Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1e6f2-dd5a-4483-8fdb-fee26a1c43d9/1/swzDSC3RvpU4toiLCvWzQ3YkJgU.roa
File: swzDSC3RvpU4toiLCvWzQ3YkJgU.roa (raw, json)
Hash identifier: 2fmvOCs3FtDEDhRU+5hdUMR2tL2JyzDoZB/BLuCf4sc=
Subject key identifier: B3:0C:C3:48:2D:D1:BE:95:38:B6:88:8B:0A:F5:B3:43:76:24:26:05
Certificate issuer: /CN=f8fc3590bf49afb42ce44a8c174c44161b8fc209
Certificate serial: 018D597897FB29202B6FF3F2830C45511F53
Authority key identifier: F8:FC:35:90:BF:49:AF:B4:2C:E4:4A:8C:17:4C:44:16:1B:8F:C2:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Pw1kL9Jr7Qs5EqMF0xEFhuPwgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1e6f2-dd5a-4483-8fdb-fee26a1c43d9/1/swzDSC3RvpU4toiLCvWzQ3YkJgU.roa
Signing time: Tue 30 Jan 2024 08:24:51 +0000
ROA not before: Tue 30 Jan 2024 08:24:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24953
IP address blocks: 185.20.236.0/22 maxlen: 22
185.232.188.0/22 maxlen: 22
2a00:5320::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 07 Feb 2024 10:36:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:78:97:fb:29:20:2b:6f:f3:f2:83:0c:45:51:1f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8fc3590bf49afb42ce44a8c174c44161b8fc209
Validity
Not Before: Jan 30 08:24:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b30cc3482dd1be9538b6888b0af5b34376242605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0d:4d:c7:d7:c3:18:6f:5c:4c:a4:6e:6f:93:
7f:9c:f7:f4:70:c5:4d:54:7d:a5:b6:09:c6:b2:b8:
af:ca:05:79:50:5f:34:c5:3a:39:5f:b3:5a:ff:1c:
e5:ec:18:52:b8:df:35:58:29:51:a1:9d:3e:00:ef:
e4:1f:bd:41:a1:99:f6:38:01:66:72:47:e4:ce:4b:
bf:37:22:bb:cd:ac:09:9e:70:84:ae:66:05:f7:3b:
c3:24:81:a6:97:f5:d7:cc:dc:97:08:5d:8a:0f:93:
d4:20:92:d2:eb:32:11:c5:f2:71:c1:6f:78:05:45:
5d:85:9a:02:cb:34:21:63:91:c1:16:3f:41:16:64:
6d:1f:fe:cf:b4:3b:90:6d:f4:3e:41:81:04:7a:b8:
02:91:25:68:d7:5c:59:a8:4f:97:ef:74:36:2e:f7:
f1:41:e5:e2:9e:99:13:36:df:c9:ee:6f:9a:ac:e0:
75:80:30:07:43:29:29:88:7b:19:8e:98:de:0a:02:
de:82:4c:43:a2:2e:a7:2c:89:82:d6:53:46:2b:63:
e6:c3:dc:f7:74:c3:98:c8:24:3d:15:7f:fd:03:51:
d7:ce:e8:3f:df:1e:c9:0b:7b:17:fd:bf:11:85:85:
76:96:aa:60:dd:f5:d7:e2:71:fa:f1:68:4c:c0:e7:
51:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:0C:C3:48:2D:D1:BE:95:38:B6:88:8B:0A:F5:B3:43:76:24:26:05
X509v3 Authority Key Identifier:
keyid:F8:FC:35:90:BF:49:AF:B4:2C:E4:4A:8C:17:4C:44:16:1B:8F:C2:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Pw1kL9Jr7Qs5EqMF0xEFhuPwgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1e6f2-dd5a-4483-8fdb-fee26a1c43d9/1/swzDSC3RvpU4toiLCvWzQ3YkJgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1e6f2-dd5a-4483-8fdb-fee26a1c43d9/1/1-Pw1kL9Jr7Qs5EqMF0xEFhuPwgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.236.0/22
185.232.188.0/22
IPv6:
2a00:5320::/32
Signature Algorithm: sha256WithRSAEncryption
9b:95:fd:d8:dc:13:95:4e:a7:aa:65:0c:5d:98:59:c7:cd:d2:
a9:0d:16:61:9e:29:f3:55:e3:81:95:be:63:c5:03:29:51:72:
72:05:f8:7d:eb:92:13:0e:6a:90:03:62:07:83:b2:99:47:1d:
61:d4:d6:0e:f9:74:01:de:2b:90:79:8b:41:ff:74:8d:60:9d:
a4:b2:d4:52:04:c9:42:b1:5c:f5:ce:b7:7c:8a:38:fc:0b:a8:
06:3e:81:df:d5:46:b2:9c:ee:80:7d:67:fb:c0:39:72:54:db:
4e:15:c4:9d:14:1b:9e:ee:70:0d:64:ae:35:27:e9:29:d9:08:
cf:97:34:4d:6d:81:7c:d7:28:3d:f5:b9:d0:5d:e8:1e:2f:ac:
53:25:26:42:27:f6:02:8e:72:31:dd:92:69:8b:b1:df:b5:a3:
de:50:9c:43:4d:b7:ee:6c:b1:3f:13:78:34:5f:55:96:73:ee:
af:53:4b:79:4b:3c:96:bb:ee:a7:7f:27:25:fe:52:94:04:62:
89:80:aa:1f:e0:2a:9c:96:07:70:5d:db:92:b7:fd:71:52:70:
d0:0f:da:e8:14:8d:2d:fb:80:89:21:7e:3b:76:0c:37:29:c7:
a7:61:43:81:ee:71:bc:f7:41:ff:10:01:fa:10:31:64:99:0a:
b7:ba:76:b2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY1ZeJf7KSArb/PygwxFUR9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZmMzNTkwYmY0OWFmYjQyY2U0NGE4YzE3NGM0NDE2MWI4
ZmMyMDkwHhcNMjQwMTMwMDgyNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzBjYzM0ODJkZDFiZTk1MzhiNjg4OGIwYWY1YjM0Mzc2MjQyNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkw1Nx9fDGG9cTKRub5N/nPf0cMVN
VH2ltgnGsrivygV5UF80xTo5X7Na/xzl7BhSuN81WClRoZ0+AO/kH71BoZn2OAFm
ckfkzku/NyK7zawJnnCErmYF9zvDJIGml/XXzNyXCF2KD5PUIJLS6zIRxfJxwW94
BUVdhZoCyzQhY5HBFj9BFmRtH/7PtDuQbfQ+QYEEergCkSVo11xZqE+X73Q2Lvfx
QeXinpkTNt/J7m+arOB1gDAHQykpiHsZjpjeCgLegkxDoi6nLImC1lNGK2Pmw9z3
dMOYyCQ9FX/9A1HXzug/3x7JC3sX/b8RhYV2lqpg3fXX4nH68WhMwOdRRQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLMMw0gt0b6VOLaIiwr1s0N2JCYFMB8GA1UdIwQY
MBaAFPj8NZC/Sa+0LORKjBdMRBYbj8IJMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1QdzFrTDlKcjdRczVFcU1GMHhFRmh1UHdnay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYTFlNmYyLWRkNWEtNDQ4My04ZmRi
LWZlZTI2YTFjNDNkOS8xL3N3ekRTQzNSdnBVNHRvaUxDdld6UTNZa0pnVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvYTFlNmYyLWRkNWEtNDQ4My04ZmRiLWZlZTI2YTFjNDNk
OS8xLzEtUHcxa0w5SnI3UXM1RXFNRjB4RUZodVB3Z2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5FOwD
BAK56LwwDQQCAAIwBwMFACoAUyAwDQYJKoZIhvcNAQELBQADggEBAJuV/djcE5VO
p6plDF2YWcfN0qkNFmGeKfNV44GVvmPFAylRcnIF+H3rkhMOapADYgeDsplHHWHU
1g75dAHeK5B5i0H/dI1gnaSy1FIEyUKxXPXOt3yKOPwLqAY+gd/VRrKc7oB9Z/vA
OXJU204VxJ0UG57ucA1krjUn6SnZCM+XNE1tgXzXKD31udBd6B4vrFMlJkIn9gKO
cjHdkmmLsd+1o95QnENNt+5ssT8TeDRfVZZz7q9TS3lLPJa77qd/JyX+UpQEYomA
qh/gKpyWB3Bd25K3/XFScNAP2ugUjS37gIkhfjt2DDcpx6dhQ4Hucbz3Qf8QAfoQ
MWSZCre6drI=
-----END CERTIFICATE-----
Generated at Wed Feb 7 14:43:11 2024 by rpki-client on console-fra.rpki-client.org