Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ENhGxio32Gl-wIyvuOpz23ujtBw.roa
File: ENhGxio32Gl-wIyvuOpz23ujtBw.roa (raw, json)
Hash identifier: HWJlB/VEuUw8xOX9HYxH6VEvUuo4g/pp83iTRpBgQF8=
Subject key identifier: 10:D8:46:C6:2A:37:D8:69:7E:C0:8C:AF:B8:EA:73:DB:7B:A3:B4:1C
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018DB1FB6FEF54F59E70DC7D53A2B27A25BF
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ENhGxio32Gl-wIyvuOpz23ujtBw.roa
Signing time: Fri 16 Feb 2024 12:54:21 +0000
ROA not before: Fri 16 Feb 2024 12:54:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 5.34.216.0/21 maxlen: 21
82.115.13.0/24 maxlen: 24
91.246.49.0/24 maxlen: 24
91.247.177.0/24 maxlen: 24
185.215.246.0/24 maxlen: 24
188.253.12.0/22 maxlen: 22
188.253.96.0/19 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 Feb 2024 12:17:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:fb:6f:ef:54:f5:9e:70:dc:7d:53:a2:b2:7a:25:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 16 12:54:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10d846c62a37d8697ec08cafb8ea73db7ba3b41c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c8:1a:e0:0a:5a:d2:63:2d:fb:0a:06:3b:d1:
0f:8c:be:60:b1:97:ec:51:22:7e:5b:d6:71:b5:eb:
c3:13:8c:9f:2b:8f:34:1d:6f:fe:28:31:3e:35:8f:
64:1e:84:ab:4b:cb:fb:d3:cb:34:57:68:95:c0:a5:
12:7e:8a:0a:78:55:76:a6:ed:5b:86:a7:ff:cd:e1:
cd:3d:21:53:4b:dd:f2:66:9c:aa:77:a9:20:6a:1c:
49:92:34:2d:25:6c:20:b0:b3:a4:1b:48:3f:54:a5:
74:cb:19:99:e8:fe:2a:a0:b4:fb:be:e0:23:a4:b2:
c6:1f:bb:fb:c9:7d:e6:ab:82:26:31:f2:e1:ad:5e:
93:0e:29:4c:9c:fe:15:d2:34:ee:bf:bc:84:ca:39:
38:a7:f4:1c:bc:95:bb:95:e6:d7:5c:73:c2:c3:ca:
57:4a:60:f9:15:79:13:04:0f:31:df:a7:af:3f:1d:
08:53:36:48:1b:4a:c6:43:ae:7e:5e:0f:ca:cc:13:
81:f7:9a:3f:e5:8b:a2:c9:61:18:4a:17:5b:20:e0:
cf:43:35:37:55:25:5f:44:75:fb:0a:14:0d:94:a4:
d1:c2:c8:76:40:26:44:77:39:44:9d:c0:4a:69:1b:
a1:7d:15:03:97:76:33:11:a2:bd:d1:a3:bf:6d:9a:
ec:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D8:46:C6:2A:37:D8:69:7E:C0:8C:AF:B8:EA:73:DB:7B:A3:B4:1C
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ENhGxio32Gl-wIyvuOpz23ujtBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
82.115.13.0/24
91.246.49.0/24
91.247.177.0/24
185.215.246.0/24
188.253.12.0/22
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
c0:1e:ad:47:b1:5f:29:60:b1:c9:3c:05:a6:c6:1c:57:73:9e:
16:26:55:80:70:51:80:8c:20:e5:f4:98:03:b6:4d:e5:a1:cd:
8a:9d:09:0a:2f:67:35:17:0c:6b:d9:ff:cf:ff:97:e2:ef:d8:
d3:0d:ec:b7:b5:e7:f4:67:34:19:15:b2:71:27:c0:32:da:3a:
74:14:6e:8a:32:cd:0f:4e:d2:58:e9:08:94:df:79:77:39:e3:
8f:f9:54:06:b8:09:cc:16:7d:b9:6c:97:92:02:b7:04:ba:ac:
77:d4:b1:1d:ac:d8:9f:68:12:9c:9d:f5:6c:f6:8d:8c:e2:dd:
9a:07:1b:90:7a:30:14:dc:50:3e:d5:4f:5c:e4:87:aa:d1:64:
96:8f:ee:f5:77:53:2e:51:64:63:98:e6:17:06:e6:d9:dd:ea:
dc:01:54:0c:4f:ce:aa:f5:d5:38:67:11:a4:b6:ae:74:6c:6f:
7f:96:07:be:0d:96:97:81:c9:02:1d:be:62:35:7a:46:84:c4:
ae:4a:86:b2:d2:fb:0f:57:75:68:0c:61:bc:db:32:89:5d:65:
4a:f7:f2:c2:96:31:ec:98:37:b9:5e:e4:1d:57:e7:57:53:4c:
21:b4:0b:85:f9:8a:82:17:d0:ae:0e:f7:ae:ff:75:b1:50:4a:
be:e5:45:33
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY2x+2/vVPWecNx9U6KyeiW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMjE2MTI1NDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGQ4NDZjNjJhMzdkODY5N2VjMDhjYWZiOGVhNzNkYjdiYTNiNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsga4Apa0mMt+woGO9EPjL5gsZfs
USJ+W9ZxtevDE4yfK480HW/+KDE+NY9kHoSrS8v708s0V2iVwKUSfooKeFV2pu1b
hqf/zeHNPSFTS93yZpyqd6kgahxJkjQtJWwgsLOkG0g/VKV0yxmZ6P4qoLT7vuAj
pLLGH7v7yX3mq4ImMfLhrV6TDilMnP4V0jTuv7yEyjk4p/QcvJW7lebXXHPCw8pX
SmD5FXkTBA8x36evPx0IUzZIG0rGQ65+Xg/KzBOB95o/5YuiyWEYShdbIODPQzU3
VSVfRHX7ChQNlKTRwsh2QCZEdzlEncBKaRuhfRUDl3YzEaK90aO/bZrsXQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFBDYRsYqN9hpfsCMr7jqc9t7o7QcMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvRU5oR3hpbzMyR2wtd0l5dnVPcHoyM3VqdEJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBSLYAwQA
UnMNAwQAW/YxAwQAW/exAwQAudf2AwQCvP0MAwQFvP1gMA0EAgACMAcDBQMqBeyA
MA0GCSqGSIb3DQEBCwUAA4IBAQDAHq1HsV8pYLHJPAWmxhxXc54WJlWAcFGAjCDl
9JgDtk3loc2KnQkKL2c1Fwxr2f/P/5fi79jTDey3tef0ZzQZFbJxJ8Ay2jp0FG6K
Ms0PTtJY6QiU33l3OeOP+VQGuAnMFn25bJeSArcEuqx31LEdrNifaBKcnfVs9o2M
4t2aBxuQejAU3FA+1U9c5Ieq0WSWj+71d1MuUWRjmOYXBubZ3ercAVQMT86q9dU4
ZxGktq50bG9/lge+DZaXgckCHb5iNXpGhMSuSoay0vsPV3VoDGG82zKJXWVK9/LC
ljHsmDe5XuQdV+dXU0whtAuF+YqCF9CuDveu/3WxUEq+5UUz
-----END CERTIFICATE-----
Generated at Wed Feb 21 16:51:06 2024 by rpki-client on console-fra.rpki-client.org