Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/AkkNYxCGqOOP6jQxyuHQez3-txM.roa
File: AkkNYxCGqOOP6jQxyuHQez3-txM.roa (raw, json)
Hash identifier: 472JNfqjEd5Drah/Zu3cRs8C3wGWEC2Z/p8DV1blH7Y=
Subject key identifier: 02:49:0D:63:10:86:A8:E3:8F:EA:34:31:CA:E1:D0:7B:3D:FE:B7:13
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018DCB99B5575A3CDFBFC827EE5A1A182FF7
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/AkkNYxCGqOOP6jQxyuHQez3-txM.roa
Signing time: Wed 21 Feb 2024 12:17:44 +0000
ROA not before: Wed 21 Feb 2024 12:17:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 5.34.216.0/21 maxlen: 21
82.115.13.0/24 maxlen: 24
91.246.49.0/24 maxlen: 24
185.215.246.0/24 maxlen: 24
188.253.12.0/22 maxlen: 22
188.253.96.0/19 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Feb 2024 12:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:99:b5:57:5a:3c:df:bf:c8:27:ee:5a:1a:18:2f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 21 12:17:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02490d631086a8e38fea3431cae1d07b3dfeb713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1f:8f:9c:6b:a4:9b:c2:81:37:77:a0:9a:fe:
69:9c:75:d3:cd:85:06:5b:2c:9f:cd:46:fa:fe:3e:
4d:23:68:57:e5:1e:7b:fc:e8:5f:3b:de:31:f7:d3:
43:4a:a2:92:5c:4e:3b:c7:40:9a:da:3c:80:ce:ae:
d1:f4:4d:4d:2c:14:b2:df:8f:04:1e:44:2c:21:d4:
5a:d0:34:3c:6f:6e:80:7f:ec:1c:56:07:c1:85:c3:
3e:48:d6:e0:da:3b:73:8f:50:23:a4:25:f1:0b:88:
89:a2:0c:7f:44:ee:ac:4c:5e:94:e4:0d:90:e5:86:
3e:75:c7:6e:8a:a7:78:64:38:64:72:c4:98:aa:59:
10:f4:28:12:94:8b:04:43:8b:03:44:1e:3a:70:c5:
01:bf:3c:24:60:8a:79:41:16:9c:96:41:68:61:0a:
fa:a0:28:13:3b:44:63:d0:70:bb:4c:d8:bc:13:c5:
20:ae:8f:ce:c1:45:f2:aa:78:16:d7:07:96:5e:fd:
b3:30:ef:8d:2c:be:e2:a3:81:27:3a:b5:06:bd:63:
b1:16:11:17:43:15:45:37:37:e3:bd:95:88:f9:34:
6e:4a:0f:d0:cb:45:20:ef:2f:9d:cd:9e:a4:c0:9b:
b8:52:33:79:8e:75:e3:db:1c:58:cd:f8:66:ba:8b:
e5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:49:0D:63:10:86:A8:E3:8F:EA:34:31:CA:E1:D0:7B:3D:FE:B7:13
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/AkkNYxCGqOOP6jQxyuHQez3-txM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
82.115.13.0/24
91.246.49.0/24
185.215.246.0/24
188.253.12.0/22
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
a9:21:4d:82:dc:a3:0a:ed:b5:1f:71:32:af:d8:96:57:5d:eb:
48:c2:cc:20:81:66:07:d9:f5:05:20:db:f5:ce:7c:0d:db:4d:
80:e2:55:ed:5c:d2:1f:f0:0b:f2:c7:d8:7b:e8:11:1b:df:89:
c7:99:69:0c:48:c6:ec:bf:54:ff:7f:40:66:d6:a3:c8:02:79:
b5:fc:bf:ca:2b:8d:6d:80:e9:41:0d:c2:23:da:e0:dd:b3:23:
2b:b1:66:66:b4:d4:72:68:12:33:7f:e1:6c:a1:99:f9:2a:72:
76:9a:9f:1d:e6:c5:33:4e:d7:78:2d:a8:d2:c3:45:fa:14:c3:
a4:42:e6:e4:32:69:82:49:99:ad:9b:1e:8b:bd:17:e6:55:6f:
e8:c1:1f:e2:a9:51:4a:9d:4c:f1:cb:dd:75:f2:cd:c2:74:e8:
46:6b:03:b4:23:83:2f:c6:cc:28:18:d2:48:27:e4:0f:7d:f0:
1a:53:98:af:53:e2:e0:a2:f1:73:eb:dd:15:35:2d:b7:10:fa:
f6:c3:fe:0a:1f:5a:00:4b:d3:e3:d1:be:65:bf:63:c8:99:84:
ae:aa:7f:c1:f9:16:72:85:cc:c2:c2:26:1d:82:51:af:b9:ca:
1b:ee:7a:59:06:40:aa:be:fa:4f:50:b4:fe:80:94:39:07:78:
c0:ff:1a:d2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY3LmbVXWjzfv8gn7loaGC/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMjIxMTIxNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjQ5MGQ2MzEwODZhOGUzOGZlYTM0MzFjYWUxZDA3YjNkZmViNzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiB+PnGukm8KBN3egmv5pnHXTzYUG
WyyfzUb6/j5NI2hX5R57/OhfO94x99NDSqKSXE47x0Ca2jyAzq7R9E1NLBSy348E
HkQsIdRa0DQ8b26Af+wcVgfBhcM+SNbg2jtzj1AjpCXxC4iJogx/RO6sTF6U5A2Q
5YY+dcduiqd4ZDhkcsSYqlkQ9CgSlIsEQ4sDRB46cMUBvzwkYIp5QRaclkFoYQr6
oCgTO0Rj0HC7TNi8E8Ugro/OwUXyqngW1weWXv2zMO+NLL7io4EnOrUGvWOxFhEX
QxVFNzfjvZWI+TRuSg/Qy0Ug7y+dzZ6kwJu4UjN5jnXj2xxYzfhmuovlvQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAJJDWMQhqjjj+o0Mcrh0Hs9/rcTMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvQWtrTll4Q0dxT09QNmpReHl1SFFlejMtdHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBSLYAwQA
UnMNAwQAW/YxAwQAudf2AwQCvP0MAwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqG
SIb3DQEBCwUAA4IBAQCpIU2C3KMK7bUfcTKv2JZXXetIwswggWYH2fUFINv1znwN
202A4lXtXNIf8Avyx9h76BEb34nHmWkMSMbsv1T/f0Bm1qPIAnm1/L/KK41tgOlB
DcIj2uDdsyMrsWZmtNRyaBIzf+FsoZn5KnJ2mp8d5sUzTtd4LajSw0X6FMOkQubk
MmmCSZmtmx6LvRfmVW/owR/iqVFKnUzxy9118s3CdOhGawO0I4MvxswoGNJIJ+QP
ffAaU5ivU+LgovFz690VNS23EPr2w/4KH1oAS9Pj0b5lv2PImYSuqn/B+RZyhczC
wiYdglGvucob7npZBkCqvvpPULT+gJQ5B3jA/xrS
-----END CERTIFICATE-----
Generated at Fri Feb 23 16:26:44 2024 by rpki-client on console-ams.rpki-client.org