Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/KL8KxR66R_zNNIU8Sfm_qBgXx98.roa
File: KL8KxR66R_zNNIU8Sfm_qBgXx98.roa (raw, json)
Hash identifier: KtygJ4Y1ZFAqUA+1OVRee5jkQvgqz7jBFN0ryIkmLgo=
Subject key identifier: 28:BF:0A:C5:1E:BA:47:FC:CD:34:85:3C:49:F9:BF:A8:18:17:C7:DF
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018C8288B3C0BB4BEA68CADC40F895691BFB
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/KL8KxR66R_zNNIU8Sfm_qBgXx98.roa
Signing time: Tue 19 Dec 2023 14:44:06 +0000
ROA not before: Tue 19 Dec 2023 14:44:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43519
IP address blocks: 213.248.203.0/24 maxlen: 24
213.248.202.0/24 maxlen: 24
213.248.201.0/24 maxlen: 24
213.248.200.0/24 maxlen: 24
213.248.206.0/24 maxlen: 24
213.248.205.0/24 maxlen: 24
213.248.204.0/24 maxlen: 24
213.248.207.0/24 maxlen: 24
213.248.216.0/24 maxlen: 24
213.248.219.0/24 maxlen: 24
213.248.218.0/24 maxlen: 24
213.248.217.0/24 maxlen: 24
213.248.220.0/24 maxlen: 24
213.248.223.0/24 maxlen: 24
213.248.222.0/24 maxlen: 24
213.248.221.0/24 maxlen: 24
213.248.254.0/24 maxlen: 24
2a01:61e:fffd::/48 maxlen: 48
2a01:61e:2::/48 maxlen: 48
2a01:61e:4::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
2a01:61e:5::/48 maxlen: 48
2a01:618:407::/48 maxlen: 48
2a01:618:402::/48 maxlen: 48
2a01:618:405::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:61e:3::/48 maxlen: 48
2a01:61e:fffe::/48 maxlen: 48
2a01:61e:ffff::/48 maxlen: 48
2a01:61e:1::/48 maxlen: 48
2a01:618:406::/48 maxlen: 48
2a01:61e:fffc::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:61e:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:88:b3:c0:bb:4b:ea:68:ca:dc:40:f8:95:69:1b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Dec 19 14:44:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28bf0ac51eba47fccd34853c49f9bfa81817c7df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fd:36:76:79:34:8e:0d:78:24:85:64:82:5f:
4d:92:0f:f3:3d:c3:23:84:9b:db:69:05:1e:46:b7:
42:b4:03:86:44:a9:fe:3a:4e:6f:29:b7:7c:f1:24:
d1:d5:da:7b:76:cf:d0:be:78:a4:f6:27:3a:ec:d0:
d0:1f:16:ba:7c:92:c1:e9:08:76:80:8a:ba:fe:05:
c0:7a:e3:2d:02:32:53:0d:4c:0c:94:4f:83:62:0f:
24:9e:23:88:30:67:5c:64:3d:06:ce:8c:46:39:df:
b6:cf:a3:f2:d6:6e:f3:09:c7:74:d4:5e:27:79:64:
b1:d5:03:5f:b6:14:9b:26:36:df:b1:09:a1:c7:40:
02:e4:9d:a8:0c:69:49:e4:46:d9:a1:cb:7c:fd:cb:
02:e1:f7:bc:9d:f4:86:a4:d7:aa:b0:c1:11:b8:12:
b4:d2:41:b2:85:d4:bd:cc:2e:e4:47:00:32:d3:bd:
cf:e5:27:23:89:6b:65:46:1f:b8:e3:a1:43:a2:01:
0e:02:2a:be:a7:b7:b5:7f:a9:31:32:f1:a3:42:3c:
4b:18:9b:c2:ce:dd:92:11:fa:fc:f9:d2:3b:52:27:
69:56:0d:af:1c:00:52:2a:1a:2a:df:e8:0a:25:09:
b3:e9:70:ae:ce:f0:07:f8:78:17:e2:4a:47:15:d7:
22:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BF:0A:C5:1E:BA:47:FC:CD:34:85:3C:49:F9:BF:A8:18:17:C7:DF
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/KL8KxR66R_zNNIU8Sfm_qBgXx98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.200.0/21
213.248.216.0/21
213.248.254.0/24
IPv6:
2a01:618:400::/45
2a01:61e:1::-2a01:61e:6:ffff:ffff:ffff:ffff:ffff
2a01:61e:fffc::/46
Signature Algorithm: sha256WithRSAEncryption
96:ee:d7:63:fd:47:82:09:8a:03:59:5b:d9:f5:cc:01:0a:b6:
be:a8:f4:43:a2:65:01:50:95:65:3d:d8:da:8d:0a:8d:19:05:
2c:2a:3c:ca:8b:87:61:23:4b:ba:b2:4d:1c:cb:5b:c9:93:12:
23:9e:a7:90:70:22:61:74:85:cb:8a:0f:db:1d:51:6d:33:49:
dc:a3:70:a4:3f:29:31:9d:43:33:b6:90:47:79:5d:c7:5f:10:
79:9d:1e:50:52:e7:e1:92:b5:9d:75:7b:51:a9:81:79:46:31:
83:e9:e9:95:d4:ad:2c:4b:c5:ef:8f:dc:3d:53:8e:5b:4c:fc:
4a:5c:d5:bc:5b:a6:a9:e9:04:04:a2:db:0b:18:ee:11:06:c9:
b3:d7:a5:fd:2d:d8:42:61:c0:23:fd:90:15:9f:49:48:f1:0a:
a0:93:f3:41:42:9a:b3:ee:15:b9:4c:15:10:32:11:ee:0a:85:
9a:7d:15:8c:fa:41:e3:4e:69:3b:88:f9:7f:b7:4c:35:a2:3f:
1d:1f:1c:91:49:e3:ed:4b:10:8c:0c:31:be:a2:a5:37:25:1c:
f6:3b:c0:dc:a3:83:1f:7e:b3:1f:05:e7:33:b3:9e:62:89:fd:
ae:a7:9a:62:9e:e7:88:49:40:f8:15:ad:2d:96:df:99:95:b3:
ff:49:8d:ae
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYyCiLPAu0vqaMrcQPiVaRv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMxMjE5MTQ0NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGJmMGFjNTFlYmE0N2ZjY2QzNDg1M2M0OWY5YmZhODE4MTdjN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/02dnk0jg14JIVkgl9Nkg/zPcMj
hJvbaQUeRrdCtAOGRKn+Ok5vKbd88STR1dp7ds/Qvnik9ic67NDQHxa6fJLB6Qh2
gIq6/gXAeuMtAjJTDUwMlE+DYg8kniOIMGdcZD0GzoxGOd+2z6Py1m7zCcd01F4n
eWSx1QNfthSbJjbfsQmhx0AC5J2oDGlJ5EbZoct8/csC4fe8nfSGpNeqsMERuBK0
0kGyhdS9zC7kRwAy073P5ScjiWtlRh+446FDogEOAiq+p7e1f6kxMvGjQjxLGJvC
zt2SEfr8+dI7UidpVg2vHABSKhoq3+gKJQmz6XCuzvAH+HgX4kpHFdciQQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCi/CsUeukf8zTSFPEn5v6gYF8ffMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvS0w4S3hSNjZSX3pOTklVOFNmbV9xQmdYeDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAYBAIAATASAwQD1fjIAwQD
1fjYAwQA1fj+MCwEAgACMCYDBwMqAQYYBAAwEgMHACoBBh4AAQMHACoBBh4ABgMH
AioBBh7//DANBgkqhkiG9w0BAQsFAAOCAQEAlu7XY/1HggmKA1lb2fXMAQq2vqj0
Q6JlAVCVZT3Y2o0KjRkFLCo8youHYSNLurJNHMtbyZMSI56nkHAiYXSFy4oP2x1R
bTNJ3KNwpD8pMZ1DM7aQR3ldx18QeZ0eUFLn4ZK1nXV7UamBeUYxg+npldStLEvF
74/cPVOOW0z8SlzVvFumqekEBKLbCxjuEQbJs9el/S3YQmHAI/2QFZ9JSPEKoJPz
QUKas+4VuUwVEDIR7gqFmn0VjPpB405pO4j5f7dMNaI/HR8ckUnj7UsQjAwxvqKl
NyUc9jvA3KODH36zHwXnM7OeYon9rqeaYp7niElA+BWtLZbfmZWz/0mNrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org