Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/LQnGpRNag6cl4W2hfB6Mh48csJE.roa
File: LQnGpRNag6cl4W2hfB6Mh48csJE.roa (raw, json)
Hash identifier: D2mrGEcqxTjwv3xHvLBiT1jjp3AnwpFSFbWsbQMkoBQ=
Subject key identifier: 2D:09:C6:A5:13:5A:83:A7:25:E1:6D:A1:7C:1E:8C:87:8F:1C:B0:91
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018AF53F77AC6B5C37FA51558CA795B24CBA
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/LQnGpRNag6cl4W2hfB6Mh48csJE.roa
Signing time: Tue 03 Oct 2023 11:14:51 +0000
ROA not before: Tue 03 Oct 2023 11:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8683
IP address blocks: 149.20.108.0/22 maxlen: 22
213.248.198.0/23 maxlen: 23
213.248.196.0/23 maxlen: 23
149.20.96.0/22 maxlen: 22
149.20.104.0/22 maxlen: 22
149.20.100.0/22 maxlen: 22
213.248.232.0/21 maxlen: 21
213.248.230.0/23 maxlen: 23
213.248.228.0/23 maxlen: 23
213.248.240.0/21 maxlen: 21
213.248.249.0/24 maxlen: 24
213.248.252.0/23 maxlen: 23
2a01:61c:1d00::/40 maxlen: 40
2a01:61c:1900::/40 maxlen: 40
2a01:61c:1000::/40 maxlen: 40
2a01:61c:1100::/40 maxlen: 40
2a01:61c:2000::/40 maxlen: 40
2a01:61c:2f00::/40 maxlen: 40
2a01:61c:2100::/40 maxlen: 40
2a01:61c:1f00::/40 maxlen: 40
2a01:618:8000::/33 maxlen: 33
2a01:618:8000::/40 maxlen: 40
2a01:61c:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:3f:77:ac:6b:5c:37:fa:51:55:8c:a7:95:b2:4c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Oct 3 11:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d09c6a5135a83a725e16da17c1e8c878f1cb091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:68:30:15:bd:b0:79:63:48:58:9b:9a:89:14:
a8:4c:50:e2:6d:c9:a5:d4:ee:03:d2:8f:f3:46:67:
bb:c9:1e:65:ac:09:07:0f:b2:36:5b:8c:55:69:2e:
39:bb:60:c8:a9:4e:e9:55:33:26:0f:74:31:fb:f3:
19:dd:28:f3:f1:25:b7:da:15:df:ad:fa:f0:3e:04:
6d:8c:de:93:bf:d8:14:1b:20:76:48:28:04:4d:01:
c6:ef:ef:0e:2e:39:82:95:46:9c:19:47:1f:d8:03:
f9:d6:af:3e:ee:60:98:4f:1d:47:f7:7c:17:8b:4c:
14:d6:c6:9b:6d:45:f6:dc:15:47:14:43:0d:1b:6d:
26:53:a6:a0:91:b7:dd:7e:f9:81:d5:36:85:6c:1b:
a2:d5:68:26:c4:3d:10:91:28:ea:07:e1:75:3b:25:
2a:b3:a1:d9:70:5c:76:40:87:0e:55:cf:83:96:d3:
2d:15:3b:6b:1a:86:e4:75:3e:46:3f:de:91:36:28:
96:d3:c5:0d:99:55:b8:f7:d5:e7:79:77:e1:c6:ed:
89:e9:40:39:a5:fa:6e:69:1b:90:e1:38:a4:85:72:
c1:fa:91:a4:b7:7a:eb:14:fb:92:a1:4b:ff:b7:33:
89:27:f8:81:11:fc:ba:f9:87:c2:3a:25:aa:5c:12:
c6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:09:C6:A5:13:5A:83:A7:25:E1:6D:A1:7C:1E:8C:87:8F:1C:B0:91
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/LQnGpRNag6cl4W2hfB6Mh48csJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.96.0/20
213.248.196.0/22
213.248.228.0-213.248.247.255
213.248.249.0/24
213.248.252.0/23
IPv6:
2a01:618:8000::/33
2a01:61c:1000::/39
2a01:61c:1900::/40
2a01:61c:1d00::/40
2a01:61c:1f00::-2a01:61c:21ff:ffff:ffff:ffff:ffff:ffff
2a01:61c:2f00::/40
2a01:61c:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
17:e8:b6:15:31:86:48:8b:b2:d5:80:c4:7c:a7:5f:7b:ce:61:
6f:ea:75:c2:5c:4e:24:83:90:6a:10:0f:45:8f:00:f3:3b:5b:
c8:8f:a9:20:75:f1:6e:86:a9:24:51:9d:b9:a7:0e:a5:fb:74:
e1:8b:e8:bf:e9:f6:76:a3:1f:c4:35:30:45:e5:df:17:5b:6a:
8b:48:5e:27:68:9f:27:82:51:4f:fa:7d:46:7c:3a:63:ed:b1:
21:74:8d:12:e6:32:3f:73:61:8f:13:86:5b:4e:0f:55:8e:00:
94:a9:fc:d5:a9:a8:81:85:24:f1:02:2e:14:2b:a3:4b:22:5e:
dd:55:bc:04:61:4d:01:41:02:cd:6c:cf:32:dd:7e:65:20:99:
25:59:97:d2:d2:12:f2:30:8a:d5:02:20:4f:7c:da:cd:b2:9d:
29:9a:c2:b3:f6:d4:9b:90:47:a7:b2:e5:39:87:78:be:8d:52:
49:52:c4:72:54:f4:50:71:d4:c5:b7:c2:57:f2:58:02:b2:77:
70:2d:53:41:7b:27:f7:54:df:ac:f4:d1:d4:fa:4a:db:a9:2c:
4a:bc:05:17:23:f8:24:4b:a8:7b:3f:b1:bc:53:57:47:a7:16:
b3:88:b4:87:fe:91:0d:3f:d7:80:ba:3e:d2:78:98:58:e8:2a:
39:64:ad:7a
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYr1P3esa1w3+lFVjKeVsky6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMxMDAzMTExNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDA5YzZhNTEzNWE4M2E3MjVlMTZkYTE3YzFlOGM4NzhmMWNiMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGgwFb2weWNIWJuaiRSoTFDibcml
1O4D0o/zRme7yR5lrAkHD7I2W4xVaS45u2DIqU7pVTMmD3Qx+/MZ3Sjz8SW32hXf
rfrwPgRtjN6Tv9gUGyB2SCgETQHG7+8OLjmClUacGUcf2AP51q8+7mCYTx1H93wX
i0wU1sabbUX23BVHFEMNG20mU6agkbfdfvmB1TaFbBui1WgmxD0QkSjqB+F1OyUq
s6HZcFx2QIcOVc+DltMtFTtrGobkdT5GP96RNiiW08UNmVW499XneXfhxu2J6UA5
pfpuaRuQ4TikhXLB+pGkt3rrFPuSoUv/tzOJJ/iBEfy6+YfCOiWqXBLGZwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFC0JxqUTWoOnJeFtoXwejIePHLCRMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvTFFuR3BSTmFnNmNsNFcyaGZCNk1oNDhjc0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwLAQCAAEwJgMEBJUUYAME
AtX4xDAMAwQC1fjkAwQD1fjwAwQA1fj5AwQB1fj8MEkEAgACMEMDBgcqAQYYgAMG
ASoBBhwQAwYAKgEGHBkDBgAqAQYcHTAQAwYAKgEGHB8DBgEqAQYcIAMGACoBBhwv
AwcAKgEGHP//MA0GCSqGSIb3DQEBCwUAA4IBAQAX6LYVMYZIi7LVgMR8p197zmFv
6nXCXE4kg5BqEA9FjwDzO1vIj6kgdfFuhqkkUZ25pw6l+3Thi+i/6fZ2ox/ENTBF
5d8XW2qLSF4naJ8nglFP+n1GfDpj7bEhdI0S5jI/c2GPE4ZbTg9VjgCUqfzVqaiB
hSTxAi4UK6NLIl7dVbwEYU0BQQLNbM8y3X5lIJklWZfS0hLyMIrVAiBPfNrNsp0p
msKz9tSbkEensuU5h3i+jVJJUsRyVPRQcdTFt8JX8lgCsndwLVNBeyf3VN+s9NHU
+krbqSxKvAUXI/gkS6h7P7G8U1dHpxaziLSH/pENP9eAuj7SeJhY6Co5ZK16
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org