Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/be5fff-c911-457c-95fc-d30b7e25ae0b/1/SFWP-poD2x7sXpdQVinUJ775b9E.roa
File: SFWP-poD2x7sXpdQVinUJ775b9E.roa (raw, json)
Hash identifier: hAdNJ7kdQnLDA6++2vbGgNqR/SipOP1/n0lgPLWYdVU=
Subject key identifier: 48:55:8F:FA:9A:03:DB:1E:EC:5E:97:50:56:29:D4:27:BE:F9:6F:D1
Certificate issuer: /CN=db929dec5c0f23add9baeeea7bb39ac87a729083
Certificate serial: 01856D13A7FD9B0EA633CB51A2308B2C53A2
Authority key identifier: DB:92:9D:EC:5C:0F:23:AD:D9:BA:EE:EA:7B:B3:9A:C8:7A:72:90:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25Kd7FwPI63Zuu7qe7OayHpykIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/be5fff-c911-457c-95fc-d30b7e25ae0b/1/SFWP-poD2x7sXpdQVinUJ775b9E.roa
Signing time: Sun 01 Jan 2023 11:24:42 +0000
ROA not before: Sun 01 Jan 2023 11:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47988
IP address blocks: 195.114.13.0/24 maxlen: 24
2001:678:ac8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:a7:fd:9b:0e:a6:33:cb:51:a2:30:8b:2c:53:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db929dec5c0f23add9baeeea7bb39ac87a729083
Validity
Not Before: Jan 1 11:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48558ffa9a03db1eec5e97505629d427bef96fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:99:f0:ac:9c:18:8b:59:67:98:62:30:4e:51:
8a:f6:4c:5d:1b:3b:07:c8:9a:14:3d:b8:8c:4e:1b:
7a:ab:d0:f2:d0:f3:76:d6:91:76:29:cc:90:18:f5:
ea:29:f1:1f:d8:c7:63:01:c6:aa:9d:32:cf:f0:4d:
27:a1:69:21:ff:62:73:4f:27:e4:c0:a1:e1:02:67:
c4:c4:60:fe:e0:5b:f5:11:e0:30:c5:af:94:bd:75:
54:49:9a:4e:bf:36:c4:5c:0f:84:d1:9f:8f:e2:97:
9a:b3:33:4e:f6:31:6d:3e:8b:50:9b:7d:49:15:92:
15:4a:e6:55:05:20:51:18:5f:a3:34:19:0e:7c:b4:
d0:97:4b:ba:54:2c:c6:22:36:87:e0:ec:8f:b6:49:
14:0f:73:85:d4:17:ea:2a:70:9a:71:18:3e:c6:35:
5f:a1:42:69:22:8d:36:53:9e:8d:eb:4e:d4:8b:c8:
00:c4:f3:26:c2:14:9b:37:f3:36:7f:c7:b9:7f:ac:
df:03:21:d7:49:35:6d:26:07:2c:ba:f5:81:b4:e4:
a9:f5:cb:d5:fd:f0:fc:bc:71:14:ea:36:3f:c5:e7:
63:ac:3c:60:a6:6e:db:1a:bd:c1:67:ef:73:74:26:
d8:9b:75:c5:15:f3:f1:28:cd:f2:fb:49:ba:c6:6b:
bd:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:55:8F:FA:9A:03:DB:1E:EC:5E:97:50:56:29:D4:27:BE:F9:6F:D1
X509v3 Authority Key Identifier:
keyid:DB:92:9D:EC:5C:0F:23:AD:D9:BA:EE:EA:7B:B3:9A:C8:7A:72:90:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25Kd7FwPI63Zuu7qe7OayHpykIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/be5fff-c911-457c-95fc-d30b7e25ae0b/1/SFWP-poD2x7sXpdQVinUJ775b9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/be5fff-c911-457c-95fc-d30b7e25ae0b/1/25Kd7FwPI63Zuu7qe7OayHpykIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.13.0/24
IPv6:
2001:678:ac8::/48
Signature Algorithm: sha256WithRSAEncryption
34:0b:77:44:12:ab:82:65:fe:25:29:d2:43:74:8e:14:5f:e2:
30:80:bf:eb:4f:e6:1b:c9:48:2b:25:a9:ca:69:49:8f:c7:c3:
de:be:11:d9:db:bc:8e:35:9d:53:30:77:31:d9:e0:61:b2:12:
c7:33:1f:85:f9:b0:3f:d5:f7:99:e8:8b:f3:37:87:06:e8:a4:
7e:1f:29:ed:ee:79:99:dd:36:ee:e2:bb:39:36:5a:55:dc:c7:
cc:74:1f:34:c7:c5:50:1c:4b:2e:bc:09:a6:ae:2b:36:9b:9f:
07:0a:ce:62:f8:49:c7:93:ba:00:5a:3b:94:eb:54:66:3e:28:
4e:93:09:08:b2:0f:58:14:1c:d5:5c:2b:c4:a1:d1:0d:b8:8a:
b2:78:b6:4f:2b:14:46:7d:4e:8c:3c:44:c4:50:e5:e0:66:93:
07:fa:de:79:3a:91:2f:b0:4f:e5:9f:3a:a8:86:0e:01:45:37:
5c:c1:d8:5e:29:49:24:2e:86:0c:ed:2c:74:5b:28:48:dc:52:
e4:38:c4:9a:a3:e8:27:85:3e:c3:9e:de:23:d5:6d:7a:da:90:
11:92:3c:2b:88:73:b2:3f:a2:2c:e9:43:d6:56:90:b1:ec:6c:
f6:c8:13:49:b4:a7:18:a8:81:d0:0a:0a:2a:a1:71:c7:d2:55:
ee:19:20:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtE6f9mw6mM8tRojCLLFOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOTI5ZGVjNWMwZjIzYWRkOWJhZWVlYTdiYjM5YWM4N2E3
MjkwODMwHhcNMjMwMTAxMTEyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODU1OGZmYTlhMDNkYjFlZWM1ZTk3NTA1NjI5ZDQyN2JlZjk2ZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZnwrJwYi1lnmGIwTlGK9kxdGzsH
yJoUPbiMTht6q9Dy0PN21pF2KcyQGPXqKfEf2MdjAcaqnTLP8E0noWkh/2JzTyfk
wKHhAmfExGD+4Fv1EeAwxa+UvXVUSZpOvzbEXA+E0Z+P4peaszNO9jFtPotQm31J
FZIVSuZVBSBRGF+jNBkOfLTQl0u6VCzGIjaH4OyPtkkUD3OF1BfqKnCacRg+xjVf
oUJpIo02U56N607Ui8gAxPMmwhSbN/M2f8e5f6zfAyHXSTVtJgcsuvWBtOSp9cvV
/fD8vHEU6jY/xedjrDxgpm7bGr3BZ+9zdCbYm3XFFfPxKM3y+0m6xmu9owIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEhVj/qaA9se7F6XUFYp1Ce++W/RMB8GA1UdIwQY
MBaAFNuSnexcDyOt2bru6nuzmsh6cpCDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjVLZDdGd1BJNjNadXU3cWU3T2F5SHB5a0lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9iZTVmZmYtYzkxMS00NTdjLTk1ZmMt
ZDMwYjdlMjVhZTBiLzEvU0ZXUC1wb0QyeDdzWHBkUVZpblVKNzc1YjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9iZTVmZmYtYzkxMS00NTdjLTk1ZmMtZDMwYjdlMjVhZTBi
LzEvMjVLZDdGd1BJNjNadXU3cWU3T2F5SHB5a0lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw3INMA8E
AgACMAkDBwAgAQZ4CsgwDQYJKoZIhvcNAQELBQADggEBADQLd0QSq4Jl/iUp0kN0
jhRf4jCAv+tP5hvJSCslqcppSY/Hw96+EdnbvI41nVMwdzHZ4GGyEsczH4X5sD/V
95noi/M3hwbopH4fKe3ueZndNu7iuzk2WlXcx8x0HzTHxVAcSy68CaauKzabnwcK
zmL4SceTugBaO5TrVGY+KE6TCQiyD1gUHNVcK8Sh0Q24irJ4tk8rFEZ9Tow8RMRQ
5eBmkwf63nk6kS+wT+WfOqiGDgFFN1zB2F4pSSQuhgztLHRbKEjcUuQ4xJqj6CeF
PsOe3iPVbXrakBGSPCuIc7I/oizpQ9ZWkLHsbPbIE0m0pxiogdAKCiqhccfSVe4Z
IJg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:55 2024 by rpki-client on console-ams.rpki-client.org