Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/swTEesMZOtkMDIYf2C3zg4YxjAE.roa
File: swTEesMZOtkMDIYf2C3zg4YxjAE.roa (raw, json)
Hash identifier: rmN4RDt0FhoZXyhOb3SsYFQs9wF4sT6NERfDPkoHpnM=
Subject key identifier: B3:04:C4:7A:C3:19:3A:D9:0C:0C:86:1F:D8:2D:F3:83:86:31:8C:01
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018F72128087B70E153C6883BE16E8635162
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/swTEesMZOtkMDIYf2C3zg4YxjAE.roa
Signing time: Mon 13 May 2024 13:09:26 +0000
ROA not before: Mon 13 May 2024 13:09:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3209
IP address blocks: 2a01:800::/24 maxlen: 24
2a01:860::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 17 May 2024 14:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:12:80:87:b7:0e:15:3c:68:83:be:16:e8:63:51:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: May 13 13:09:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b304c47ac3193ad90c0c861fd82df38386318c01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:54:a8:b2:92:ed:83:9e:ae:e3:fe:9e:be:2f:
f9:8f:9e:9a:e9:bf:9b:51:11:03:6f:5c:ed:72:ff:
5d:ca:85:a3:e9:bc:7b:36:84:c5:f5:1a:96:b6:71:
7d:68:e9:9c:f0:e1:f9:60:c5:e2:40:63:50:d5:aa:
58:d7:25:4b:e1:c0:a6:2a:61:e1:e0:44:f6:dd:94:
fa:60:57:61:49:35:25:82:98:15:43:4e:a9:8b:cd:
0f:7e:0c:76:4d:dd:65:78:12:ed:f2:bf:9a:89:08:
6b:22:9b:5f:8d:b8:f4:13:be:ef:d6:b9:c8:ba:b1:
ca:cf:9e:7a:00:43:2f:b9:c7:c0:bf:51:b2:b6:24:
67:5f:58:93:ca:77:81:c1:cb:94:73:42:e8:11:68:
a0:be:89:ab:47:25:24:5f:b2:e4:95:21:56:9b:1b:
cc:2a:9c:76:6b:38:dc:4e:5f:23:f4:db:f2:c1:57:
4e:02:bc:a7:fa:cf:70:4c:6e:97:6f:0e:08:9a:4e:
85:75:eb:4d:26:c8:45:89:31:9f:8c:4c:24:07:1f:
7b:5e:f1:18:9c:bc:c1:62:4c:97:a8:10:bc:d3:d5:
69:bd:ac:39:cc:bc:a1:23:9c:03:4d:09:e5:75:d9:
ab:9f:ad:19:c6:77:4f:1d:24:7c:2b:87:bf:d9:59:
39:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:04:C4:7A:C3:19:3A:D9:0C:0C:86:1F:D8:2D:F3:83:86:31:8C:01
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/swTEesMZOtkMDIYf2C3zg4YxjAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:800::/24
Signature Algorithm: sha256WithRSAEncryption
b8:53:b9:a0:19:94:37:0f:7e:b5:52:88:f3:77:3a:3f:ae:ea:
0a:ae:0a:0f:5d:51:e1:cf:04:cc:8c:1b:33:fa:27:76:fd:39:
8b:81:54:e2:9b:59:ac:30:9d:f2:3f:9d:f4:df:9e:06:77:a4:
34:9e:1a:31:db:1d:fb:76:38:06:66:23:36:61:33:28:99:72:
cd:65:b1:da:ff:8a:86:2e:ae:dc:5d:ea:71:42:3a:e3:95:74:
c0:09:a5:a0:9e:5a:8f:90:3a:bd:b7:bf:2e:36:3f:e8:23:29:
74:a0:17:52:b6:6d:69:a5:af:8b:e5:10:f2:3c:f5:f6:b0:f5:
d4:f1:e1:2e:e6:8d:2c:b3:99:2c:1b:38:ad:ae:75:86:39:5f:
53:b9:52:bf:bb:c5:54:9c:11:73:5b:03:d5:c8:87:24:e8:23:
dd:94:83:0d:3e:44:48:1f:08:83:65:7f:8e:e3:3f:cc:93:6a:
b6:cb:b5:f1:1e:e9:33:88:53:64:fd:62:30:0f:97:a0:38:51:
fa:b8:28:2e:da:b8:8e:af:c7:ae:95:f4:7a:0b:b5:da:a3:40:
0d:d7:24:aa:8c:90:64:57:11:6c:1d:c0:eb:7f:c2:c2:95:dc:
a8:2b:b1:43:aa:a2:fc:5c:17:7b:35:d9:eb:12:b3:73:1f:50:
07:5c:aa:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9yEoCHtw4VPGiDvhboY1FiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjQwNTEzMTMwOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzA0YzQ3YWMzMTkzYWQ5MGMwYzg2MWZkODJkZjM4Mzg2MzE4YzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VSospLtg56u4/6evi/5j56a6b+b
UREDb1ztcv9dyoWj6bx7NoTF9RqWtnF9aOmc8OH5YMXiQGNQ1apY1yVL4cCmKmHh
4ET23ZT6YFdhSTUlgpgVQ06pi80Pfgx2Td1leBLt8r+aiQhrIptfjbj0E77v1rnI
urHKz556AEMvucfAv1GytiRnX1iTyneBwcuUc0LoEWigvomrRyUkX7LklSFWmxvM
Kpx2azjcTl8j9NvywVdOAryn+s9wTG6Xbw4Imk6FdetNJshFiTGfjEwkBx97XvEY
nLzBYkyXqBC809Vpvaw5zLyhI5wDTQnlddmrn60ZxndPHSR8K4e/2Vk5YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMExHrDGTrZDAyGH9gt84OGMYwBMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvc3dURWVzTVpPdGtNRElZZjJDM3pnNFl4akFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQAKgEIMA0G
CSqGSIb3DQEBCwUAA4IBAQC4U7mgGZQ3D361Uojzdzo/ruoKrgoPXVHhzwTMjBsz
+id2/TmLgVTim1msMJ3yP530354Gd6Q0nhox2x37djgGZiM2YTMomXLNZbHa/4qG
Lq7cXepxQjrjlXTACaWgnlqPkDq9t78uNj/oIyl0oBdStm1ppa+L5RDyPPX2sPXU
8eEu5o0ss5ksGzitrnWGOV9TuVK/u8VUnBFzWwPVyIck6CPdlIMNPkRIHwiDZX+O
4z/Mk2q2y7XxHukziFNk/WIwD5egOFH6uCgu2riOr8eulfR6C7Xao0AN1ySqjJBk
VxFsHcDrf8LCldyoK7FDqqL8XBd7NdnrErNzH1AHXKrR
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:16:04 2025 by rpki-client