Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/rqdg8D9KQ67dkslWYV_lcTHobwY.roa
File: rqdg8D9KQ67dkslWYV_lcTHobwY.roa (raw, json)
Hash identifier: 6K07sGgBOVwhjIHQAwl//9zo3heDEWUE31pueugaFM4=
Subject key identifier: AE:A7:60:F0:3F:4A:43:AE:DD:92:C9:56:61:5F:E5:71:31:E8:6F:06
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018ACBCFF22090318226425A840B6CE4D923
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/rqdg8D9KQ67dkslWYV_lcTHobwY.roa
Signing time: Mon 25 Sep 2023 10:08:37 +0000
ROA not before: Mon 25 Sep 2023 10:08:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137502
IP address blocks: 213.248.254.0/24 maxlen: 24
213.248.255.0/24 maxlen: 24
2a01:618:402::/48 maxlen: 48
2a01:618:405::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:406::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 25 Sep 2023 11:09:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:cf:f2:20:90:31:82:26:42:5a:84:0b:6c:e4:d9:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 25 10:08:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aea760f03f4a43aedd92c956615fe57131e86f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:55:ea:85:25:c4:58:f3:d7:06:3d:e2:0c:6e:
4d:dd:3d:29:48:a0:08:6a:41:77:28:78:0f:59:98:
a2:62:63:90:7f:f1:7f:8f:a6:c3:5d:84:8e:1d:cb:
79:30:0d:0f:44:9b:c5:df:78:4b:1f:7d:c3:70:5d:
bf:44:b4:9d:20:2e:3e:d1:90:c0:57:e3:1d:3d:8f:
cc:a0:fc:cc:5b:1b:61:77:63:6f:f9:04:65:fd:03:
64:b8:19:d6:e4:56:2a:7c:75:b0:19:44:49:be:95:
2a:7d:b7:fc:a1:54:60:c3:70:77:51:4c:bc:82:9d:
10:a4:ae:58:dd:b4:b7:79:c6:af:32:8c:ad:80:72:
90:5a:11:78:f2:c6:ef:25:8d:ab:d6:a6:b0:98:81:
01:1d:ee:f6:48:f5:33:a7:4b:d3:eb:02:dc:55:52:
4f:64:1b:98:e4:0f:a4:c7:2c:1a:72:d7:e4:27:8e:
39:86:d2:1f:35:41:2b:09:66:b8:70:45:a5:48:76:
f7:30:a5:ca:28:5f:08:12:e1:01:17:1d:9b:95:d4:
bc:02:48:10:bd:ee:f9:6f:a2:ce:53:ae:26:01:1d:
60:2b:18:cf:d4:96:db:b1:b8:a8:df:e8:bb:d1:56:
12:88:e7:dc:eb:3a:61:00:1c:62:1e:e3:f7:0d:a0:
5d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A7:60:F0:3F:4A:43:AE:DD:92:C9:56:61:5F:E5:71:31:E8:6F:06
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/rqdg8D9KQ67dkslWYV_lcTHobwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.254.0/23
IPv6:
2a01:618:400::-2a01:618:406:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6f:02:bf:bf:49:b9:ea:51:3e:ba:32:1b:c6:38:9b:59:b0:00:
87:64:d7:27:2f:e2:df:9b:2e:40:dc:06:a8:d6:90:91:6d:ac:
ce:12:5f:c5:8d:31:5e:9d:f3:fe:ab:54:ab:c3:08:89:f3:96:
85:48:9c:11:67:ff:48:de:8a:41:70:f7:a1:a4:4e:27:7c:db:
7d:c7:10:fa:67:04:d6:99:02:57:97:da:64:f9:05:26:f1:ea:
f6:66:46:ca:b0:6f:88:53:d2:66:04:eb:c7:27:24:d6:fd:a1:
17:6a:2f:f0:eb:b5:73:9d:5e:08:e5:39:d8:8a:69:35:5e:6e:
c1:da:c5:2c:84:bf:4b:88:72:36:ac:08:aa:ee:ed:0c:9e:4b:
f1:eb:66:5d:66:00:61:60:cc:4f:69:90:54:a5:db:d6:70:ea:
eb:24:f5:fd:cb:25:5d:bb:cb:63:c4:a2:a3:c7:c8:a9:4d:9e:
9b:7c:c5:17:38:6c:1a:e0:6d:ab:28:4a:4f:4c:e0:d0:96:c1:
5d:e5:80:18:56:9c:e7:a5:8f:72:6c:e2:b8:fb:9b:8f:78:ec:
27:62:5f:a2:6a:13:ed:f1:67:9a:dd:0c:0e:52:2d:01:b7:7e:
06:4a:00:88:e9:62:5d:37:1e:b9:80:fc:42:d4:e2:36:e3:f0:
b6:74:33:92
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYrLz/IgkDGCJkJahAts5NkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTI1MTAwODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWE3NjBmMDNmNGE0M2FlZGQ5MmM5NTY2MTVmZTU3MTMxZTg2ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlXqhSXEWPPXBj3iDG5N3T0pSKAI
akF3KHgPWZiiYmOQf/F/j6bDXYSOHct5MA0PRJvF33hLH33DcF2/RLSdIC4+0ZDA
V+MdPY/MoPzMWxthd2Nv+QRl/QNkuBnW5FYqfHWwGURJvpUqfbf8oVRgw3B3UUy8
gp0QpK5Y3bS3ecavMoytgHKQWhF48sbvJY2r1qawmIEBHe72SPUzp0vT6wLcVVJP
ZBuY5A+kxywactfkJ445htIfNUErCWa4cEWlSHb3MKXKKF8IEuEBFx2bldS8AkgQ
ve75b6LOU64mAR1gKxjP1Jbbsbio3+i70VYSiOfc6zphABxiHuP3DaBdiQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFK6nYPA/SkOu3ZLJVmFf5XEx6G8GMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvcnFkZzhEOUtRNjdka3NsV1lWX2xjVEhvYndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQB1fj+MBkE
AgACMBMwEQMGAioBBhgEAwcAKgEGGAQGMA0GCSqGSIb3DQEBCwUAA4IBAQBvAr+/
SbnqUT66MhvGOJtZsACHZNcnL+Lfmy5A3Aao1pCRbazOEl/FjTFenfP+q1SrwwiJ
85aFSJwRZ/9I3opBcPehpE4nfNt9xxD6ZwTWmQJXl9pk+QUm8er2ZkbKsG+IU9Jm
BOvHJyTW/aEXai/w67VznV4I5TnYimk1Xm7B2sUshL9LiHI2rAiq7u0Mnkvx62Zd
ZgBhYMxPaZBUpdvWcOrrJPX9yyVdu8tjxKKjx8ipTZ6bfMUXOGwa4G2rKEpPTODQ
lsFd5YAYVpznpY9ybOK4+5uPeOwnYl+iahPt8Wea3QwOUi0Bt34GSgCI6WJdNx65
gPxC1OI24/C2dDOS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org