40:db:0b:76:27:15:
72:d9:57:3b:ec:48:7a:fa:fe:9b:c4:3f:97:71:6d:
d5:1d:f1:e4:87:f7:44:9d:e3:46:6b:9b:3e:9d:44:
bc:fa:f0:4a:bc:ec:a8:5b:5b:2b:31:5b:46:cf:58:
eb:3a:3e:5c:52:e9:10:8c:79:c9:23:fb:19:48:cd:
79:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A3:B9:01:8A:59:C2:C4:2F:1F:58:46:9A:A2:08:45:F3:F1:A5:E3
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/2qO5AYpZwsQvH1hGmqIIRfPxpeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.219.0/24
213.248.254.0/23
IPv6:
2a01:618:400::/45
Signature Algorithm: sha256WithRSAEncryption
49:5e:91:3a:18:c7:ef:46:74:fe:2c:6b:56:47:ff:d7:f8:36:
f5:e9:fa:b7:79:48:f7:2c:b5:46:c7:6c:ca:e4:f1:2f:40:46:
39:88:bf:7a:9c:06:e7:18:b3:fc:22:8a:fb:db:df:67:c3:23:
5b:f9:a6:0e:b1:0b:e2:d4:be:ca:75:a4:a8:9c:0a:d9:72:4a:
7f:5a:4e:4d:a7:c6:5b:66:a7:76:ff:16:55:95:ad:32:84:5a:
0e:7b:8b:8e:0e:12:58:35:70:f8:ff:1d:58:05:4b:72:90:a2:
19:40:f2:c3:57:4b:f7:81:5b:58:42:5a:09:80:63:99:79:85:
25:6f:84:a5:35:71:14:e2:4e:be:ee:a5:b0:b9:96:07:63:48:
11:9a:a8:2c:78:82:ed:f6:5a:c6:82:98:da:bd:90:46:a7:2f:
d6:d4:6a:2f:3e:44:96:34:35:2c:ea:91:1d:2d:13:ef:43:77:
a1:19:62:6e:6a:c0:ba:22:4a:03:5b:89:d1:ab:bd:59:bc:6c:
93:36:58:23:d1:bb:71:84:bd:e9:65:3c:3b:64:e6:22:fc:e8:
ac:f7:57:d4:14:58:fc:77:c4:e7:e9:3a:b9:e4:80:07:18:61:
a8:5c:3b:2d:e7:ec:9a:4c:99:09:b1:3a:78:02:5c:e1:a6:bf:
1a:82:7d:a9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYrRfGdkvhw8W+qLBP7POsmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTI2MTIzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWEzYjkwMThhNTljMmM0MmYxZjU4NDY5YWEyMDg0NWYzZjFhNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVfxwEu0eGc/lmViDc1nGfpFl5Xm
5OoYdHRVvemOWAdS4tdct3b1QGWViga9O2pj3cxBHzTZdFnOtgrpV7Mejo0s8BTg
cMPvp3z3lJ0MRNoJw2x8SLIDumQm0aXjE3/sIGlJ1vpXPJI/0w7QoZwB6Xb/rAsd
jcEy3Ev02NXzZeoAa3Ke9oHrdGBHmwyK0pRcj8E9BOviHagC4vaLcijRdt3YPLSz
Y2s7+tK4+/mvd6kRU0fPh7J3Dcuoxq9A2wt2JxVy2Vc77Eh6+v6bxD+XcW3VHfHk
h/dEneNGa5s+nUS8+vBKvOyoW1srMVtGz1jrOj5cUukQjHnJI/sZSM15BQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNqjuQGKWcLELx9YRpqiCEXz8aXjMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvMnFPNUFZcFp3c1F2SDFoR21xSUlSZlB4cGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQA1fjbAwQB
1fj+MA8EAgACMAkDBwMqAQYYBAAwDQYJKoZIhvcNAQELBQADggEBAElekToYx+9G
dP4sa1ZH/9f4NvXp+rd5SPcstUbHbMrk8S9ARjmIv3qcBucYs/wiivvb32fDI1v5
pg6xC+LUvsp1pKicCtlySn9aTk2nxltmp3b/FlWVrTKEWg57i44OElg1cPj/HVgF
S3KQohlA8sNXS/eBW1hCWgmAY5l5hSVvhKU1cRTiTr7upbC5lgdjSBGaqCx4gu32
WsaCmNq9kEanL9bUai8+RJY0NSzqkR0tE+9Dd6EZYm5qwLoiSgNbidGrvVm8bJM2
WCPRu3GEvellPDtk5iL86Kz3V9QUWPx3xOfpOrnkgAcYYahcOy3n7JpMmQmxOngC
XOGmvxqCfak=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org