Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/8yFTnmorJEhyUDQqXPTAjDGK6Rw.roa
File: 8yFTnmorJEhyUDQqXPTAjDGK6Rw.roa (raw, json)
Hash identifier: H/E01PwIw7Mzu7WLylkZmTuedwRa2o+/gRha4U6UV8I=
Subject key identifier: F3:21:53:9E:6A:2B:24:48:72:50:34:2A:5C:F4:C0:8C:31:8A:E9:1C
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018CCA994D62C5EF64E170FB6AD098EEC5CB
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/8yFTnmorJEhyUDQqXPTAjDGK6Rw.roa
Signing time: Tue 02 Jan 2024 14:34:53 +0000
ROA not before: Tue 02 Jan 2024 14:34:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43519
IP address blocks: 213.248.203.0/24 maxlen: 24
213.248.202.0/24 maxlen: 24
213.248.201.0/24 maxlen: 24
213.248.200.0/24 maxlen: 24
213.248.206.0/24 maxlen: 24
213.248.205.0/24 maxlen: 24
213.248.204.0/24 maxlen: 24
213.248.207.0/24 maxlen: 24
213.248.216.0/24 maxlen: 24
213.248.219.0/24 maxlen: 24
213.248.218.0/24 maxlen: 24
213.248.217.0/24 maxlen: 24
213.248.220.0/24 maxlen: 24
213.248.223.0/24 maxlen: 24
213.248.222.0/24 maxlen: 24
213.248.221.0/24 maxlen: 24
213.248.254.0/24 maxlen: 24
2a01:61e:fffd::/48 maxlen: 48
2a01:61e:2::/48 maxlen: 48
2a01:61e:4::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
2a01:61e:5::/48 maxlen: 48
2a01:618:407::/48 maxlen: 48
2a01:618:402::/48 maxlen: 48
2a01:618:405::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:61e:3::/48 maxlen: 48
2a01:61e:fffe::/48 maxlen: 48
2a01:61e:ffff::/48 maxlen: 48
2a01:61e:1::/48 maxlen: 48
2a01:618:406::/48 maxlen: 48
2a01:61e:fffc::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:61e:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jan 2024 09:48:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:4d:62:c5:ef:64:e1:70:fb:6a:d0:98:ee:c5:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Jan 2 14:34:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f321539e6a2b24487250342a5cf4c08c318ae91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:74:dc:78:b1:77:95:31:91:4a:68:08:74:a0:
c9:b8:ba:63:b5:3c:69:86:69:8e:e2:4d:e1:42:50:
2c:e8:2e:f7:3d:b2:3b:87:9f:e6:bf:66:b8:64:8d:
a9:40:e5:4c:a8:8d:ef:af:3f:3a:6c:c5:fe:73:35:
91:d2:42:4a:d2:a0:d8:6f:c8:8f:9b:6f:cb:9e:be:
df:ee:82:e1:5d:73:0d:3e:a6:1f:9e:91:11:61:a2:
44:7b:ef:26:f9:ed:77:b1:89:e9:5c:4b:22:c9:77:
0c:8a:33:f7:ec:15:cb:9c:e4:38:34:26:e1:93:65:
d2:40:cc:23:87:15:32:99:79:57:50:8d:82:06:58:
8b:5c:d3:04:2e:03:9b:49:53:01:8f:cd:bf:0c:fc:
db:70:f7:f7:4e:99:53:e2:7d:ae:1d:29:6c:0f:8a:
d8:fa:7c:6a:27:bc:2b:b5:c5:25:40:a8:8b:a3:12:
42:09:6b:ae:11:cc:b2:a5:9d:c2:7e:25:bf:54:33:
5a:5e:65:bb:b0:35:84:ce:fd:5c:a3:26:42:9a:a4:
03:a1:ca:47:e5:b2:30:79:9c:56:20:ef:bb:72:df:
c5:f0:90:ef:3e:b3:b0:d6:75:48:0c:d3:5a:93:d1:
03:de:09:d6:38:b7:8c:cb:b2:7f:94:c0:a5:2e:e9:
bb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:21:53:9E:6A:2B:24:48:72:50:34:2A:5C:F4:C0:8C:31:8A:E9:1C
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/8yFTnmorJEhyUDQqXPTAjDGK6Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.200.0/21
213.248.216.0/21
213.248.254.0/24
IPv6:
2a01:618:400::/45
2a01:61e:1::-2a01:61e:6:ffff:ffff:ffff:ffff:ffff
2a01:61e:fffc::/46
Signature Algorithm: sha256WithRSAEncryption
a4:8b:e6:f2:5c:2c:49:4e:c0:43:28:91:9f:ce:c0:de:05:21:
a7:38:8e:27:b0:77:ac:84:3a:13:16:f7:e1:df:d4:3c:60:f6:
3a:e7:3f:a9:29:c9:c8:25:01:91:f4:a4:e9:54:29:42:e5:a7:
70:50:67:e3:59:4d:08:6b:d2:11:fc:61:cc:ff:d0:e7:8f:84:
ed:3b:a5:83:a7:4a:6a:4e:b9:54:53:a5:0b:f2:6e:a8:07:1b:
66:94:ed:49:05:2c:5c:90:66:9c:d9:e1:ad:1f:70:91:9f:b3:
06:fa:f5:63:ac:af:89:c8:1e:07:16:0f:53:31:23:fb:db:4d:
74:ab:d9:3d:04:fd:e3:ec:f1:e0:62:5b:d7:85:87:e3:d8:5c:
d7:cc:00:86:94:ce:28:06:07:79:21:b9:b7:bf:21:03:4a:c4:
3e:9a:37:3f:82:6b:dd:d2:59:0b:43:de:b8:84:82:49:47:cc:
8f:55:bf:bf:6b:17:ec:24:34:c6:0f:2c:40:78:c1:22:f4:28:
6d:84:73:d6:d6:45:c1:b9:82:0e:3b:c3:ed:a6:21:6f:7e:a2:
0b:4f:14:0f:1b:47:da:2d:cf:42:3f:8d:c8:61:e2:d0:e2:d4:
e1:11:4e:5c:1e:a6:b9:12:88:bc:aa:6a:a4:c9:82:c1:a4:63:
b9:53:73:63
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzKmU1ixe9k4XD7atCY7sXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjQwMTAyMTQzNDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzIxNTM5ZTZhMmIyNDQ4NzI1MDM0MmE1Y2Y0YzA4YzMxOGFlOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3TceLF3lTGRSmgIdKDJuLpjtTxp
hmmO4k3hQlAs6C73PbI7h5/mv2a4ZI2pQOVMqI3vrz86bMX+czWR0kJK0qDYb8iP
m2/Lnr7f7oLhXXMNPqYfnpERYaJEe+8m+e13sYnpXEsiyXcMijP37BXLnOQ4NCbh
k2XSQMwjhxUymXlXUI2CBliLXNMELgObSVMBj82/DPzbcPf3TplT4n2uHSlsD4rY
+nxqJ7wrtcUlQKiLoxJCCWuuEcyypZ3CfiW/VDNaXmW7sDWEzv1coyZCmqQDocpH
5bIweZxWIO+7ct/F8JDvPrOw1nVIDNNak9ED3gnWOLeMy7J/lMClLum72QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPMhU55qKyRIclA0Klz0wIwxiukcMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvOHlGVG5tb3JKRWh5VURRcVhQVEFqREdLNlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAYBAIAATASAwQD1fjIAwQD
1fjYAwQA1fj+MCwEAgACMCYDBwMqAQYYBAAwEgMHACoBBh4AAQMHACoBBh4ABgMH
AioBBh7//DANBgkqhkiG9w0BAQsFAAOCAQEApIvm8lwsSU7AQyiRn87A3gUhpziO
J7B3rIQ6Exb34d/UPGD2Ouc/qSnJyCUBkfSk6VQpQuWncFBn41lNCGvSEfxhzP/Q
54+E7Tulg6dKak65VFOlC/JuqAcbZpTtSQUsXJBmnNnhrR9wkZ+zBvr1Y6yvicge
BxYPUzEj+9tNdKvZPQT94+zx4GJb14WH49hc18wAhpTOKAYHeSG5t78hA0rEPpo3
P4Jr3dJZC0PeuISCSUfMj1W/v2sX7CQ0xg8sQHjBIvQobYRz1tZFwbmCDjvD7aYh
b36iC08UDxtH2i3PQj+NyGHi0OLU4RFOXB6muRKIvKpqpMmCwaRjuVNzYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org