Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/kq7tPY1dds7MYF9OMERiKBPe9WA.roa
File: kq7tPY1dds7MYF9OMERiKBPe9WA.roa (raw, json)
Hash identifier: ggN5t4DMxczjpsZl2n+WW/TfUwabtrxxCeIbmLgIIa4=
Subject key identifier: 92:AE:ED:3D:8D:5D:76:CE:CC:60:5F:4E:30:44:62:28:13:DE:F5:60
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018A8EAFF28662A9E7544BE5426CFF08E2AE
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/kq7tPY1dds7MYF9OMERiKBPe9WA.roa
Signing time: Wed 13 Sep 2023 13:16:50 +0000
ROA not before: Wed 13 Sep 2023 13:16:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8683
IP address blocks: 149.20.108.0/22 maxlen: 22
213.248.198.0/23 maxlen: 23
213.248.196.0/23 maxlen: 23
149.20.96.0/22 maxlen: 22
149.20.104.0/22 maxlen: 22
149.20.100.0/22 maxlen: 22
213.248.232.0/21 maxlen: 21
213.248.230.0/23 maxlen: 23
213.248.228.0/23 maxlen: 23
213.248.240.0/21 maxlen: 21
213.248.252.0/23 maxlen: 23
2a01:61c:2f00::/40 maxlen: 40
2a01:61c:2100::/40 maxlen: 40
2a01:61c:2000::/40 maxlen: 40
2a01:61c:1f00::/40 maxlen: 40
2a01:61c:1d00::/40 maxlen: 40
2a01:61c:1900::/40 maxlen: 40
2a01:61c:1100::/40 maxlen: 40
2a01:61c:1000::/40 maxlen: 40
2a01:618:8000::/33 maxlen: 33
2a01:618:8000::/40 maxlen: 40
2a01:61c:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Oct 2023 11:14:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:af:f2:86:62:a9:e7:54:4b:e5:42:6c:ff:08:e2:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 13 13:16:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92aeed3d8d5d76cecc605f4e3044622813def560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:3c:7c:16:59:57:22:3a:95:51:dd:86:de:29:
d5:e0:df:7b:e3:5d:45:14:d2:a8:61:2b:7e:1b:2f:
cf:22:eb:65:32:08:bf:c7:73:94:f2:5b:40:ac:51:
c0:72:f0:00:eb:91:e8:69:4c:f0:e8:2f:c1:d9:61:
55:aa:37:b7:24:f1:76:37:16:34:29:9b:4f:73:55:
98:47:ab:7d:37:7a:6e:ab:bf:75:87:81:33:51:4e:
3e:a1:43:07:8d:39:c8:96:11:06:77:30:02:40:13:
84:2e:bc:29:b0:24:4d:0a:c5:d4:0b:3b:b0:af:91:
04:07:7a:2b:6d:46:c3:ee:c0:e0:3c:21:dc:1b:23:
5d:88:58:22:a1:22:9a:bc:bd:cb:96:b8:2f:d5:37:
29:8d:08:fd:68:e4:fb:d3:85:52:21:a7:c5:79:2d:
d5:22:d4:5f:e7:b8:a3:a6:9f:10:e1:9d:94:bf:3a:
c8:ef:5e:dc:3b:66:87:b2:e3:da:00:9f:ba:81:45:
57:89:cb:a3:e7:52:ef:d9:e0:3d:de:ad:9f:77:38:
68:da:a7:e5:53:14:97:d4:a6:83:5d:b7:52:d2:ac:
5c:0d:ff:2b:2c:21:00:34:67:df:90:fc:c6:c4:ca:
a1:68:e3:9a:eb:78:96:92:4f:f3:d6:af:64:ae:bc:
09:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:AE:ED:3D:8D:5D:76:CE:CC:60:5F:4E:30:44:62:28:13:DE:F5:60
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/kq7tPY1dds7MYF9OMERiKBPe9WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.96.0/20
213.248.196.0/22
213.248.228.0-213.248.247.255
213.248.252.0/23
IPv6:
2a01:618:8000::/33
2a01:61c:1000::/39
2a01:61c:1900::/40
2a01:61c:1d00::/40
2a01:61c:1f00::-2a01:61c:21ff:ffff:ffff:ffff:ffff:ffff
2a01:61c:2f00::/40
2a01:61c:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
a9:79:5a:0c:1f:3a:ea:1f:7d:da:70:f8:df:a6:6a:8e:14:ba:
ee:3a:98:b0:92:68:69:70:9c:5b:f7:ef:3b:38:b4:7c:ed:02:
bf:0e:40:b7:c7:8b:14:0f:38:1e:cf:14:09:04:8a:b9:bf:c8:
17:7f:d1:6d:cb:0b:22:f4:64:46:b2:b1:de:a6:12:0f:f6:5e:
6b:ef:ee:e4:84:2a:2e:b3:c0:6f:35:1b:d6:dc:91:2f:ec:60:
4e:48:dc:21:8c:44:ca:e3:56:b9:2b:db:f4:8f:ce:4a:e4:d4:
67:83:35:a3:30:67:ac:c6:d5:5e:69:16:a6:1a:f4:03:6c:f1:
65:bc:cd:64:cd:6e:ef:ac:4c:df:5f:db:1a:60:f5:4e:e6:e8:
94:1c:17:28:10:c3:f2:00:e4:38:86:60:a4:60:ce:12:60:08:
af:04:4b:ab:45:aa:a9:d3:5b:37:db:3f:68:29:1c:e2:31:eb:
11:fa:24:22:61:8e:f0:5b:4c:76:67:ce:70:39:c0:68:3c:95:
3e:c1:80:02:21:8d:e6:08:2f:51:eb:a2:c3:a0:c4:a5:4b:17:
21:2e:78:5a:e0:0a:58:ca:7b:28:a5:90:5d:6c:02:a8:79:06:
79:31:4a:05:41:b2:5c:90:54:f2:db:89:fb:05:3d:b3:57:dd:
7c:bb:c6:41
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYqOr/KGYqnnVEvlQmz/COKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTEzMTMxNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmFlZWQzZDhkNWQ3NmNlY2M2MDVmNGUzMDQ0NjIyODEzZGVmNTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Tx8FllXIjqVUd2G3inV4N97411F
FNKoYSt+Gy/PIutlMgi/x3OU8ltArFHAcvAA65HoaUzw6C/B2WFVqje3JPF2NxY0
KZtPc1WYR6t9N3puq791h4EzUU4+oUMHjTnIlhEGdzACQBOELrwpsCRNCsXUCzuw
r5EEB3orbUbD7sDgPCHcGyNdiFgioSKavL3Llrgv1TcpjQj9aOT704VSIafFeS3V
ItRf57ijpp8Q4Z2UvzrI717cO2aHsuPaAJ+6gUVXicuj51Lv2eA93q2fdzho2qfl
UxSX1KaDXbdS0qxcDf8rLCEANGffkPzGxMqhaOOa63iWkk/z1q9krrwJpwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFJKu7T2NXXbOzGBfTjBEYigT3vVgMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEva3E3dFBZMWRkczdNWUY5T01FUmlLQlBlOVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwJgQCAAEwIAMEBJUUYAME
AtX4xDAMAwQC1fjkAwQD1fjwAwQB1fj8MEkEAgACMEMDBgcqAQYYgAMGASoBBhwQ
AwYAKgEGHBkDBgAqAQYcHTAQAwYAKgEGHB8DBgEqAQYcIAMGACoBBhwvAwcAKgEG
HP//MA0GCSqGSIb3DQEBCwUAA4IBAQCpeVoMHzrqH33acPjfpmqOFLruOpiwkmhp
cJxb9+87OLR87QK/DkC3x4sUDzgezxQJBIq5v8gXf9Ftywsi9GRGsrHephIP9l5r
7+7khCous8BvNRvW3JEv7GBOSNwhjETK41a5K9v0j85K5NRngzWjMGesxtVeaRam
GvQDbPFlvM1kzW7vrEzfX9saYPVO5uiUHBcoEMPyAOQ4hmCkYM4SYAivBEurRaqp
01s32z9oKRziMesR+iQiYY7wW0x2Z85wOcBoPJU+wYACIY3mCC9R66LDoMSlSxch
Lnha4ApYynsopZBdbAKoeQZ5MUoFQbJckFTy24n7BT2zV918u8ZB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org