Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/3er-REfhn2rQG0SMvBqi0E5NveQ.roa
File: 3er-REfhn2rQG0SMvBqi0E5NveQ.roa (raw, json)
Hash identifier: gX2w7SOilLcRPWspzns2yqrD6sYqRHfZWh0Cf1Y76Ww=
Subject key identifier: DD:EA:FE:44:47:E1:9F:6A:D0:1B:44:8C:BC:1A:A2:D0:4E:4D:BD:E4
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018A8E9E8D0C19AFD1C4339AF4FA7C213828
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/3er-REfhn2rQG0SMvBqi0E5NveQ.roa
Signing time: Wed 13 Sep 2023 12:57:50 +0000
ROA not before: Wed 13 Sep 2023 12:57:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8683
IP address blocks: 149.20.108.0/22 maxlen: 22
213.248.198.0/23 maxlen: 23
213.248.196.0/23 maxlen: 23
149.20.96.0/22 maxlen: 22
149.20.104.0/22 maxlen: 22
149.20.100.0/22 maxlen: 22
213.248.232.0/21 maxlen: 21
213.248.230.0/23 maxlen: 23
213.248.228.0/23 maxlen: 23
213.248.240.0/21 maxlen: 21
2a01:61c:1000::/40 maxlen: 40
2a01:61c:1100::/40 maxlen: 40
2a01:61c:1900::/40 maxlen: 40
2a01:61c:1d00::/40 maxlen: 40
2a01:61c:1f00::/40 maxlen: 40
2a01:61c:2000::/40 maxlen: 40
2a01:61c:2100::/40 maxlen: 40
2a01:61c:2f00::/40 maxlen: 40
2a01:618:8000::/33 maxlen: 33
2a01:618:8000::/40 maxlen: 40
2a01:61c:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Sep 2023 13:16:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:9e:8d:0c:19:af:d1:c4:33:9a:f4:fa:7c:21:38:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 13 12:57:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddeafe4447e19f6ad01b448cbc1aa2d04e4dbde4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e9:9a:9a:3d:ed:8b:2d:2d:81:dc:38:d2:84:
9d:70:44:61:e5:df:43:4b:7f:34:95:d0:e4:e2:47:
fe:47:a3:a4:1d:ef:9b:bf:eb:44:61:da:72:06:08:
7c:0a:df:67:60:75:db:2b:73:3f:28:5d:2a:c3:89:
e7:0f:8d:a2:b6:83:d1:b8:ba:a4:ec:f7:3d:b7:f6:
05:0f:7c:86:e5:63:cb:92:ee:f9:ee:50:90:de:1b:
a4:a4:fd:f0:08:df:dc:4d:2c:26:8d:ac:0b:14:44:
7b:06:ca:5e:c3:2b:83:7c:8e:e9:46:b3:02:d0:45:
80:3c:0c:be:d4:3a:35:7b:7a:03:1e:03:f8:cd:c2:
8a:43:89:98:a5:0f:7a:ff:5c:23:de:37:14:e7:13:
13:3a:c3:be:0b:bb:bb:cb:0f:3d:e9:c0:dc:9c:ec:
b8:2c:73:ed:d3:4f:aa:3a:a6:92:84:7b:de:85:74:
09:f4:11:be:1c:17:30:01:32:94:cb:ac:3f:e3:35:
63:88:35:05:2d:ed:6b:f1:ad:4d:fc:64:4e:b5:0b:
d8:83:8d:7b:d1:77:9c:00:39:38:39:0a:6f:d9:88:
77:b6:b7:13:4b:2d:d8:fe:4d:12:4c:16:0a:ab:40:
95:5f:2c:30:e8:32:ee:bf:1d:2d:d2:b1:67:4b:31:
19:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:EA:FE:44:47:E1:9F:6A:D0:1B:44:8C:BC:1A:A2:D0:4E:4D:BD:E4
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/3er-REfhn2rQG0SMvBqi0E5NveQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.96.0/20
213.248.196.0/22
213.248.228.0-213.248.247.255
IPv6:
2a01:618:8000::/33
2a01:61c:1000::/39
2a01:61c:1900::/40
2a01:61c:1d00::/40
2a01:61c:1f00::-2a01:61c:21ff:ffff:ffff:ffff:ffff:ffff
2a01:61c:2f00::/40
2a01:61c:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
04:1d:1d:08:6a:c4:49:7e:27:a5:60:d9:4d:b2:0d:31:ef:fe:
3f:57:f4:d9:2e:b1:60:cc:c5:e8:d8:7a:5e:d0:cd:3e:ec:2c:
21:0c:9f:88:9d:40:f6:fb:62:88:8c:f5:d1:55:42:61:62:46:
4a:d3:02:38:9c:60:7d:2d:99:d2:b2:e0:c9:9d:dd:af:f0:69:
08:f3:5a:aa:80:18:ce:07:07:ec:ad:c6:35:00:a0:b8:b1:29:
2f:41:18:40:35:37:5a:05:a9:3a:20:07:e1:e4:96:84:18:a4:
17:86:9f:98:b8:10:55:e2:d9:57:5a:57:47:d6:65:08:0c:cc:
c4:2d:8d:66:ae:de:50:95:cf:c5:6d:dc:66:fd:4b:ac:0b:c4:
83:c0:29:c4:80:06:9b:b3:ec:c3:ff:a3:be:9f:6b:f1:01:01:
bb:9d:37:49:bd:da:79:37:f8:8d:a7:b9:bf:8d:85:be:7e:35:
ae:ea:95:3b:ad:19:3e:8f:0b:f5:a1:3e:88:fa:ef:47:d0:47:
59:a1:5e:da:c3:b6:72:b7:ba:da:f0:a9:90:c1:e1:58:67:72:
2b:ad:a7:51:8e:3d:8e:f4:32:3b:1c:68:e3:8a:31:64:4d:a2:
19:80:97:01:99:8d:14:0a:d4:4c:d9:90:88:9f:2d:55:9a:59:
fd:57:c3:d2
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYqOno0MGa/RxDOa9Pp8ITgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTEzMTI1NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGVhZmU0NDQ3ZTE5ZjZhZDAxYjQ0OGNiYzFhYTJkMDRlNGRiZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhemamj3tiy0tgdw40oSdcERh5d9D
S380ldDk4kf+R6OkHe+bv+tEYdpyBgh8Ct9nYHXbK3M/KF0qw4nnD42itoPRuLqk
7Pc9t/YFD3yG5WPLku757lCQ3hukpP3wCN/cTSwmjawLFER7BspewyuDfI7pRrMC
0EWAPAy+1Do1e3oDHgP4zcKKQ4mYpQ96/1wj3jcU5xMTOsO+C7u7yw896cDcnOy4
LHPt00+qOqaShHvehXQJ9BG+HBcwATKUy6w/4zVjiDUFLe1r8a1N/GROtQvYg417
0XecADk4OQpv2Yh3trcTSy3Y/k0STBYKq0CVXyww6DLuvx0t0rFnSzEZLwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFN3q/kRH4Z9q0BtEjLwaotBOTb3kMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvM2VyLVJFZmhuMnJRRzBTTXZCcWkwRTVOdmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTAgBAIAATAaAwQElRRgAwQC
1fjEMAwDBALV+OQDBAPV+PAwSQQCAAIwQwMGByoBBhiAAwYBKgEGHBADBgAqAQYc
GQMGACoBBhwdMBADBgAqAQYcHwMGASoBBhwgAwYAKgEGHC8DBwAqAQYc//8wDQYJ
KoZIhvcNAQELBQADggEBAAQdHQhqxEl+J6Vg2U2yDTHv/j9X9NkusWDMxejYel7Q
zT7sLCEMn4idQPb7YoiM9dFVQmFiRkrTAjicYH0tmdKy4Mmd3a/waQjzWqqAGM4H
B+ytxjUAoLixKS9BGEA1N1oFqTogB+HkloQYpBeGn5i4EFXi2VdaV0fWZQgMzMQt
jWau3lCVz8Vt3Gb9S6wLxIPAKcSABpuz7MP/o76fa/EBAbudN0m92nk3+I2nub+N
hb5+Na7qlTutGT6PC/WhPoj670fQR1mhXtrDtnK3utrwqZDB4Vhnciutp1GOPY70
MjscaOOKMWRNohmAlwGZjRQK1EzZkIifLVWaWf1Xw9I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org