Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/ShWT_KulWadt0mQwvcR7AMy-HEc.roa
File: ShWT_KulWadt0mQwvcR7AMy-HEc.roa (raw, json)
Hash identifier: 8IOhWJ319ZWm5MmDKe4ZfA85BDyWLDHoFubMZwcKh5U=
Subject key identifier: 4A:15:93:FC:AB:A5:59:A7:6D:D2:64:30:BD:C4:7B:00:CC:BE:1C:47
Certificate issuer: /CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Certificate serial: 019026379322E3C6BC9D3DD314974ECEC7A1
Authority key identifier: A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/ShWT_KulWadt0mQwvcR7AMy-HEc.roa
Signing time: Mon 17 Jun 2024 12:41:34 +0000
ROA not before: Mon 17 Jun 2024 12:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199799
IP address blocks: 185.45.96.0/24 maxlen: 24
2a04:a180::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:26:37:93:22:e3:c6:bc:9d:3d:d3:14:97:4e:ce:c7:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Validity
Not Before: Jun 17 12:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a1593fcaba559a76dd26430bdc47b00ccbe1c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:74:93:a2:2b:68:7f:8a:fe:97:a7:91:46:f2:
82:ce:50:0d:93:93:16:36:18:a6:22:05:8b:c1:d2:
01:8b:80:63:48:99:32:93:9c:40:d6:e3:3f:d1:33:
e7:49:a9:7b:cd:ab:32:a8:2a:90:95:2c:05:29:3a:
fe:ed:3f:f3:49:d9:5e:b9:ec:6d:62:ed:6b:d1:c2:
ae:aa:43:5c:69:17:83:89:d3:be:51:49:f3:13:99:
29:69:00:d1:f5:ad:0c:a2:58:3c:20:d5:c3:d6:a2:
57:67:1f:78:55:9e:4b:6a:94:24:2f:14:ea:ec:fa:
30:7e:ed:ee:20:b2:83:a5:c9:84:f2:e4:c3:76:a7:
df:9a:09:86:68:eb:f1:ab:97:9f:38:25:e0:02:3f:
77:77:1a:c4:e5:00:0f:bc:2a:3d:60:bc:5b:c4:60:
38:0a:8c:94:51:d5:40:b9:6b:14:5f:ab:89:42:7a:
ed:a2:28:e2:fe:3d:2a:d8:b4:c3:ce:c5:00:32:13:
d0:f3:13:22:d8:3d:bd:69:e3:89:e1:14:f7:cc:ad:
38:ce:e5:7d:ca:14:60:2a:95:88:25:56:83:15:da:
59:d0:ae:ff:78:c8:da:bd:e7:da:6b:74:5c:c2:56:
b8:21:c7:af:cd:93:f5:fb:7b:ee:bf:3e:95:16:ee:
b7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:15:93:FC:AB:A5:59:A7:6D:D2:64:30:BD:C4:7B:00:CC:BE:1C:47
X509v3 Authority Key Identifier:
keyid:A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/ShWT_KulWadt0mQwvcR7AMy-HEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.96.0/24
IPv6:
2a04:a180::/32
Signature Algorithm: sha256WithRSAEncryption
61:14:8d:47:65:04:49:a2:ad:d4:48:de:9b:d2:52:fb:81:54:
36:9c:2f:d0:8f:cd:88:82:cd:be:a7:b0:d7:35:ad:59:7b:b3:
ae:1d:4c:8c:73:4a:6a:d0:1a:e3:91:8d:82:92:18:68:6b:fb:
ec:72:07:02:af:8d:0a:a7:3d:50:dc:0b:36:ec:e0:8a:59:65:
53:44:7e:b3:b6:15:b3:bf:90:c3:ca:b0:4e:b4:c0:90:ba:e1:
30:23:67:ba:86:30:8d:02:f0:84:87:86:a6:20:e3:eb:f4:d5:
55:9a:a8:24:bd:e6:78:d2:9d:95:e5:bf:de:f9:58:47:5e:bf:
4a:3c:20:b5:e0:14:b1:20:58:ed:d0:ac:76:14:81:5e:01:35:
c0:6d:21:f2:60:0f:5c:22:f0:d4:f6:b9:2d:06:8d:6c:37:39:
95:72:4b:f0:52:aa:4d:2d:82:9d:06:81:26:bc:66:dc:a3:f7:
14:65:84:55:91:3e:94:31:1b:03:6d:98:2e:9f:e5:e3:50:0b:
af:b6:38:73:6e:91:d8:6c:72:41:66:7f:85:9d:6f:b3:52:11:
81:39:33:db:2b:8e:d4:90:e6:3a:f4:c3:cb:52:8d:94:eb:70:
34:8b:cc:33:05:07:f9:7e:2a:3d:de:50:4f:f1:f0:59:a3:09:
a5:26:f2:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZAmN5Mi48a8nT3TFJdOzsehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyY2EzN2RlZDFiNzBjODFiNzRhNDMwZjliNGQ3YWNjNjI4
MDVlZDgwHhcNMjQwNjE3MTI0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTE1OTNmY2FiYTU1OWE3NmRkMjY0MzBiZGM0N2IwMGNjYmUxYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XSToitof4r+l6eRRvKCzlANk5MW
NhimIgWLwdIBi4BjSJkyk5xA1uM/0TPnSal7zasyqCqQlSwFKTr+7T/zSdleuext
Yu1r0cKuqkNcaReDidO+UUnzE5kpaQDR9a0Molg8INXD1qJXZx94VZ5LapQkLxTq
7Powfu3uILKDpcmE8uTDdqffmgmGaOvxq5efOCXgAj93dxrE5QAPvCo9YLxbxGA4
CoyUUdVAuWsUX6uJQnrtoiji/j0q2LTDzsUAMhPQ8xMi2D29aeOJ4RT3zK04zuV9
yhRgKpWIJVaDFdpZ0K7/eMjavefaa3Rcwla4IcevzZP1+3vuvz6VFu63swIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEoVk/yrpVmnbdJkML3EewDMvhxHMB8GA1UdIwQY
MBaAFKLKN97RtwyBt0pDD5tNesxigF7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2Yt
MzA2MTg5ZDVjMDQ5LzEvU2hXVF9LdWxXYWR0MG1Rd3ZjUjdBTXktSEVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2YtMzA2MTg5ZDVjMDQ5
LzEvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuS1gMA0E
AgACMAcDBQAqBKGAMA0GCSqGSIb3DQEBCwUAA4IBAQBhFI1HZQRJoq3USN6b0lL7
gVQ2nC/Qj82Igs2+p7DXNa1Ze7OuHUyMc0pq0BrjkY2Ckhhoa/vscgcCr40Kpz1Q
3As27OCKWWVTRH6zthWzv5DDyrBOtMCQuuEwI2e6hjCNAvCEh4amIOPr9NVVmqgk
veZ40p2V5b/e+VhHXr9KPCC14BSxIFjt0Kx2FIFeATXAbSHyYA9cIvDU9rktBo1s
NzmVckvwUqpNLYKdBoEmvGbco/cUZYRVkT6UMRsDbZgun+XjUAuvtjhzbpHYbHJB
Zn+FnW+zUhGBOTPbK47UkOY69MPLUo2U63A0i8wzBQf5fio93lBP8fBZowmlJvIS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:56 2025 by rpki-client