Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SwGmqSP-5N5lPm_-5bNT6FlrH_g.roa
File: SwGmqSP-5N5lPm_-5bNT6FlrH_g.roa (raw, json)
Hash identifier: qnMJj5lum1lvtKkL8lbC74ElAYgY3X+cNwA/AwZ4zCc=
Subject key identifier: 4B:01:A6:A9:23:FE:E4:DE:65:3E:6F:FE:E5:B3:53:E8:59:6B:1F:F8
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0193063204FB5FA8EA07CBC36B112644D5BF
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SwGmqSP-5N5lPm_-5bNT6FlrH_g.roa
Signing time: Thu 07 Nov 2024 10:36:01 +0000
ROA not before: Thu 07 Nov 2024 10:36:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
77.90.42.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
77.90.55.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.138.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 05:11:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:06:32:04:fb:5f:a8:ea:07:cb:c3:6b:11:26:44:d5:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Nov 7 10:36:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b01a6a923fee4de653e6ffee5b353e8596b1ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2a:06:67:14:be:57:0c:0f:cd:8e:5c:c3:11:
70:0e:d9:0a:56:48:ac:2f:75:b6:bf:22:52:a2:d8:
5d:34:d7:84:8b:23:bf:d6:60:50:d9:9e:69:75:94:
19:5c:b3:f6:de:5c:97:ef:a4:d2:6b:02:fb:0d:11:
07:22:4f:15:17:e9:97:1e:19:23:4f:73:48:f0:b6:
60:80:6b:ad:2f:ab:13:ee:c1:b1:25:02:23:9b:04:
53:f9:a3:f4:39:10:20:60:ed:e9:10:df:6b:4a:69:
54:fd:9e:c2:d2:3f:54:95:a4:8c:6e:d4:c1:e1:21:
a5:95:b3:06:09:93:82:aa:6e:5b:0d:24:a2:fd:ee:
c5:a1:e4:67:ca:93:05:44:ac:b2:1f:b7:ad:e2:95:
6b:89:dd:86:62:38:8f:20:f1:75:8d:30:96:7b:05:
ad:8e:81:5e:0c:20:4a:dd:98:30:25:69:9b:a4:3c:
77:82:bb:d8:63:1c:7c:db:f5:53:5d:58:db:2c:33:
ff:7c:ea:19:09:8a:d7:59:1c:25:0d:81:17:f6:65:
d8:36:4a:40:0f:d8:7f:20:a9:28:dd:89:21:df:62:
61:5c:ff:db:8a:49:be:08:75:e4:78:68:a1:88:a8:
9b:a6:4b:d2:46:43:91:88:a0:e1:8e:af:a9:88:51:
ae:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:01:A6:A9:23:FE:E4:DE:65:3E:6F:FE:E5:B3:53:E8:59:6B:1F:F8
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SwGmqSP-5N5lPm_-5bNT6FlrH_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
5.231.70.0/24
77.90.42.0/24
77.90.54.0/23
85.118.162.0/24
87.239.131.0/24
94.249.138.0/24
94.249.148.0/24
Signature Algorithm: sha256WithRSAEncryption
43:f1:d9:f3:5d:dd:3a:bd:a9:7e:c0:cb:1b:b3:8d:5f:8d:56:
3a:6e:f5:f6:2d:b5:69:7b:25:23:62:2d:05:63:62:56:1e:35:
b6:ec:a0:8f:f2:6e:00:04:2c:50:e1:06:e3:63:af:36:a7:cc:
64:53:b7:9c:fe:72:49:ca:13:30:e3:06:48:6c:d6:6b:b6:95:
71:c5:0d:74:ec:4d:4f:10:e5:36:f0:29:6f:7c:4a:92:a5:2f:
1b:1c:95:c7:c9:7e:4b:0a:4e:c1:c6:14:ff:21:93:c5:81:c8:
40:ee:99:35:b1:14:e2:ab:8b:c4:a8:61:d8:32:54:fd:25:ea:
a4:0b:4f:01:87:b5:dc:4f:c4:a3:7a:4c:79:80:ae:f5:98:1a:
31:52:92:22:57:de:ff:9c:a5:46:44:0a:cd:23:f9:33:7d:06:
a0:cf:fd:b4:56:58:26:fe:53:22:f7:37:59:d1:5b:2c:ba:de:
a7:e9:e7:be:c7:db:14:94:98:fb:69:53:6f:6e:c5:f7:a9:66:
f3:11:8e:35:d9:65:e2:8c:06:38:a8:cb:76:f6:80:aa:e9:6d:
77:9d:97:16:19:b5:3f:0f:7d:9e:88:79:5e:ac:4e:c5:94:aa:
6d:55:cd:80:43:c1:9d:c7:d2:39:87:ff:6a:12:07:73:8a:7e:
16:c3:30:7d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZMGMgT7X6jqB8vDaxEmRNW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMTA3MTAzNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjAxYTZhOTIzZmVlNGRlNjUzZTZmZmVlNWIzNTNlODU5NmIxZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyoGZxS+VwwPzY5cwxFwDtkKVkis
L3W2vyJSothdNNeEiyO/1mBQ2Z5pdZQZXLP23lyX76TSawL7DREHIk8VF+mXHhkj
T3NI8LZggGutL6sT7sGxJQIjmwRT+aP0ORAgYO3pEN9rSmlU/Z7C0j9UlaSMbtTB
4SGllbMGCZOCqm5bDSSi/e7FoeRnypMFRKyyH7et4pVrid2GYjiPIPF1jTCWewWt
joFeDCBK3ZgwJWmbpDx3grvYYxx82/VTXVjbLDP/fOoZCYrXWRwlDYEX9mXYNkpA
D9h/IKko3Ykh32JhXP/bikm+CHXkeGihiKibpkvSRkORiKDhjq+piFGuqwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEsBpqkj/uTeZT5v/uWzU+hZax/4MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvU3dHbXFTUC01TjVsUG1fLTViTlQ2RmxySF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABVOBAwQA
Ba+KAwQABedGAwQATVoqAwQBTVo2AwQAVXaiAwQAV++DAwQAXvmKAwQAXvmUMA0G
CSqGSIb3DQEBCwUAA4IBAQBD8dnzXd06val+wMsbs41fjVY6bvX2LbVpeyUjYi0F
Y2JWHjW27KCP8m4ABCxQ4QbjY682p8xkU7ec/nJJyhMw4wZIbNZrtpVxxQ107E1P
EOU28ClvfEqSpS8bHJXHyX5LCk7BxhT/IZPFgchA7pk1sRTiq4vEqGHYMlT9Jeqk
C08Bh7XcT8Sjekx5gK71mBoxUpIiV97/nKVGRArNI/kzfQagz/20Vlgm/lMi9zdZ
0Vssut6n6ee+x9sUlJj7aVNvbsX3qWbzEY412WXijAY4qMt29oCq6W13nZcWGbU/
D32eiHlerE7FlKptVc2AQ8Gdx9I5h/9qEgdzin4WwzB9
-----END CERTIFICATE-----
Generated at Mon Nov 11 08:16:55 2024 by rpki-client on console-ams.rpki-client.org