Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c439d3-8f81-4022-987e-e697c52dfc1e/1/swk4xKFdHOBqXm2FxR8sEBj0MLk.roa
File: swk4xKFdHOBqXm2FxR8sEBj0MLk.roa (raw, json)
Hash identifier: 9aRb3vt9f0PvoMCHfK5cMzy2Q//xbL8D5UgKaLn6amI=
Subject key identifier: B3:09:38:C4:A1:5D:1C:E0:6A:5E:6D:85:C5:1F:2C:10:18:F4:30:B9
Certificate issuer: /CN=5c6d7d87faec48dca4369d6838ceec51ae2bd86a
Certificate serial: 01856F39371763E5BF8A5026143E902B7E34
Authority key identifier: 5C:6D:7D:87:FA:EC:48:DC:A4:36:9D:68:38:CE:EC:51:AE:2B:D8:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XG19h_rsSNykNp1oOM7sUa4r2Go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/c439d3-8f81-4022-987e-e697c52dfc1e/1/swk4xKFdHOBqXm2FxR8sEBj0MLk.roa
Signing time: Sun 01 Jan 2023 21:24:58 +0000
ROA not before: Sun 01 Jan 2023 21:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213317
IP address blocks: 185.167.252.0/24 maxlen: 24
2a10:7a80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:37:17:63:e5:bf:8a:50:26:14:3e:90:2b:7e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6d7d87faec48dca4369d6838ceec51ae2bd86a
Validity
Not Before: Jan 1 21:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b30938c4a15d1ce06a5e6d85c51f2c1018f430b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1c:c3:ce:52:d7:e5:66:2a:dc:07:b7:f1:c5:
9c:0e:c0:23:af:d5:a5:52:82:a8:e2:9d:f2:33:d2:
f7:0f:53:13:93:fe:f1:55:e6:87:62:d2:fe:49:f9:
03:c1:f9:a0:99:8e:68:96:c8:2d:54:de:a0:da:44:
8b:11:a7:8e:62:0f:ae:19:55:1b:21:07:9a:c2:a2:
b9:c4:c5:bc:af:11:d9:88:a4:06:cf:ec:96:c4:08:
a2:33:cf:28:24:12:4f:7b:e1:c9:f0:bd:e4:5a:e4:
97:e4:79:65:ee:db:50:2a:02:64:71:b1:e5:00:d8:
48:05:3c:c2:6f:4c:0d:0d:ce:cc:1a:1b:96:a9:ae:
5d:0e:b2:ae:f4:31:d7:e8:c4:9d:29:29:b5:b2:78:
77:46:26:2a:6d:15:7e:93:c0:31:81:4c:78:de:d3:
f6:c0:80:e1:86:51:82:b3:ca:4a:1e:8d:44:69:dd:
4e:fe:07:0f:cd:df:1f:56:db:56:7b:fd:77:f3:d9:
3c:b5:16:99:bd:9e:1b:17:99:2e:e6:fe:6a:1a:ee:
b7:8d:f2:07:c6:2d:6f:92:51:39:8e:3b:04:39:da:
4a:18:e6:12:df:c0:13:1f:22:c9:65:d5:08:cd:ed:
d2:7e:00:1f:95:b7:bd:c7:27:bc:45:06:38:92:1f:
7d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:09:38:C4:A1:5D:1C:E0:6A:5E:6D:85:C5:1F:2C:10:18:F4:30:B9
X509v3 Authority Key Identifier:
keyid:5C:6D:7D:87:FA:EC:48:DC:A4:36:9D:68:38:CE:EC:51:AE:2B:D8:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XG19h_rsSNykNp1oOM7sUa4r2Go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c439d3-8f81-4022-987e-e697c52dfc1e/1/swk4xKFdHOBqXm2FxR8sEBj0MLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c439d3-8f81-4022-987e-e697c52dfc1e/1/XG19h_rsSNykNp1oOM7sUa4r2Go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.252.0/24
IPv6:
2a10:7a80::/29
Signature Algorithm: sha256WithRSAEncryption
91:4e:f7:2c:17:d1:b7:73:7b:1a:b1:53:84:4b:e3:e7:80:dd:
fc:7f:37:6b:d2:d3:48:2b:b6:ef:8c:34:28:b5:ca:e4:d7:f0:
ce:ca:8a:09:05:14:4f:4f:a7:36:cf:cb:c4:27:0a:fd:62:f9:
0e:d1:5e:30:29:f4:bf:44:54:20:ff:53:f1:66:f1:62:5a:4b:
62:78:b4:20:39:38:bd:b4:06:04:21:0e:c7:88:b3:df:58:f3:
a1:64:48:13:78:5e:01:6d:5c:d5:b0:9c:22:01:ee:a9:58:3f:
82:3e:be:72:3a:62:c4:d4:04:6e:3a:bf:1f:d2:da:bb:2a:0b:
89:3f:f0:1f:bf:33:1b:09:b8:78:13:90:cd:73:4a:29:dc:a5:
91:fe:e6:46:86:b2:44:bc:78:ea:42:b7:f9:af:bc:be:55:7e:
5f:75:ae:5d:56:a1:4a:64:78:69:50:bb:97:c7:22:f2:03:4f:
bf:d1:01:04:aa:f2:43:8e:27:88:8d:9b:a5:10:95:18:b8:97:
a5:38:ca:86:dc:78:19:63:31:25:47:e6:03:91:31:9d:19:b7:
ce:33:4c:55:2b:ba:00:84:05:81:30:13:42:a4:d8:4a:50:a0:
be:5c:00:bf:95:f0:f3:4f:cd:47:51:1f:36:0a:86:aa:11:54:
54:52:82:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvOTcXY+W/ilAmFD6QK340MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNmQ3ZDg3ZmFlYzQ4ZGNhNDM2OWQ2ODM4Y2VlYzUxYWUy
YmQ4NmEwHhcNMjMwMTAxMjEyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzA5MzhjNGExNWQxY2UwNmE1ZTZkODVjNTFmMmMxMDE4ZjQzMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRzDzlLX5WYq3Ae38cWcDsAjr9Wl
UoKo4p3yM9L3D1MTk/7xVeaHYtL+SfkDwfmgmY5olsgtVN6g2kSLEaeOYg+uGVUb
IQeawqK5xMW8rxHZiKQGz+yWxAiiM88oJBJPe+HJ8L3kWuSX5Hll7ttQKgJkcbHl
ANhIBTzCb0wNDc7MGhuWqa5dDrKu9DHX6MSdKSm1snh3RiYqbRV+k8AxgUx43tP2
wIDhhlGCs8pKHo1Ead1O/gcPzd8fVttWe/1389k8tRaZvZ4bF5ku5v5qGu63jfIH
xi1vklE5jjsEOdpKGOYS38ATHyLJZdUIze3SfgAflbe9xye8RQY4kh99MwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLMJOMShXRzgal5thcUfLBAY9DC5MB8GA1UdIwQY
MBaAFFxtfYf67EjcpDadaDjO7FGuK9hqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEcxOWhfcnNTTnlrTnAxb09NN3NVYTRyMkdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jNDM5ZDMtOGY4MS00MDIyLTk4N2Ut
ZTY5N2M1MmRmYzFlLzEvc3drNHhLRmRIT0JxWG0yRnhSOHNFQmowTUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jNDM5ZDMtOGY4MS00MDIyLTk4N2UtZTY5N2M1MmRmYzFl
LzEvWEcxOWhfcnNTTnlrTnAxb09NN3NVYTRyMkdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuaf8MA0E
AgACMAcDBQMqEHqAMA0GCSqGSIb3DQEBCwUAA4IBAQCRTvcsF9G3c3sasVOES+Pn
gN38fzdr0tNIK7bvjDQotcrk1/DOyooJBRRPT6c2z8vEJwr9YvkO0V4wKfS/RFQg
/1PxZvFiWktieLQgOTi9tAYEIQ7HiLPfWPOhZEgTeF4BbVzVsJwiAe6pWD+CPr5y
OmLE1ARuOr8f0tq7KguJP/AfvzMbCbh4E5DNc0op3KWR/uZGhrJEvHjqQrf5r7y+
VX5fda5dVqFKZHhpULuXxyLyA0+/0QEEqvJDjieIjZulEJUYuJelOMqG3HgZYzEl
R+YDkTGdGbfOM0xVK7oAhAWBMBNCpNhKUKC+XAC/lfDzT81HUR82CoaqEVRUUoLE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:52 2024 by rpki-client on console-fra.rpki-client.org