Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/SWHjFqhcREgRKrtBsO53JRexIv0.roa
File: SWHjFqhcREgRKrtBsO53JRexIv0.roa (raw, json)
Hash identifier: A4mO+0fjsnptEy5iHzGjqHlb5LQIaZIL9v5ZWiTUb10=
Subject key identifier: 49:61:E3:16:A8:5C:44:48:11:2A:BB:41:B0:EE:77:25:17:B1:22:FD
Certificate issuer: /CN=3b3daef89306a75f0b88191440742a720afb3f20
Certificate serial: 01856BCA244CF122A13D945B42F9A1912BCC
Authority key identifier: 3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/SWHjFqhcREgRKrtBsO53JRexIv0.roa
Signing time: Sun 01 Jan 2023 05:24:47 +0000
ROA not before: Sun 01 Jan 2023 05:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24796
IP address blocks: 193.201.40.0/24 maxlen: 24
193.24.29.0/24 maxlen: 24
185.33.110.0/23 maxlen: 23
185.33.108.0/23 maxlen: 23
185.33.108.0/24 maxlen: 24
185.33.108.0/22 maxlen: 22
185.33.109.0/24 maxlen: 24
2a0f:80::/32 maxlen: 32
2001:7f8:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 03 Feb 2023 11:54:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:24:4c:f1:22:a1:3d:94:5b:42:f9:a1:91:2b:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3daef89306a75f0b88191440742a720afb3f20
Validity
Not Before: Jan 1 05:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4961e316a85c4448112abb41b0ee772517b122fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:59:1d:0e:f7:a5:b7:a5:20:86:b6:b1:bb:8a:
d7:48:1f:d3:33:33:33:05:ef:56:13:07:f0:42:03:
13:2e:f7:d8:5e:fd:20:8f:70:01:71:ef:e1:97:66:
4b:7b:82:e1:52:94:95:ab:ab:72:06:aa:ca:2e:6c:
ab:de:ac:d6:e9:be:71:b8:eb:26:d9:ad:e2:ea:3d:
3f:04:de:e6:4f:b6:05:44:76:27:2a:e9:b2:5b:f3:
c1:6e:70:a0:8b:45:fd:cd:19:12:bb:db:c1:bc:d8:
58:76:98:bd:5a:97:d9:d8:60:de:82:82:8c:58:a3:
c2:4f:a8:d4:38:95:1c:bf:44:d5:4f:5a:b1:73:4d:
d6:92:55:d0:39:aa:7e:8d:0c:ef:8a:49:61:9d:ce:
bc:35:15:6a:1b:e5:fe:cf:dd:21:88:6e:3e:84:48:
63:73:d9:0a:63:c4:42:54:44:69:97:a8:2b:20:5c:
22:f1:cc:7f:e4:56:4b:46:84:48:45:7f:bf:c8:bf:
41:3a:5e:67:35:16:2f:17:33:08:68:fa:fb:46:e7:
eb:f6:40:5d:74:70:b0:2e:16:17:61:65:8c:85:7a:
d6:f8:99:5a:ef:b2:fb:61:a4:90:fa:ec:21:df:92:
85:4d:55:95:f2:4a:36:c3:6c:81:ca:2c:96:b3:2d:
69:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:61:E3:16:A8:5C:44:48:11:2A:BB:41:B0:EE:77:25:17:B1:22:FD
X509v3 Authority Key Identifier:
keyid:3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/SWHjFqhcREgRKrtBsO53JRexIv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.108.0/22
193.24.29.0/24
193.201.40.0/24
IPv6:
2001:7f8:10::/48
2a0f:80::/32
Signature Algorithm: sha256WithRSAEncryption
31:40:45:43:92:e6:b0:d9:d2:3e:66:2a:cd:2d:ce:8b:e0:c2:
0b:24:b1:f7:f5:f9:92:18:92:29:27:36:8c:24:f3:8a:da:79:
93:68:aa:ad:23:9b:7f:8e:1d:d1:60:fe:b1:50:cb:28:ae:9c:
53:bb:c2:e5:e1:a1:87:f9:79:94:0e:25:e8:01:44:92:3f:7b:
fc:d9:82:6f:18:70:ac:b6:bd:29:f1:79:fe:fb:36:7d:81:2c:
ff:b8:10:56:93:3d:f3:ad:b2:3f:66:9a:52:26:ea:ea:7e:23:
04:9b:6b:fb:d1:73:49:92:cc:66:2b:ea:f7:40:b2:81:07:ae:
35:83:fa:c2:f4:9c:4c:e8:c2:be:5e:cf:1d:f5:d1:83:28:a0:
75:d5:95:52:6d:33:f5:aa:65:2c:e8:cd:8c:2d:b5:28:07:76:
4a:a6:9b:d7:ee:0a:59:8d:75:56:cb:46:fe:b3:d8:e8:e8:e5:
99:fe:9c:c4:5c:ec:cf:7a:f2:42:5f:a3:bc:57:b0:0f:47:b7:
76:04:8e:2b:57:5a:59:d3:16:0e:85:43:6d:6c:93:ec:a3:57:
99:5a:0a:d8:11:ba:b3:b3:a6:62:15:89:3c:fc:77:d1:bd:96:
38:9f:ec:d1:ca:ab:c2:b5:5a:63:1a:5e:7a:da:64:9d:86:28:
ba:f6:f7:f0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVryiRM8SKhPZRbQvmhkSvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiM2RhZWY4OTMwNmE3NWYwYjg4MTkxNDQwNzQyYTcyMGFm
YjNmMjAwHhcNMjMwMTAxMDUyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTYxZTMxNmE4NWM0NDQ4MTEyYWJiNDFiMGVlNzcyNTE3YjEyMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1kdDvelt6Ughraxu4rXSB/TMzMz
Be9WEwfwQgMTLvfYXv0gj3ABce/hl2ZLe4LhUpSVq6tyBqrKLmyr3qzW6b5xuOsm
2a3i6j0/BN7mT7YFRHYnKumyW/PBbnCgi0X9zRkSu9vBvNhYdpi9WpfZ2GDegoKM
WKPCT6jUOJUcv0TVT1qxc03WklXQOap+jQzviklhnc68NRVqG+X+z90hiG4+hEhj
c9kKY8RCVERpl6grIFwi8cx/5FZLRoRIRX+/yL9BOl5nNRYvFzMIaPr7Rufr9kBd
dHCwLhYXYWWMhXrW+Jla77L7YaSQ+uwh35KFTVWV8ko2w2yByiyWsy1pPQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFElh4xaoXERIESq7QbDudyUXsSL9MB8GA1UdIwQY
MBaAFDs9rviTBqdfC4gZFEB0KnIK+z8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUt
YWFjYWQ4NmM2MTdkLzEvU1dIakZxaGNSRWdSS3J0QnNPNTNKUmV4SXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUtYWFjYWQ4NmM2MTdk
LzEvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCuSFsAwQA
wRgdAwQAwckoMBYEAgACMBADBwAgAQf4ABADBQAqDwCAMA0GCSqGSIb3DQEBCwUA
A4IBAQAxQEVDkuaw2dI+ZirNLc6L4MILJLH39fmSGJIpJzaMJPOK2nmTaKqtI5t/
jh3RYP6xUMsorpxTu8Ll4aGH+XmUDiXoAUSSP3v82YJvGHCstr0p8Xn++zZ9gSz/
uBBWkz3zrbI/ZppSJurqfiMEm2v70XNJksxmK+r3QLKBB641g/rC9JxM6MK+Xs8d
9dGDKKB11ZVSbTP1qmUs6M2MLbUoB3ZKppvX7gpZjXVWy0b+s9jo6OWZ/pzEXOzP
evJCX6O8V7APR7d2BI4rV1pZ0xYOhUNtbJPso1eZWgrYEbqzs6ZiFYk8/HfRvZY4
n+zRyqvCtVpjGl562mSdhii69vfw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:50 2024 by rpki-client on console-ams.rpki-client.org