Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/yXgCH9CMx7rlQVkWipBSJuigAr0.roa
File: yXgCH9CMx7rlQVkWipBSJuigAr0.roa (raw, json)
Hash identifier: RSb05gNQPhOXLQlOjvjQv79otzqWWtWxVh3Z1vIwPUs=
Subject key identifier: C9:78:02:1F:D0:8C:C7:BA:E5:41:59:16:8A:90:52:26:E8:A0:02:BD
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018CF2C65726B11C711E3551D61E82569482
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/yXgCH9CMx7rlQVkWipBSJuigAr0.roa
Signing time: Wed 10 Jan 2024 09:48:53 +0000
ROA not before: Wed 10 Jan 2024 09:48:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43519
IP address blocks: 213.248.203.0/24 maxlen: 24
213.248.202.0/24 maxlen: 24
213.248.201.0/24 maxlen: 24
213.248.200.0/24 maxlen: 24
213.248.206.0/24 maxlen: 24
213.248.205.0/24 maxlen: 24
213.248.204.0/24 maxlen: 24
213.248.207.0/24 maxlen: 24
213.248.216.0/24 maxlen: 24
213.248.219.0/24 maxlen: 24
213.248.218.0/24 maxlen: 24
213.248.217.0/24 maxlen: 24
213.248.220.0/24 maxlen: 24
213.248.223.0/24 maxlen: 24
213.248.222.0/24 maxlen: 24
213.248.221.0/24 maxlen: 24
213.248.254.0/24 maxlen: 24
149.20.123.0/24 maxlen: 24
149.20.122.0/24 maxlen: 24
149.20.121.0/24 maxlen: 24
149.20.120.0/24 maxlen: 24
2a01:61e:fffd::/48 maxlen: 48
2a01:61e:2::/48 maxlen: 48
2a01:61e:4::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
2a01:61e:5::/48 maxlen: 48
2a01:618:407::/48 maxlen: 48
2a01:618:402::/48 maxlen: 48
2a01:618:405::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:61e:3::/48 maxlen: 48
2a01:61e:fffe::/48 maxlen: 48
2a01:61e:ffff::/48 maxlen: 48
2a01:61e:1::/48 maxlen: 48
2a01:618:406::/48 maxlen: 48
2a01:61e:fffc::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:61e:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Jan 2024 14:51:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:c6:57:26:b1:1c:71:1e:35:51:d6:1e:82:56:94:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Jan 10 09:48:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c978021fd08cc7bae54159168a905226e8a002bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ba:b8:1f:c8:38:e2:24:78:15:b0:83:62:01:
e4:3d:88:ce:11:24:fc:61:7a:b5:25:61:4a:c5:db:
54:22:d8:31:45:db:be:ab:61:cc:2f:74:2c:af:0d:
12:0a:80:9d:25:93:5d:4d:9d:e2:9c:58:e6:58:c3:
79:0f:bc:99:1a:f4:19:3c:88:71:2d:29:f2:f9:76:
e4:c9:b6:17:1f:c1:ab:a1:5b:8b:04:16:5b:43:bf:
15:a6:33:b4:23:ef:03:88:3a:db:a3:6e:81:cd:5e:
dd:17:43:bf:60:28:09:c1:6d:43:28:85:af:75:7f:
2a:d3:d1:76:39:bf:a1:c6:fc:b6:a6:be:7c:a7:54:
5b:0d:b1:8c:2d:34:59:d0:d1:51:a4:06:88:ab:d2:
40:ed:e0:d8:eb:36:76:7e:56:77:75:d5:cd:25:45:
18:df:94:9b:35:fe:ab:bd:f4:29:e0:4e:17:8a:b4:
ac:1e:b3:05:4a:ca:53:4d:75:d3:ec:a7:32:4c:54:
4f:fa:b8:52:8a:27:87:36:5c:5d:bd:9b:68:7b:7c:
99:ab:6e:ca:c3:86:c6:f4:6a:1f:08:f6:27:48:6a:
fc:c5:40:96:1e:02:76:bd:3d:48:1e:fb:ff:ae:1b:
b2:b8:7c:ae:49:ee:87:6d:81:83:22:95:4d:9f:7d:
89:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:78:02:1F:D0:8C:C7:BA:E5:41:59:16:8A:90:52:26:E8:A0:02:BD
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/yXgCH9CMx7rlQVkWipBSJuigAr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.120.0/22
213.248.200.0/21
213.248.216.0/21
213.248.254.0/24
IPv6:
2a01:618:400::/45
2a01:61e:1::-2a01:61e:6:ffff:ffff:ffff:ffff:ffff
2a01:61e:fffc::/46
Signature Algorithm: sha256WithRSAEncryption
b0:f6:45:4b:b2:5a:36:a5:9b:7c:76:88:1b:ee:d4:24:a8:9d:
72:d1:27:88:6f:9b:ab:be:94:e6:45:a6:5e:72:d5:ff:b7:08:
24:25:a9:3b:4d:b0:12:27:e5:39:03:fd:18:f3:38:64:d2:59:
8f:6a:61:5a:d6:98:21:59:79:95:68:59:4a:5d:4a:db:5e:79:
5a:f8:26:5c:db:03:73:eb:00:e6:15:c4:67:6b:73:29:53:42:
bc:cb:55:53:4e:fc:7a:38:08:ae:f7:b3:13:be:59:23:44:bd:
e6:1f:e4:d7:7f:36:26:3d:fd:e9:f9:82:3d:4f:fe:6d:a2:3a:
32:7a:43:7e:4f:b8:d0:82:fe:38:77:2e:a9:a4:5d:14:a3:40:
ec:3d:62:86:ff:37:a0:6b:fc:84:00:1e:ab:d1:1a:f3:32:43:
d2:09:e3:5e:ad:2b:44:29:6c:39:02:29:1f:76:11:e4:15:ab:
71:6b:13:03:5b:1c:74:01:76:5b:09:b8:e9:70:6f:a6:08:ad:
d7:f7:2e:66:d9:7c:f0:23:71:b2:b9:21:86:75:07:97:b9:50:
e4:a6:47:d6:63:dc:0f:a3:32:24:e8:96:3d:5c:d2:05:78:13:
ac:0d:a6:c4:d9:d0:aa:7f:03:b9:c1:fe:95:5b:0b:4c:33:4d:
43:e2:9b:ec
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzyxlcmsRxxHjVR1h6CVpSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjQwMTEwMDk0ODUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTc4MDIxZmQwOGNjN2JhZTU0MTU5MTY4YTkwNTIyNmU4YTAwMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrq4H8g44iR4FbCDYgHkPYjOEST8
YXq1JWFKxdtUItgxRdu+q2HML3Qsrw0SCoCdJZNdTZ3inFjmWMN5D7yZGvQZPIhx
LSny+XbkybYXH8GroVuLBBZbQ78VpjO0I+8DiDrbo26BzV7dF0O/YCgJwW1DKIWv
dX8q09F2Ob+hxvy2pr58p1RbDbGMLTRZ0NFRpAaIq9JA7eDY6zZ2flZ3ddXNJUUY
35SbNf6rvfQp4E4XirSsHrMFSspTTXXT7KcyTFRP+rhSiieHNlxdvZtoe3yZq27K
w4bG9GofCPYnSGr8xUCWHgJ2vT1IHvv/rhuyuHyuSe6HbYGDIpVNn32JHQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFMl4Ah/QjMe65UFZFoqQUibooAK9MB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEveVhnQ0g5Q014N3JsUVZrV2lwQlNKdWlnQXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAeBAIAATAYAwQClRR4AwQD
1fjIAwQD1fjYAwQA1fj+MCwEAgACMCYDBwMqAQYYBAAwEgMHACoBBh4AAQMHACoB
Bh4ABgMHAioBBh7//DANBgkqhkiG9w0BAQsFAAOCAQEAsPZFS7JaNqWbfHaIG+7U
JKidctEniG+bq76U5kWmXnLV/7cIJCWpO02wEiflOQP9GPM4ZNJZj2phWtaYIVl5
lWhZSl1K2155WvgmXNsDc+sA5hXEZ2tzKVNCvMtVU078ejgIrvezE75ZI0S95h/k
1382Jj396fmCPU/+baI6MnpDfk+40IL+OHcuqaRdFKNA7D1ihv83oGv8hAAeq9Ea
8zJD0gnjXq0rRClsOQIpH3YR5BWrcWsTA1scdAF2Wwm46XBvpgit1/cuZtl88CNx
srkhhnUHl7lQ5KZH1mPcD6MyJOiWPVzSBXgTrA2mxNnQqn8DucH+lVsLTDNNQ+Kb
7A==
-----END CERTIFICATE-----
Generated at Tue Jan 23 17:52:29 2024 by rpki-client on console-ams.rpki-client.org