Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/88m5kt9tmss6UaZeD571c-TvE3I.roa
File: 88m5kt9tmss6UaZeD571c-TvE3I.roa (raw, json)
Hash identifier: FYMwnmY1JVNsBzEyTrn4yZvxJf1o1evVYBYD43pu2Zg=
Subject key identifier: F3:C9:B9:92:DF:6D:9A:CB:3A:51:A6:5E:0F:9E:F5:73:E4:EF:13:72
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018ADAD06D2E079923377A337EA6E4A8E7F1
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/88m5kt9tmss6UaZeD571c-TvE3I.roa
Signing time: Thu 28 Sep 2023 08:03:27 +0000
ROA not before: Thu 28 Sep 2023 08:03:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43519
IP address blocks: 213.248.216.0/24 maxlen: 24
213.248.219.0/24 maxlen: 24
213.248.218.0/24 maxlen: 24
213.248.217.0/24 maxlen: 24
213.248.220.0/24 maxlen: 24
213.248.222.0/24 maxlen: 24
213.248.221.0/24 maxlen: 24
213.248.254.0/24 maxlen: 24
2a01:618:405::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
2a01:618:407::/48 maxlen: 48
2a01:618:402::/48 maxlen: 48
2a01:618:406::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:d0:6d:2e:07:99:23:37:7a:33:7e:a6:e4:a8:e7:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 28 08:03:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3c9b992df6d9acb3a51a65e0f9ef573e4ef1372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:da:eb:a2:51:5b:34:d4:87:ef:91:1a:f3:b3:
cc:a6:fc:77:7e:28:41:b5:d2:8e:14:9f:3a:f7:e2:
0d:7f:fb:c3:22:b7:3f:f9:cc:33:44:40:ec:c3:52:
fb:98:47:02:13:e8:74:9d:b4:33:27:4d:3c:c9:dc:
d2:28:53:90:04:09:1b:81:4c:9a:0f:b9:9f:6d:a0:
4f:e8:a6:bb:6f:78:6a:b3:54:c3:27:2f:12:fd:dc:
5f:24:dd:23:b5:c5:4d:83:f7:c8:d3:62:e0:99:7f:
0c:1f:f1:dc:77:6d:2c:67:93:16:7b:67:f6:84:10:
7f:22:df:ea:a0:dc:ce:fc:e1:a2:01:ea:13:e4:8c:
41:37:60:06:8f:dc:84:f4:cb:71:83:b1:dd:8a:a8:
41:db:da:db:86:dc:21:6e:7f:6e:5c:89:e6:70:a6:
6b:2b:c1:c6:e7:29:24:b2:0d:a2:69:18:f2:a0:e9:
40:68:3e:ee:d0:3b:a0:4e:62:3d:72:b0:c1:48:28:
c3:eb:32:67:06:e6:86:8c:59:60:09:c8:a6:98:0d:
74:50:fd:45:f0:21:46:d2:ce:62:c4:04:4f:3e:f1:
0a:d6:42:db:5f:53:7f:10:d6:3f:04:06:25:81:94:
7f:7f:65:b0:9f:63:a0:6a:ed:58:5e:53:98:37:c3:
cd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C9:B9:92:DF:6D:9A:CB:3A:51:A6:5E:0F:9E:F5:73:E4:EF:13:72
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/88m5kt9tmss6UaZeD571c-TvE3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.216.0-213.248.222.255
213.248.254.0/24
IPv6:
2a01:618:400::/45
Signature Algorithm: sha256WithRSAEncryption
08:6d:4d:07:bc:a0:cb:46:1b:18:47:36:d0:15:97:bd:91:9e:
90:8f:53:ee:39:bb:65:24:32:b2:b6:e3:af:13:a1:7d:39:02:
73:52:b2:8f:e1:02:16:63:fc:1b:bd:9c:64:79:c6:a7:79:43:
e7:fd:8a:3c:b1:93:cd:ca:67:a8:51:46:5f:c6:b5:23:8c:f1:
c6:ab:5f:c0:2a:01:da:ec:5a:03:35:0f:a5:7f:89:6c:cc:a6:
8d:eb:33:69:b6:35:35:2a:d4:6b:51:ea:4f:ae:c8:67:80:1e:
24:c6:64:e4:fb:98:52:46:10:35:dc:54:05:a3:14:aa:97:0a:
f8:65:67:e9:f6:f3:68:a1:59:75:06:09:60:78:4e:b8:d7:d2:
b7:e8:58:0b:0c:33:a5:af:dd:34:d6:ec:3a:ac:1a:8e:9c:68:
86:38:e2:43:91:10:f7:0c:89:1e:72:66:f0:50:5b:dd:dd:f1:
9e:82:1e:70:a7:14:09:b8:00:f9:22:0d:ea:89:7e:43:c8:d6:
38:a8:91:6d:16:b3:f5:03:4a:77:84:54:f2:7f:c6:38:e5:65:
ab:41:0c:61:9d:f0:81:fd:01:81:27:f7:5a:d7:94:1f:07:e4:
54:f2:96:cb:f5:20:17:12:b2:bc:92:a1:97:81:6b:04:6a:28:
d5:c5:ae:cd
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYra0G0uB5kjN3ozfqbkqOfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTI4MDgwMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2M5Yjk5MmRmNmQ5YWNiM2E1MWE2NWUwZjllZjU3M2U0ZWYxMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtrrolFbNNSH75Ea87PMpvx3fihB
tdKOFJ869+INf/vDIrc/+cwzREDsw1L7mEcCE+h0nbQzJ008ydzSKFOQBAkbgUya
D7mfbaBP6Ka7b3hqs1TDJy8S/dxfJN0jtcVNg/fI02LgmX8MH/Hcd20sZ5MWe2f2
hBB/It/qoNzO/OGiAeoT5IxBN2AGj9yE9Mtxg7HdiqhB29rbhtwhbn9uXInmcKZr
K8HG5ykksg2iaRjyoOlAaD7u0DugTmI9crDBSCjD6zJnBuaGjFlgCcimmA10UP1F
8CFG0s5ixARPPvEK1kLbX1N/ENY/BAYlgZR/f2Wwn2Ogau1YXlOYN8PNwwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPPJuZLfbZrLOlGmXg+e9XPk7xNyMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvODhtNWt0OXRtc3M2VWFaZUQ1NzFjLVR2RTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAPV+NgD
BADV+N4DBADV+P4wDwQCAAIwCQMHAyoBBhgEADANBgkqhkiG9w0BAQsFAAOCAQEA
CG1NB7ygy0YbGEc20BWXvZGekI9T7jm7ZSQysrbjrxOhfTkCc1Kyj+ECFmP8G72c
ZHnGp3lD5/2KPLGTzcpnqFFGX8a1I4zxxqtfwCoB2uxaAzUPpX+JbMymjeszabY1
NSrUa1HqT67IZ4AeJMZk5PuYUkYQNdxUBaMUqpcK+GVn6fbzaKFZdQYJYHhOuNfS
t+hYCwwzpa/dNNbsOqwajpxohjjiQ5EQ9wyJHnJm8FBb3d3xnoIecKcUCbgA+SIN
6ol+Q8jWOKiRbRaz9QNKd4RU8n/GOOVlq0EMYZ3wgf0BgSf3WteUHwfkVPKWy/Ug
FxKyvJKhl4FrBGoo1cWuzQ==
-----END CERTIFICATE-----
Generated at Thu Sep 28 11:46:38 2023 by rpki-client on console-fra.rpki-client.org