Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/dxB2Gdbx05UxDgXDHvCLcXZUTR4.roa
File: dxB2Gdbx05UxDgXDHvCLcXZUTR4.roa (raw, json)
Hash identifier: aJVvZscgtvAvKfgz/q1wrnhwW65eMgWZR9nFdUgQGaw=
Subject key identifier: 77:10:76:19:D6:F1:D3:95:31:0E:05:C3:1E:F0:8B:71:76:54:4D:1E
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018AB6DBDF064DE4C416E3443564D1627497
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/dxB2Gdbx05UxDgXDHvCLcXZUTR4.roa
Signing time: Thu 21 Sep 2023 08:29:37 +0000
ROA not before: Thu 21 Sep 2023 08:29:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137502
IP address blocks: 213.248.254.0/24 maxlen: 24
213.248.255.0/24 maxlen: 24
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:db:df:06:4d:e4:c4:16:e3:44:35:64:d1:62:74:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 21 08:29:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77107619d6f1d395310e05c31ef08b7176544d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:50:86:7a:f5:bc:c0:d4:05:07:9c:17:e5:3f:
2d:80:17:ba:4b:a1:e1:bc:2b:97:67:9c:53:4b:83:
14:a8:94:6c:4d:8a:97:c1:cc:f3:8c:53:3c:40:44:
4d:ec:2f:5c:79:8b:9e:8d:ce:41:0b:35:ba:40:93:
64:5a:10:28:4f:62:97:57:ac:f4:2b:72:2d:8d:20:
8f:7a:66:d1:07:09:02:69:21:ac:c1:34:27:32:55:
73:75:b8:d7:3c:22:bf:b3:f6:91:b9:f6:25:25:cf:
69:37:b0:ff:78:a0:ca:7e:97:11:3a:aa:6b:05:92:
90:c3:14:8a:96:04:7e:e5:10:e9:f4:60:e3:42:8f:
3f:52:6f:75:e9:c3:d9:55:d2:1c:7a:2a:03:8b:97:
6c:84:22:75:8e:15:39:ef:c8:41:64:a0:e8:20:50:
9e:02:c7:a4:a7:91:5b:c9:6d:52:41:c7:d3:8b:33:
82:ef:dc:a8:63:4f:bd:35:33:70:4c:24:d1:f7:c2:
9b:e6:ca:bf:cd:ab:ab:63:ec:b3:dd:be:89:27:6f:
3e:4b:9e:5d:04:7c:50:cd:8b:91:d9:85:d6:c1:f4:
86:b0:ed:78:9c:8a:05:a3:20:cb:4b:37:81:7b:3b:
75:f5:5b:49:cb:a7:64:65:fb:07:b9:cf:e2:31:2d:
57:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:10:76:19:D6:F1:D3:95:31:0E:05:C3:1E:F0:8B:71:76:54:4D:1E
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/dxB2Gdbx05UxDgXDHvCLcXZUTR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.254.0/23
IPv6:
2a01:618:400::/47
2a01:618:403::-2a01:618:404:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
81:f3:6f:5e:26:27:06:38:17:38:68:b9:a8:31:ba:1f:94:5e:
54:4c:b2:55:8f:85:10:b0:a5:6a:3c:2a:60:b7:a5:f6:7b:fc:
8d:b5:66:d8:ac:65:44:4c:f8:9b:12:01:69:3a:f8:c1:18:c8:
a3:24:53:fd:0a:19:ac:6b:3b:e3:34:55:e3:26:64:eb:58:45:
27:6b:70:b8:bf:56:7b:24:bf:62:45:7d:08:2a:2a:df:8b:ba:
d6:dd:5e:54:d5:38:b0:c9:63:d3:88:6d:2b:b7:80:85:93:4f:
ea:d4:50:1a:93:41:82:65:a0:cf:c9:b9:13:6e:e3:3e:75:48:
10:0d:59:31:b2:e4:25:8f:81:13:52:8f:73:dd:07:93:da:2e:
7a:6b:5f:3c:c6:eb:20:55:1a:1e:e6:9c:25:49:e1:0f:30:11:
05:f4:9e:2b:5c:cd:a5:54:e6:c0:0d:a6:9d:f2:df:27:5d:8b:
d8:e4:b2:25:b0:97:cc:a0:e7:bd:0c:1c:83:d4:81:13:00:5c:
9e:4a:88:2d:85:f2:5d:80:92:11:13:26:18:fb:97:9f:19:19:
e5:40:8e:39:a7:b3:32:e1:00:a4:fb:3e:82:ed:59:ac:d3:7b:
72:29:79:bf:e1:ff:0b:c0:a4:12:43:db:c3:9b:0f:c7:d0:fc:
b2:7e:63:21
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYq2298GTeTEFuNENWTRYnSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTIxMDgyOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzEwNzYxOWQ2ZjFkMzk1MzEwZTA1YzMxZWYwOGI3MTc2NTQ0ZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lCGevW8wNQFB5wX5T8tgBe6S6Hh
vCuXZ5xTS4MUqJRsTYqXwczzjFM8QERN7C9ceYuejc5BCzW6QJNkWhAoT2KXV6z0
K3ItjSCPembRBwkCaSGswTQnMlVzdbjXPCK/s/aRufYlJc9pN7D/eKDKfpcROqpr
BZKQwxSKlgR+5RDp9GDjQo8/Um916cPZVdIceioDi5dshCJ1jhU578hBZKDoIFCe
Asekp5FbyW1SQcfTizOC79yoY0+9NTNwTCTR98Kb5sq/zaurY+yz3b6JJ28+S55d
BHxQzYuR2YXWwfSGsO14nIoFoyDLSzeBezt19VtJy6dkZfsHuc/iMS1XbwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFHcQdhnW8dOVMQ4Fwx7wi3F2VE0eMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvZHhCMkdkYngwNVV4RGdYREh2Q0xjWFpVVFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQB1fj+MCME
AgACMB0DBwEqAQYYBAAwEgMHACoBBhgEAwMHACoBBhgEBDANBgkqhkiG9w0BAQsF
AAOCAQEAgfNvXiYnBjgXOGi5qDG6H5ReVEyyVY+FELClajwqYLel9nv8jbVm2Kxl
REz4mxIBaTr4wRjIoyRT/QoZrGs74zRV4yZk61hFJ2twuL9WeyS/YkV9CCoq34u6
1t1eVNU4sMlj04htK7eAhZNP6tRQGpNBgmWgz8m5E27jPnVIEA1ZMbLkJY+BE1KP
c90Hk9ouemtfPMbrIFUaHuacJUnhDzARBfSeK1zNpVTmwA2mnfLfJ12L2OSyJbCX
zKDnvQwcg9SBEwBcnkqILYXyXYCSERMmGPuXnxkZ5UCOOaezMuEApPs+gu1ZrNN7
cil5v+H/C8CkEkPbw5sPx9D8sn5jIQ==
-----END CERTIFICATE-----
Generated at Thu Sep 21 11:20:29 2023 by rpki-client on console-fra.rpki-client.org