Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/swFB5-P5RbrtrADScxfrv9PLFWo.roa
File: swFB5-P5RbrtrADScxfrv9PLFWo.roa (raw, json)
Hash identifier: UhXS6/PVOwFJ0zKZ4fQ0WjCKqDDFilKzvXfGblvR9g0=
Subject key identifier: B3:01:41:E7:E3:F9:45:BA:ED:AC:00:D2:73:17:EB:BF:D3:CB:15:6A
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0192B4A925F640D0CACD3CA1E9038D5F0BD2
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/swFB5-P5RbrtrADScxfrv9PLFWo.roa
Signing time: Tue 22 Oct 2024 14:37:17 +0000
ROA not before: Tue 22 Oct 2024 14:37:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.134.23.0/24 maxlen: 24
45.152.150.0/23 maxlen: 24
185.94.65.0/24 maxlen: 24
185.94.66.0/24 maxlen: 24
185.198.155.0/24 maxlen: 24
195.64.107.0/24 maxlen: 24
195.64.113.0/24 maxlen: 24
2a11:f883::/32 maxlen: 48
2a11:f884::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Oct 2024 09:14:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:a9:25:f6:40:d0:ca:cd:3c:a1:e9:03:8d:5f:0b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Oct 22 14:37:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b30141e7e3f945baedac00d27317ebbfd3cb156a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:40:dc:52:5e:b2:ea:cd:6f:7b:f0:4e:62:8e:
28:19:e4:15:ab:fb:88:af:1f:2d:cc:37:de:95:32:
1a:08:31:1b:2b:ea:55:aa:a5:fb:9c:c6:4f:3a:aa:
20:c8:58:10:aa:df:df:aa:d9:f3:97:fe:e7:4b:db:
20:8f:53:6c:b8:e6:6e:76:fb:7d:ec:d0:2f:fa:7d:
85:f6:85:c9:29:3f:e1:3f:da:9d:dd:54:74:fa:85:
94:c4:01:e5:48:13:95:a4:da:c8:e8:2d:43:84:54:
69:c4:e6:42:a0:cc:ca:be:ce:19:3f:75:98:a8:d3:
e3:08:ea:3f:2f:62:55:9d:91:f1:6b:7c:9d:8d:e8:
d5:7d:48:4c:35:01:9b:2b:eb:05:53:7c:00:9f:90:
62:bd:51:f6:f1:79:8f:1c:8b:24:07:9b:51:d3:26:
3e:82:ef:f4:49:f4:3d:97:d5:ff:08:c2:e4:92:d8:
3c:8c:48:52:33:67:95:e0:91:12:9f:53:1a:4f:14:
45:48:ef:16:b5:e1:96:36:77:8f:fe:8c:b7:8c:2b:
be:58:66:b3:f7:db:e7:17:0b:61:7f:e7:ab:be:90:
e2:0b:1a:25:03:97:4e:d1:56:51:55:fd:d9:59:20:
04:16:82:56:20:48:02:70:73:b0:83:be:56:6f:70:
61:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:01:41:E7:E3:F9:45:BA:ED:AC:00:D2:73:17:EB:BF:D3:CB:15:6A
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/swFB5-P5RbrtrADScxfrv9PLFWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.23.0/24
45.152.150.0/23
185.94.65.0-185.94.66.255
185.198.155.0/24
195.64.107.0/24
195.64.113.0/24
IPv6:
2a11:f883::-2a11:f884:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
19:db:8f:fc:50:de:1a:14:3d:93:7e:d2:a0:43:a3:45:1c:eb:
d0:0d:f9:08:dc:b9:8e:04:5f:d1:0e:69:6e:ab:18:38:4a:db:
d4:bf:df:c5:e1:23:1d:d3:cf:57:4a:35:7f:20:e3:4d:5e:bb:
e7:18:56:bc:05:2a:75:a1:74:61:9c:67:6a:bf:87:2b:7a:92:
fc:66:4e:ae:3d:a5:ba:3c:fa:90:d9:5e:25:e4:21:b8:34:8c:
aa:d6:61:75:f6:6e:9d:46:a7:ea:44:1d:0c:1a:3c:1b:33:05:
a4:23:6c:3a:27:53:e2:0f:cd:57:f9:37:6d:3e:79:f0:38:e8:
83:da:90:f3:06:8f:99:9d:05:9d:53:de:41:82:b6:e2:f7:5e:
73:11:0b:87:46:cd:c9:cb:5c:ea:91:02:a5:6f:9e:9a:11:13:
a9:ca:f7:7a:77:6a:05:0e:63:af:cd:4f:f2:ef:05:3d:0e:ae:
7f:31:c1:2a:04:7d:37:a0:c4:34:66:55:7e:5e:7d:c1:5b:a6:
8a:7a:d5:0c:f8:a5:7e:2b:68:a6:9e:e0:a7:96:b0:c7:ef:8b:
a5:ca:06:36:0a:99:a6:45:18:f4:b2:1c:46:f4:c6:d0:33:43:
b0:f9:41:46:66:41:67:6c:90:ab:2e:a5:3b:dc:cf:32:75:5c:
34:84:22:d6
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZK0qSX2QNDKzTyh6QONXwvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQxMDIyMTQzNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzAxNDFlN2UzZjk0NWJhZWRhYzAwZDI3MzE3ZWJiZmQzY2IxNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokDcUl6y6s1ve/BOYo4oGeQVq/uI
rx8tzDfelTIaCDEbK+pVqqX7nMZPOqogyFgQqt/fqtnzl/7nS9sgj1NsuOZudvt9
7NAv+n2F9oXJKT/hP9qd3VR0+oWUxAHlSBOVpNrI6C1DhFRpxOZCoMzKvs4ZP3WY
qNPjCOo/L2JVnZHxa3ydjejVfUhMNQGbK+sFU3wAn5BivVH28XmPHIskB5tR0yY+
gu/0SfQ9l9X/CMLkktg8jEhSM2eV4JESn1MaTxRFSO8WteGWNneP/oy3jCu+WGaz
99vnFwthf+ervpDiCxolA5dO0VZRVf3ZWSAEFoJWIEgCcHOwg75Wb3BhwQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLMBQefj+UW67awA0nMX67/TyxVqMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvc3dGQjUtUDVSYnJ0ckFEU2N4ZnJ2OVBMRldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAyBAIAATAsAwQALYYXAwQB
LZiWMAwDBAC5XkEDBAC5XkIDBAC5xpsDBADDQGsDBADDQHEwFgQCAAIwEDAOAwUA
KhH4gwMFACoR+IQwDQYJKoZIhvcNAQELBQADggEBABnbj/xQ3hoUPZN+0qBDo0Uc
69AN+QjcuY4EX9EOaW6rGDhK29S/38XhIx3Tz1dKNX8g401eu+cYVrwFKnWhdGGc
Z2q/hyt6kvxmTq49pbo8+pDZXiXkIbg0jKrWYXX2bp1Gp+pEHQwaPBszBaQjbDon
U+IPzVf5N20+efA46IPakPMGj5mdBZ1T3kGCtuL3XnMRC4dGzcnLXOqRAqVvnpoR
E6nK93p3agUOY6/NT/LvBT0Orn8xwSoEfTegxDRmVX5efcFbpop61Qz4pX4raKae
4KeWsMfvi6XKBjYKmaZFGPSyHEb0xtAzQ7D5QUZmQWdskKsupTvczzJ1XDSEItY=
-----END CERTIFICATE-----
Generated at Wed Oct 23 11:59:33 2024 by rpki-client on console-fra.rpki-client.org