Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/sweTKyfRSTMf2KpRqfKOS2KsxAk.roa
File: sweTKyfRSTMf2KpRqfKOS2KsxAk.roa (raw, json)
Hash identifier: 3T1CztBDTLuO9tlsmmNJ8iWfmyvIeGm+e6XaoKd/V30=
Subject key identifier: B3:07:93:2B:27:D1:49:33:1F:D8:AA:51:A9:F2:8E:4B:62:AC:C4:09
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018AB6DBDE99E8A8D83E69B82F4FAF576374
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/sweTKyfRSTMf2KpRqfKOS2KsxAk.roa
Signing time: Thu 21 Sep 2023 08:29:37 +0000
ROA not before: Thu 21 Sep 2023 08:29:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43519
IP address blocks: 213.248.254.0/24 maxlen: 24
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 21 Sep 2023 10:58:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:db:de:99:e8:a8:d8:3e:69:b8:2f:4f:af:57:63:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 21 08:29:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b307932b27d149331fd8aa51a9f28e4b62acc409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:62:c2:95:0f:28:d7:a7:0c:c4:37:82:d0:01:
47:7c:fd:43:46:8e:74:ad:ea:9b:57:c2:a8:5d:fd:
44:1f:73:cf:1b:43:99:14:fd:5f:ba:ed:e2:c5:e5:
ea:b3:77:fb:04:14:19:f6:f1:b1:5f:a2:34:2e:47:
4c:72:f9:67:25:28:eb:af:f3:ab:c5:a2:de:a3:1b:
64:94:af:fd:ac:77:48:0e:7a:65:dc:1f:77:05:0e:
29:dc:06:6a:67:60:99:b8:4f:62:99:0b:98:40:e3:
5a:fd:4d:35:7f:5e:9a:d7:e5:50:ac:0e:9a:5c:8c:
94:08:fb:9f:df:22:9a:b3:09:22:42:05:e7:99:4e:
55:7e:87:5a:03:6b:ed:e2:a9:b9:93:02:3d:ca:ef:
b3:de:e8:c2:79:78:34:54:0a:55:94:e4:e2:f1:f7:
98:64:cc:fe:48:2e:48:6e:dd:cc:12:4a:eb:84:25:
65:c8:b7:ae:83:7b:22:56:a8:69:08:f2:94:99:f5:
61:0c:0d:67:a5:aa:00:c5:c4:78:c5:36:68:f3:70:
33:c6:45:d1:42:c8:c4:71:69:9f:97:b6:3f:85:16:
c7:8e:14:25:46:76:26:22:47:f2:d1:87:db:4d:3b:
fe:10:eb:95:6f:e3:95:97:08:9a:92:30:7f:e0:0f:
ce:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:07:93:2B:27:D1:49:33:1F:D8:AA:51:A9:F2:8E:4B:62:AC:C4:09
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/sweTKyfRSTMf2KpRqfKOS2KsxAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.254.0/24
IPv6:
2a01:618:400::/47
2a01:618:403::-2a01:618:404:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5d:25:3d:8c:cb:f5:45:65:cf:60:bb:f0:04:0b:bb:55:b1:a5:
51:eb:73:14:82:45:f8:72:c8:af:3d:c3:cd:72:84:ba:9c:32:
e8:9d:98:d3:8b:6d:a2:d0:e2:c7:11:6c:79:34:ce:0b:11:38:
a9:e3:a9:18:fa:35:7c:4b:2e:0e:ba:44:a9:ef:fe:b1:e1:ea:
c0:93:9e:10:0b:6e:8d:f8:aa:82:9d:8c:ad:05:86:e3:ec:06:
52:fa:46:11:6e:eb:a4:4c:2e:23:bd:4c:26:0f:23:8b:3a:d3:
41:32:31:70:2a:89:e6:ac:75:ee:41:ab:f9:ad:13:cd:c1:fe:
b9:9d:97:07:48:d2:59:e9:42:8a:18:39:57:d2:94:f9:95:1c:
f6:4d:0a:ba:f5:e4:06:fb:a6:65:87:05:2f:36:67:18:9f:fb:
8c:9a:eb:3b:be:a7:6f:35:c4:3d:4a:cc:c3:92:e1:b9:2b:07:
16:b1:9a:fd:61:ee:6f:fc:ee:93:93:3f:27:75:84:f3:4a:e1:
b3:f8:dc:69:d8:8c:c6:f0:ad:d5:58:02:e3:14:95:6f:8a:6c:
80:52:5b:48:c8:ea:a3:e8:06:98:37:eb:dd:ab:87:ff:58:fc:
02:dc:cf:61:b0:fe:b8:ac:69:9c:61:cf:0c:c0:41:21:fb:01:
c7:2f:a4:0d
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYq2296Z6KjYPmm4L0+vV2N0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTIxMDgyOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzA3OTMyYjI3ZDE0OTMzMWZkOGFhNTFhOWYyOGU0YjYyYWNjNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2LClQ8o16cMxDeC0AFHfP1DRo50
reqbV8KoXf1EH3PPG0OZFP1fuu3ixeXqs3f7BBQZ9vGxX6I0LkdMcvlnJSjrr/Or
xaLeoxtklK/9rHdIDnpl3B93BQ4p3AZqZ2CZuE9imQuYQONa/U01f16a1+VQrA6a
XIyUCPuf3yKaswkiQgXnmU5VfodaA2vt4qm5kwI9yu+z3ujCeXg0VApVlOTi8feY
ZMz+SC5Ibt3MEkrrhCVlyLeug3siVqhpCPKUmfVhDA1npaoAxcR4xTZo83AzxkXR
QsjEcWmfl7Y/hRbHjhQlRnYmIkfy0YfbTTv+EOuVb+OVlwiakjB/4A/OEwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFLMHkysn0UkzH9iqUanyjktirMQJMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvc3dlVEt5ZlJTVE1mMktwUnFmS09TMktzeEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQA1fj+MCME
AgACMB0DBwEqAQYYBAAwEgMHACoBBhgEAwMHACoBBhgEBDANBgkqhkiG9w0BAQsF
AAOCAQEAXSU9jMv1RWXPYLvwBAu7VbGlUetzFIJF+HLIrz3DzXKEupwy6J2Y04tt
otDixxFseTTOCxE4qeOpGPo1fEsuDrpEqe/+seHqwJOeEAtujfiqgp2MrQWG4+wG
UvpGEW7rpEwuI71MJg8jizrTQTIxcCqJ5qx17kGr+a0TzcH+uZ2XB0jSWelCihg5
V9KU+ZUc9k0KuvXkBvumZYcFLzZnGJ/7jJrrO76nbzXEPUrMw5LhuSsHFrGa/WHu
b/zuk5M/J3WE80rhs/jcadiMxvCt1VgC4xSVb4psgFJbSMjqo+gGmDfr3auH/1j8
AtzPYbD+uKxpnGHPDMBBIfsBxy+kDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org