Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/QsPc1iMSeiU2ZwZxoRMXZjypQCk.roa
File: QsPc1iMSeiU2ZwZxoRMXZjypQCk.roa (raw, json)
Hash identifier: xZyOKYSggob1oDLhAYakVA4SdW+LViDvEpbYMx4by1M=
Subject key identifier: 42:C3:DC:D6:23:12:7A:25:36:67:06:71:A1:13:17:66:3C:A9:40:29
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018ACC07CAAEBA807A81D63FB1DF94F98173
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/QsPc1iMSeiU2ZwZxoRMXZjypQCk.roa
Signing time: Mon 25 Sep 2023 11:09:37 +0000
ROA not before: Mon 25 Sep 2023 11:09:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43519
IP address blocks: 213.248.254.0/24 maxlen: 24
2a01:618:407::/48 maxlen: 48
2a01:618:402::/48 maxlen: 48
2a01:618:405::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:406::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Sep 2023 12:35:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:07:ca:ae:ba:80:7a:81:d6:3f:b1:df:94:f9:81:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 25 11:09:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42c3dcd623127a2536670671a11317663ca94029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:05:41:f7:bc:d6:b5:70:fb:75:87:b7:b3:88:
37:a5:b8:28:cf:e2:fe:8e:9e:e1:1b:e5:e2:e3:f0:
95:c3:6b:a2:d1:75:84:b6:38:cc:06:76:bb:1e:d4:
17:ca:db:31:8a:96:ac:ec:89:a3:59:69:9b:ae:8a:
4b:ea:a6:1b:1a:c4:ed:54:05:bc:6b:05:63:a8:9f:
c3:76:c4:33:0e:9c:c1:17:13:9c:24:e6:52:c8:aa:
ed:cc:b6:a4:d7:50:78:f5:3e:78:bd:57:ee:95:78:
9a:e3:c4:bf:8c:05:63:57:0c:37:91:07:64:83:ad:
e9:86:c8:7e:0c:6f:48:c5:68:8a:d4:3c:27:cd:70:
5d:f0:fd:e2:ac:e7:78:6b:a0:57:ba:db:05:5b:04:
09:f8:a1:01:4a:e9:ee:f1:61:8b:72:a3:15:8d:9a:
79:93:99:47:d4:e1:7b:fd:2c:2f:5a:e9:3c:7e:66:
0d:f3:0b:98:37:cb:fd:44:56:a9:c0:90:ef:5f:1f:
ca:ac:60:50:13:b4:6d:7a:8e:6e:c2:58:7d:7b:7f:
64:3a:40:3f:45:da:02:eb:bb:8a:97:5b:96:3b:6c:
3b:0c:57:bf:40:74:38:f1:71:7a:7b:f4:8f:9d:eb:
1e:ef:c5:c4:29:8d:72:05:54:f8:17:00:aa:b3:dc:
8b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C3:DC:D6:23:12:7A:25:36:67:06:71:A1:13:17:66:3C:A9:40:29
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/QsPc1iMSeiU2ZwZxoRMXZjypQCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.254.0/24
IPv6:
2a01:618:400::/45
Signature Algorithm: sha256WithRSAEncryption
4c:cd:38:b7:89:41:07:7b:e4:d6:f0:45:a3:ce:be:b9:cd:12:
fb:f7:a3:7f:a8:7c:80:b8:98:d4:6b:5d:26:1d:15:de:f0:74:
3a:bf:4a:f1:db:66:e2:36:63:68:88:ec:8e:f6:cd:8a:79:4f:
4b:d2:56:12:fb:ec:1a:b2:21:ef:74:40:55:41:c2:cd:76:e5:
78:a7:86:89:6e:43:ef:8c:af:9c:8f:3e:5a:59:f4:29:ea:59:
7a:04:4a:07:3d:66:6b:e2:dd:9b:90:88:97:fe:ce:61:24:08:
4d:61:71:80:e0:f2:3c:d7:a4:be:69:a1:f2:02:87:59:d5:dd:
5e:87:85:a5:9e:cb:d7:1f:70:c8:6d:38:19:84:0d:74:65:70:
c5:75:c2:7c:3e:c4:5c:c8:77:21:cf:90:8e:31:59:35:5c:b1:
05:c7:ee:0b:37:97:52:c7:38:18:ad:65:08:b9:43:29:c4:5a:
64:69:be:4f:19:81:2e:b1:62:94:f0:98:7b:9a:ff:e1:c0:09:
a2:9a:44:b1:41:2f:f3:ac:95:55:03:f1:e1:f4:90:a9:3c:b1:
25:46:28:5d:f8:15:c4:d6:4f:d9:a6:86:26:9e:69:9c:2c:0a:
0b:f3:af:77:4d:e0:1b:31:14:84:a9:a9:cc:ef:88:df:d4:2f:
34:c1:cd:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrMB8quuoB6gdY/sd+U+YFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTI1MTEwOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmMzZGNkNjIzMTI3YTI1MzY2NzA2NzFhMTEzMTc2NjNjYTk0MDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQVB97zWtXD7dYe3s4g3pbgoz+L+
jp7hG+Xi4/CVw2ui0XWEtjjMBna7HtQXytsxipas7ImjWWmbropL6qYbGsTtVAW8
awVjqJ/DdsQzDpzBFxOcJOZSyKrtzLak11B49T54vVfulXia48S/jAVjVww3kQdk
g63phsh+DG9IxWiK1DwnzXBd8P3irOd4a6BXutsFWwQJ+KEBSunu8WGLcqMVjZp5
k5lH1OF7/SwvWuk8fmYN8wuYN8v9RFapwJDvXx/KrGBQE7Rteo5uwlh9e39kOkA/
RdoC67uKl1uWO2w7DFe/QHQ48XF6e/SPnese78XEKY1yBVT4FwCqs9yLMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFELD3NYjEnolNmcGcaETF2Y8qUApMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvUXNQYzFpTVNlaVUyWndaeG9STVhaanlwUUNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1fj+MA8E
AgACMAkDBwMqAQYYBAAwDQYJKoZIhvcNAQELBQADggEBAEzNOLeJQQd75NbwRaPO
vrnNEvv3o3+ofIC4mNRrXSYdFd7wdDq/SvHbZuI2Y2iI7I72zYp5T0vSVhL77Bqy
Ie90QFVBws125XinholuQ++Mr5yPPlpZ9CnqWXoESgc9Zmvi3ZuQiJf+zmEkCE1h
cYDg8jzXpL5pofICh1nV3V6HhaWey9cfcMhtOBmEDXRlcMV1wnw+xFzIdyHPkI4x
WTVcsQXH7gs3l1LHOBitZQi5QynEWmRpvk8ZgS6xYpTwmHua/+HACaKaRLFBL/Os
lVUD8eH0kKk8sSVGKF34FcTWT9mmhiaeaZwsCgvzr3dN4BsxFISpqczviN/ULzTB
zbM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org