Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/sxwSPYZuuwq0H1vgT7wGs0k4APY.roa
File: sxwSPYZuuwq0H1vgT7wGs0k4APY.roa (raw, json)
Hash identifier: QzC7nrFqUy75JzvnmK6uLBGswObsI0YYgWWmbSMh9nA=
Subject key identifier: B3:1C:12:3D:86:6E:BB:0A:B4:1F:5B:E0:4F:BC:06:B3:49:38:00:F6
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018EA911B6133069B0464E32C4FF3611C780
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/sxwSPYZuuwq0H1vgT7wGs0k4APY.roa
Signing time: Thu 04 Apr 2024 12:24:54 +0000
ROA not before: Thu 04 Apr 2024 12:24:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199404
IP address blocks: 69.57.172.0/24 maxlen: 24
190.92.174.0/24 maxlen: 24
190.92.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 12:37:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:11:b6:13:30:69:b0:46:4e:32:c4:ff:36:11:c7:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Apr 4 12:24:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b31c123d866ebb0ab41f5be04fbc06b3493800f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:09:23:4f:e8:9d:20:e4:9a:30:ab:ce:1c:3f:
93:f7:62:97:4b:ee:33:9e:53:1a:c7:c8:77:bd:3d:
1a:59:16:76:a0:b3:ea:4f:d2:39:35:82:aa:f0:64:
55:49:59:1d:00:a2:e9:d5:0a:16:17:3b:a0:a8:4d:
71:d7:2a:00:88:2f:b0:3f:0a:55:7b:6e:9b:66:51:
e5:3d:69:e4:39:57:f7:e7:f6:08:64:32:d5:99:8f:
fb:01:cc:38:35:30:fc:84:d2:7b:16:82:55:e2:c2:
af:66:8b:5c:c7:c4:fc:2b:d8:09:d5:73:ae:73:f8:
43:04:6d:ad:59:8a:5a:ae:dc:fd:13:91:18:98:a7:
b5:a6:e9:83:ad:ef:9c:15:13:49:49:45:29:ae:34:
e1:4a:1b:49:0d:3b:c3:9e:d4:76:6f:69:72:6d:e2:
42:c0:8c:af:9f:e6:b5:1c:c1:00:a7:e0:9a:29:72:
50:1a:70:78:dd:c6:a9:da:7b:72:a2:26:08:d0:e4:
7f:f7:87:3a:ab:46:45:c1:53:75:76:77:39:22:1d:
42:1e:5a:c4:db:7a:d1:ff:97:fc:fd:ce:e9:a7:fc:
3d:e7:15:7b:8f:af:98:87:9e:cb:b3:48:78:16:08:
3d:9b:bb:de:dc:03:d9:78:cb:fc:e1:3b:5f:2d:ff:
b9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1C:12:3D:86:6E:BB:0A:B4:1F:5B:E0:4F:BC:06:B3:49:38:00:F6
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/sxwSPYZuuwq0H1vgT7wGs0k4APY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.57.172.0/24
190.92.174.0/23
Signature Algorithm: sha256WithRSAEncryption
36:84:16:cd:dc:f5:3c:98:a5:a7:9d:3c:e2:c4:4a:51:1e:ac:
49:d6:d6:78:7c:62:57:60:13:98:22:6f:c0:32:cf:a0:65:14:
47:3d:fe:fe:6a:d6:ae:96:b4:22:b0:2c:6f:5c:98:d3:69:31:
49:17:a2:2e:07:cb:ad:0c:5e:9d:26:c4:d3:db:21:4c:32:a9:
99:53:fc:0d:31:9d:1e:e9:56:c7:fd:bf:f2:c5:83:3d:87:93:
24:c8:4d:2a:40:b4:5c:23:e9:f8:d2:1a:ac:8f:3e:a9:a1:e5:
30:61:69:6f:13:f1:17:8a:43:13:68:2b:c6:cd:78:ca:1f:9c:
3e:ef:57:4f:c6:56:97:e6:3b:47:a1:a4:48:f5:e1:38:2c:76:
fb:10:c2:34:ce:2e:d8:b2:5a:ef:ec:61:67:c7:73:f8:7c:aa:
52:97:6c:ad:c1:63:90:7a:fd:21:3d:08:dd:c4:f3:9f:e0:86:
d2:c7:3e:74:ea:cd:44:db:3b:d2:b6:ed:6d:ef:2d:56:18:d0:
33:ac:84:6c:b0:0b:52:68:05:fa:d0:53:10:48:8a:31:91:ea:
23:e1:a6:49:4c:34:bc:81:7c:20:f0:0a:0d:ec:9a:3d:db:fd:
9f:6c:05:3a:4c:ba:ba:83:eb:d3:84:b3:84:b2:2c:e1:c8:ce:
e4:4d:3c:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6pEbYTMGmwRk4yxP82EceAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwNDA0MTIyNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzFjMTIzZDg2NmViYjBhYjQxZjViZTA0ZmJjMDZiMzQ5MzgwMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgkjT+idIOSaMKvOHD+T92KXS+4z
nlMax8h3vT0aWRZ2oLPqT9I5NYKq8GRVSVkdAKLp1QoWFzugqE1x1yoAiC+wPwpV
e26bZlHlPWnkOVf35/YIZDLVmY/7Acw4NTD8hNJ7FoJV4sKvZotcx8T8K9gJ1XOu
c/hDBG2tWYpartz9E5EYmKe1pumDre+cFRNJSUUprjThShtJDTvDntR2b2lybeJC
wIyvn+a1HMEAp+CaKXJQGnB43cap2ntyoiYI0OR/94c6q0ZFwVN1dnc5Ih1CHlrE
23rR/5f8/c7pp/w95xV7j6+Yh57Ls0h4Fgg9m7ve3APZeMv84TtfLf+5xQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLMcEj2GbrsKtB9b4E+8BrNJOAD2MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvc3h3U1BZWnV1d3EwSDF2Z1Q3d0dzMGs0QVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQARTmsAwQB
vlyuMA0GCSqGSIb3DQEBCwUAA4IBAQA2hBbN3PU8mKWnnTzixEpRHqxJ1tZ4fGJX
YBOYIm/AMs+gZRRHPf7+ataulrQisCxvXJjTaTFJF6IuB8utDF6dJsTT2yFMMqmZ
U/wNMZ0e6VbH/b/yxYM9h5MkyE0qQLRcI+n40hqsjz6poeUwYWlvE/EXikMTaCvG
zXjKH5w+71dPxlaX5jtHoaRI9eE4LHb7EMI0zi7Yslrv7GFnx3P4fKpSl2ytwWOQ
ev0hPQjdxPOf4IbSxz506s1E2zvStu1t7y1WGNAzrIRssAtSaAX60FMQSIoxkeoj
4aZJTDS8gXwg8AoN7Jo92/2fbAU6TLq6g+vThLOEsizhyM7kTTzE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:49 2024 by rpki-client on console-fra.rpki-client.org