Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/Sw_6PWzpB-LoYdsHdVg6WHdfNEs.roa
File: Sw_6PWzpB-LoYdsHdVg6WHdfNEs.roa (raw, json)
Hash identifier: dswEpmN0sqC/uJ0fotXyNz1t4gukAIBaBFJVW69gNn8=
Subject key identifier: 4B:0F:FA:3D:6C:E9:07:E2:E8:61:DB:07:75:58:3A:58:77:5F:34:4B
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 0191E6294065A7186E0B68E30285A51F2E71
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/Sw_6PWzpB-LoYdsHdVg6WHdfNEs.roa
Signing time: Thu 12 Sep 2024 12:15:48 +0000
ROA not before: Thu 12 Sep 2024 12:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 91.216.138.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
119.13.224.0/20 maxlen: 20
193.37.136.0/24 maxlen: 24
193.105.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Sep 2024 11:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:29:40:65:a7:18:6e:0b:68:e3:02:85:a5:1f:2e:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Sep 12 12:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b0ffa3d6ce907e2e861db0775583a58775f344b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c0:e1:57:6d:72:81:b0:16:3f:9b:2a:1b:bc:
14:6d:f5:60:15:4a:d9:85:dc:03:01:53:79:5b:e5:
fb:e2:59:58:3f:d0:06:d8:b9:b7:aa:22:32:8a:44:
a8:93:03:58:0b:c2:f1:18:ac:ea:17:f0:78:4b:2b:
41:60:80:2c:7a:0f:0e:8f:9b:56:31:2d:c8:35:9c:
4f:85:93:9c:8a:a4:59:53:d7:9f:f2:38:03:ef:34:
8d:b7:54:b2:00:a0:ec:eb:e4:6f:1a:7b:4b:5c:38:
44:ec:ae:d0:9e:cd:85:dd:ad:ee:96:ce:5b:32:8a:
42:61:54:c6:3d:61:90:de:d9:54:18:7a:47:b4:77:
19:72:99:14:43:95:a2:bc:5e:7f:c7:58:a7:73:16:
fd:2d:30:01:3c:0b:0c:6d:72:52:df:a2:be:eb:a8:
f9:6c:29:28:1f:f7:f0:7c:47:57:42:a8:d7:39:bb:
bf:0d:dc:9d:10:27:05:79:d1:fe:74:66:78:86:76:
9a:3f:d2:ee:74:87:7a:52:7f:ab:a6:6d:72:f2:ce:
6b:74:b7:f1:0e:86:95:74:20:7f:4f:60:a8:12:ef:
8e:fa:68:62:31:b8:03:c6:97:88:f1:d4:a4:b3:09:
81:54:1f:60:78:ce:8c:86:49:9e:43:33:aa:a5:51:
89:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:0F:FA:3D:6C:E9:07:E2:E8:61:DB:07:75:58:3A:58:77:5F:34:4B
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/Sw_6PWzpB-LoYdsHdVg6WHdfNEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.138.0/24
91.229.228.0/24
93.180.208.0/22
119.13.224.0/20
193.37.136.0/24
193.105.176.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:c4:2a:f3:a4:b7:34:43:20:89:8a:b0:a9:cd:57:4e:f3:d2:
57:d8:e3:30:84:f3:d0:9d:42:7a:e5:73:c9:2f:58:f6:17:04:
8a:f3:14:77:5d:f6:dd:9d:04:85:6a:90:5a:cc:28:6e:9f:04:
e9:9f:58:c9:a5:12:fe:14:e9:aa:de:30:67:be:54:57:ca:79:
0e:f4:76:6a:5a:36:d6:a9:a7:f3:cc:f3:fc:62:65:c6:ff:df:
7a:e4:e1:bf:92:fd:03:ac:00:42:ac:1e:8e:3b:b5:8b:eb:f6:
ae:ca:fe:f9:f7:01:09:bd:83:c8:b3:65:6c:4f:c4:51:7b:13:
51:1a:3a:d3:26:8e:0d:fa:02:ed:6f:c5:94:db:00:cb:57:00:
78:e8:66:dc:a8:62:4f:be:28:a5:9b:8d:f4:3b:90:8b:6c:11:
09:8c:35:32:e8:97:54:0b:f5:17:57:2e:2f:c6:80:77:68:cd:
34:22:84:6d:78:ee:59:70:2f:26:03:13:c0:35:96:12:f8:20:
91:34:ea:b9:3c:ba:07:90:2f:b6:9e:07:88:10:3d:0a:47:3e:
78:20:4d:9d:11:6f:5f:96:e8:48:7e:b3:b3:c7:d2:4a:2f:b7:
2b:0a:83:bd:83:19:04:68:ce:cb:4f:47:c7:ca:16:9a:56:c5:
53:ab:ba:55
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZHmKUBlpxhuC2jjAoWlHy5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjQwOTEyMTIxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjBmZmEzZDZjZTkwN2UyZTg2MWRiMDc3NTU4M2E1ODc3NWYzNDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8DhV21ygbAWP5sqG7wUbfVgFUrZ
hdwDAVN5W+X74llYP9AG2Lm3qiIyikSokwNYC8LxGKzqF/B4SytBYIAseg8Oj5tW
MS3INZxPhZOciqRZU9ef8jgD7zSNt1SyAKDs6+RvGntLXDhE7K7Qns2F3a3uls5b
MopCYVTGPWGQ3tlUGHpHtHcZcpkUQ5WivF5/x1incxb9LTABPAsMbXJS36K+66j5
bCkoH/fwfEdXQqjXObu/DdydECcFedH+dGZ4hnaaP9LudId6Un+rpm1y8s5rdLfx
DoaVdCB/T2CoEu+O+mhiMbgDxpeI8dSkswmBVB9geM6MhkmeQzOqpVGJnQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEsP+j1s6Qfi6GHbB3VYOlh3XzRLMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvU3dfNlBXenBCLUxvWWRzSGRWZzZXSGRmTkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW9iKAwQA
W+XkAwQCXbTQAwQEdw3gAwQAwSWIAwQAwWmwMA0GCSqGSIb3DQEBCwUAA4IBAQCg
xCrzpLc0QyCJirCpzVdO89JX2OMwhPPQnUJ65XPJL1j2FwSK8xR3XfbdnQSFapBa
zChunwTpn1jJpRL+FOmq3jBnvlRXynkO9HZqWjbWqafzzPP8YmXG/9965OG/kv0D
rABCrB6OO7WL6/auyv759wEJvYPIs2VsT8RRexNRGjrTJo4N+gLtb8WU2wDLVwB4
6GbcqGJPviilm430O5CLbBEJjDUy6JdUC/UXVy4vxoB3aM00IoRteO5ZcC8mAxPA
NZYS+CCRNOq5PLoHkC+2ngeIED0KRz54IE2dEW9fluhIfrOzx9JKL7crCoO9gxkE
aM7LT0fHyhaaVsVTq7pV
-----END CERTIFICATE-----
Generated at Sun Sep 15 17:46:39 2024 by rpki-client on console-ams.rpki-client.org