Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/H_bmtIkH_CM0DjGY-NtyYofTwwM.roa
File: H_bmtIkH_CM0DjGY-NtyYofTwwM.roa (raw, json)
Hash identifier: cAHVi+E6aS7Ieg+Lhfay9JqN28mdpOJaHM1xmXvrL8E=
Subject key identifier: 1F:F6:E6:B4:89:07:FC:23:34:0E:31:98:F8:DB:72:62:87:D3:C3:03
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018CCA994D1E2D3EDE2DA7D936091DB0E3C5
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/H_bmtIkH_CM0DjGY-NtyYofTwwM.roa
Signing time: Tue 02 Jan 2024 14:34:53 +0000
ROA not before: Tue 02 Jan 2024 14:34:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8683
IP address blocks: 149.20.108.0/22 maxlen: 22
213.248.198.0/23 maxlen: 23
213.248.196.0/23 maxlen: 23
149.20.96.0/22 maxlen: 22
149.20.104.0/22 maxlen: 22
149.20.100.0/22 maxlen: 22
213.248.232.0/21 maxlen: 21
213.248.230.0/23 maxlen: 23
213.248.228.0/23 maxlen: 23
213.248.240.0/21 maxlen: 21
213.248.249.0/24 maxlen: 24
213.248.252.0/23 maxlen: 23
2a01:61c:1d00::/40 maxlen: 40
2a01:61c:1900::/40 maxlen: 40
2a01:61c:1000::/40 maxlen: 40
2a01:61c:1100::/40 maxlen: 40
2a01:61c:2000::/40 maxlen: 40
2a01:61c:2f00::/40 maxlen: 40
2a01:61c:2100::/40 maxlen: 40
2a01:61c:1f00::/40 maxlen: 40
2a01:618:8000::/33 maxlen: 33
2a01:618:8000::/40 maxlen: 40
2a01:61c:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Apr 2024 13:08:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:4d:1e:2d:3e:de:2d:a7:d9:36:09:1d:b0:e3:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Jan 2 14:34:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ff6e6b48907fc23340e3198f8db726287d3c303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d1:34:6d:72:aa:7c:86:07:de:31:65:45:be:
d3:0e:49:40:5f:8b:53:67:8e:47:cd:e1:c2:1b:fd:
60:b4:68:db:43:f5:d3:45:18:c7:e6:ec:d5:ae:5a:
68:d4:0f:9d:b7:88:03:c0:41:37:2d:d7:18:c0:7f:
7c:c7:f3:cd:11:c6:ce:13:8f:fc:8c:ce:02:dc:c5:
67:8c:61:07:6f:c1:6d:c3:67:46:8a:f5:f0:fb:6f:
16:69:4b:be:a7:6a:87:be:70:03:18:63:c6:9c:bc:
bf:34:c0:15:e7:e8:30:14:c5:e9:f2:89:45:fb:18:
86:00:79:d4:21:5b:c4:17:e0:6c:08:23:8b:42:f5:
62:b3:f6:f8:1d:c6:ed:d0:a1:b2:5d:ff:a3:68:5b:
6c:dd:e7:1e:a8:e1:d0:d9:34:75:85:e3:b9:31:40:
29:8f:ef:d7:96:59:c0:d0:39:6c:66:52:dd:90:8a:
99:d5:e2:37:c3:cc:49:eb:12:1d:a9:2c:1b:72:18:
0a:4f:ca:ec:ad:22:3a:e9:0d:e9:62:f2:46:d8:ea:
a9:f1:26:3d:63:57:1a:b5:f3:c0:f0:03:32:cf:63:
98:52:4d:27:86:f5:56:be:2d:e9:d1:83:ab:0b:d7:
bd:32:70:19:3e:de:c6:c7:2b:8e:c1:6b:ce:c2:a0:
ce:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F6:E6:B4:89:07:FC:23:34:0E:31:98:F8:DB:72:62:87:D3:C3:03
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/H_bmtIkH_CM0DjGY-NtyYofTwwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.96.0/20
213.248.196.0/22
213.248.228.0-213.248.247.255
213.248.249.0/24
213.248.252.0/23
IPv6:
2a01:618:8000::/33
2a01:61c:1000::/39
2a01:61c:1900::/40
2a01:61c:1d00::/40
2a01:61c:1f00::-2a01:61c:21ff:ffff:ffff:ffff:ffff:ffff
2a01:61c:2f00::/40
2a01:61c:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
1a:47:5f:86:df:a2:fd:92:c5:4f:80:dd:af:92:9a:89:8e:3a:
ce:04:cb:79:6e:f8:cd:b4:86:8c:2a:54:45:a6:7a:0a:1b:c0:
e5:61:ee:ce:aa:1c:9f:17:dc:5e:95:8d:11:df:b0:65:8b:06:
e7:90:b6:e1:8f:6c:c8:56:38:44:8e:51:f3:0a:44:f2:cd:b9:
b5:2a:2d:b2:ee:a9:83:cb:55:be:a4:9e:0e:c2:1f:7c:f8:5f:
19:67:8e:18:d9:22:0e:12:02:21:77:6d:58:d1:7d:5f:7f:ed:
a7:38:45:aa:0e:76:72:5f:7e:62:36:40:c0:47:45:2d:32:34:
8a:cb:e4:5e:d0:a0:df:2d:8f:fa:e3:66:ac:7d:0a:e6:ad:26:
eb:ac:37:cc:a1:51:d5:51:17:3f:96:ad:69:d9:51:6c:2d:85:
d1:c8:9f:4c:5a:43:28:6c:84:91:ee:a2:d3:e0:9a:2d:f3:5d:
20:f6:44:76:a1:93:d3:08:04:2f:21:3b:d7:d8:fc:90:94:9d:
e5:5a:cb:4b:00:69:30:cf:15:16:14:3d:d1:ad:2c:eb:3c:9a:
0c:ab:56:fd:5a:90:3d:8a:bb:36:4c:7a:a9:48:de:34:e3:ac:
5a:5a:d6:72:ac:e7:fa:7d:d7:54:09:cc:c5:c4:8c:19:ec:37:
7c:66:e1:55
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYzKmU0eLT7eLafZNgkdsOPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjQwMTAyMTQzNDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmY2ZTZiNDg5MDdmYzIzMzQwZTMxOThmOGRiNzI2Mjg3ZDNjMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNE0bXKqfIYH3jFlRb7TDklAX4tT
Z45HzeHCG/1gtGjbQ/XTRRjH5uzVrlpo1A+dt4gDwEE3LdcYwH98x/PNEcbOE4/8
jM4C3MVnjGEHb8Ftw2dGivXw+28WaUu+p2qHvnADGGPGnLy/NMAV5+gwFMXp8olF
+xiGAHnUIVvEF+BsCCOLQvVis/b4Hcbt0KGyXf+jaFts3eceqOHQ2TR1heO5MUAp
j+/XllnA0DlsZlLdkIqZ1eI3w8xJ6xIdqSwbchgKT8rsrSI66Q3pYvJG2Oqp8SY9
Y1catfPA8AMyz2OYUk0nhvVWvi3p0YOrC9e9MnAZPt7GxyuOwWvOwqDOqQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFB/25rSJB/wjNA4xmPjbcmKH08MDMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvSF9ibXRJa0hfQ00wRGpHWS1OdHlZb2ZUd3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwLAQCAAEwJgMEBJUUYAME
AtX4xDAMAwQC1fjkAwQD1fjwAwQA1fj5AwQB1fj8MEkEAgACMEMDBgcqAQYYgAMG
ASoBBhwQAwYAKgEGHBkDBgAqAQYcHTAQAwYAKgEGHB8DBgEqAQYcIAMGACoBBhwv
AwcAKgEGHP//MA0GCSqGSIb3DQEBCwUAA4IBAQAaR1+G36L9ksVPgN2vkpqJjjrO
BMt5bvjNtIaMKlRFpnoKG8DlYe7OqhyfF9xelY0R37BliwbnkLbhj2zIVjhEjlHz
CkTyzbm1Ki2y7qmDy1W+pJ4Owh98+F8ZZ44Y2SIOEgIhd21Y0X1ff+2nOEWqDnZy
X35iNkDAR0UtMjSKy+Re0KDfLY/642asfQrmrSbrrDfMoVHVURc/lq1p2VFsLYXR
yJ9MWkMobISR7qLT4Jot810g9kR2oZPTCAQvITvX2PyQlJ3lWstLAGkwzxUWFD3R
rSzrPJoMq1b9WpA9irs2THqpSN4046xaWtZyrOf6fddUCczFxIwZ7Dd8ZuFV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org