Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d296a8-a5b1-4a34-8128-89359e783224/1/AkbkYK3xr6eid5Lbc62dpPWSEKI.roa
File: AkbkYK3xr6eid5Lbc62dpPWSEKI.roa (raw, json)
Hash identifier: L/2aFfkYhgCS3x2HHHGQ6DMYkJAvpoIn6uZ35GENFfQ=
Subject key identifier: 02:46:E4:60:AD:F1:AF:A7:A2:77:92:DB:73:AD:9D:A4:F5:92:10:A2
Certificate issuer: /CN=5bd8d72b1cbfc67c379ad9a92c66fac6c8d3233a
Certificate serial: 01856F9DF0B5045A51AD505A25489EAA8DA9
Authority key identifier: 5B:D8:D7:2B:1C:BF:C6:7C:37:9A:D9:A9:2C:66:FA:C6:C8:D3:23:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9jXKxy_xnw3mtmpLGb6xsjTIzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/d296a8-a5b1-4a34-8128-89359e783224/1/AkbkYK3xr6eid5Lbc62dpPWSEKI.roa
Signing time: Sun 01 Jan 2023 23:14:59 +0000
ROA not before: Sun 01 Jan 2023 23:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206281
IP address blocks: 185.177.144.0/22 maxlen: 22
2a0a:4f80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:f0:b5:04:5a:51:ad:50:5a:25:48:9e:aa:8d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd8d72b1cbfc67c379ad9a92c66fac6c8d3233a
Validity
Not Before: Jan 1 23:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0246e460adf1afa7a27792db73ad9da4f59210a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e6:6b:4f:eb:85:bf:31:a7:0e:6d:1e:e8:c1:
c6:ba:be:15:2e:95:ef:fe:b2:50:a2:4b:b3:c8:23:
2b:c6:a2:1c:25:97:ad:8e:a0:1e:6d:10:19:ec:d5:
b0:dc:07:56:c0:00:7e:31:ac:d7:1f:94:f8:30:7d:
c7:f3:88:24:92:c0:ed:fe:ef:d1:60:c3:a1:7b:7c:
d6:ec:ec:88:c5:da:59:fc:1f:95:33:07:16:e3:5a:
7f:87:6c:1f:b6:03:dd:2a:0d:dd:de:c9:e6:2a:8b:
69:67:ec:72:92:f2:6f:7e:97:c2:93:32:01:c3:54:
9b:99:50:c7:bd:7a:0c:3e:15:7d:a5:ba:94:84:92:
91:01:96:40:73:eb:d6:75:91:89:24:0b:b7:bc:df:
e2:c2:80:22:91:84:9b:dd:7c:10:e3:4a:ae:1d:8c:
60:32:c4:84:19:4c:d4:d7:3c:85:34:4a:41:ad:9c:
c6:7f:42:fc:0a:da:c6:74:6a:84:9b:84:04:41:02:
3e:df:91:4d:83:0a:32:1a:92:95:91:e7:33:96:11:
ab:8b:fc:f4:03:bf:90:c3:5d:08:3d:cd:b1:91:b5:
08:e5:49:68:72:a0:dd:e2:70:02:0e:21:d6:9f:a7:
e1:cc:cb:1f:9c:84:ca:1d:1d:01:52:2c:60:4e:e5:
43:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:46:E4:60:AD:F1:AF:A7:A2:77:92:DB:73:AD:9D:A4:F5:92:10:A2
X509v3 Authority Key Identifier:
keyid:5B:D8:D7:2B:1C:BF:C6:7C:37:9A:D9:A9:2C:66:FA:C6:C8:D3:23:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9jXKxy_xnw3mtmpLGb6xsjTIzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d296a8-a5b1-4a34-8128-89359e783224/1/AkbkYK3xr6eid5Lbc62dpPWSEKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d296a8-a5b1-4a34-8128-89359e783224/1/W9jXKxy_xnw3mtmpLGb6xsjTIzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.144.0/22
IPv6:
2a0a:4f80::/32
Signature Algorithm: sha256WithRSAEncryption
14:4d:4d:7e:ba:4e:a6:6b:8a:de:14:f9:96:19:dc:0e:3e:f0:
7d:63:fd:17:df:bb:46:c6:76:3c:d8:71:77:97:87:d7:3a:8b:
92:d9:7a:8f:31:7b:69:ac:44:f8:dd:e3:46:3c:8b:76:1f:57:
f7:d6:a3:9f:4e:c2:ba:b1:81:66:20:01:f5:4a:28:16:f3:ab:
37:c4:3f:3a:04:c6:a6:f5:2f:30:54:ce:50:73:2c:15:6b:85:
41:c7:d8:9d:fd:70:0a:ab:a7:f2:04:24:72:12:27:e6:1a:72:
fa:b4:0d:ee:ef:ec:78:d2:47:a1:37:b0:5f:d4:6a:f5:49:be:
6b:45:fc:3d:e4:0e:66:9c:07:80:c7:15:f8:f3:be:78:1e:6c:
cc:86:f1:24:4c:b0:2b:d4:16:e1:93:4d:75:76:14:f3:ab:3e:
d2:d8:be:cb:c5:eb:3a:75:db:78:cd:08:24:10:ca:07:62:53:
06:2c:91:17:ea:9f:be:3f:ff:b5:ff:eb:53:d5:9c:9a:65:80:
3f:ba:34:8c:78:a2:78:47:a4:ea:1b:b1:2a:6b:20:90:39:5e:
54:22:6f:0e:29:33:cb:ed:df:d3:a8:e0:9d:b5:91:43:56:85:
f0:64:b1:9b:4d:3c:96:76:52:cd:c9:88:c9:6b:9e:5b:fd:fa:
4f:21:8b:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvnfC1BFpRrVBaJUieqo2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDhkNzJiMWNiZmM2N2MzNzlhZDlhOTJjNjZmYWM2Yzhk
MzIzM2EwHhcNMjMwMTAxMjMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjQ2ZTQ2MGFkZjFhZmE3YTI3NzkyZGI3M2FkOWRhNGY1OTIxMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOZrT+uFvzGnDm0e6MHGur4VLpXv
/rJQokuzyCMrxqIcJZetjqAebRAZ7NWw3AdWwAB+MazXH5T4MH3H84gkksDt/u/R
YMOhe3zW7OyIxdpZ/B+VMwcW41p/h2wftgPdKg3d3snmKotpZ+xykvJvfpfCkzIB
w1SbmVDHvXoMPhV9pbqUhJKRAZZAc+vWdZGJJAu3vN/iwoAikYSb3XwQ40quHYxg
MsSEGUzU1zyFNEpBrZzGf0L8CtrGdGqEm4QEQQI+35FNgwoyGpKVkeczlhGri/z0
A7+Qw10IPc2xkbUI5UlocqDd4nACDiHWn6fhzMsfnITKHR0BUixgTuVDGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAJG5GCt8a+noneS23OtnaT1khCiMB8GA1UdIwQY
MBaAFFvY1yscv8Z8N5rZqSxm+sbI0yM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlqWEt4eV94bnczbXRtcExHYjZ4c2pUSXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kMjk2YTgtYTViMS00YTM0LTgxMjgt
ODkzNTllNzgzMjI0LzEvQWtia1lLM3hyNmVpZDVMYmM2MmRwUFdTRUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9kMjk2YTgtYTViMS00YTM0LTgxMjgtODkzNTllNzgzMjI0
LzEvVzlqWEt4eV94bnczbXRtcExHYjZ4c2pUSXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubGQMA0E
AgACMAcDBQAqCk+AMA0GCSqGSIb3DQEBCwUAA4IBAQAUTU1+uk6ma4reFPmWGdwO
PvB9Y/0X37tGxnY82HF3l4fXOouS2XqPMXtprET43eNGPIt2H1f31qOfTsK6sYFm
IAH1SigW86s3xD86BMam9S8wVM5QcywVa4VBx9id/XAKq6fyBCRyEifmGnL6tA3u
7+x40kehN7Bf1Gr1Sb5rRfw95A5mnAeAxxX48754HmzMhvEkTLAr1Bbhk011dhTz
qz7S2L7Lxes6ddt4zQgkEMoHYlMGLJEX6p++P/+1/+tT1ZyaZYA/ujSMeKJ4R6Tq
G7EqayCQOV5UIm8OKTPL7d/TqOCdtZFDVoXwZLGbTTyWdlLNyYjJa55b/fpPIYts
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:44 2024 by rpki-client on console-fra.rpki-client.org