Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/swIbhxfOtKDZ6DL_TuPMf87YCv4.roa
File: swIbhxfOtKDZ6DL_TuPMf87YCv4.roa (raw, json)
Hash identifier: zWMyKw9eM7O21JS8ZQlztrlu1IBSsNhh8Qt4+qkj8S0=
Subject key identifier: B3:02:1B:87:17:CE:B4:A0:D9:E8:32:FF:4E:E3:CC:7F:CE:D8:0A:FE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0195279135E66D57772475DACEB0CA48333B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/swIbhxfOtKDZ6DL_TuPMf87YCv4.roa
Signing time: Fri 21 Feb 2025 08:13:02 +0000
ROA not before: Fri 21 Feb 2025 08:13:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 45.144.227.0/24 maxlen: 24
62.197.144.0/24 maxlen: 24
62.197.145.0/24 maxlen: 24
62.197.146.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.149.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.151.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
62.197.153.0/24 maxlen: 24
62.197.154.0/23 maxlen: 24
62.197.156.0/23 maxlen: 24
62.197.158.0/24 maxlen: 24
62.197.159.0/24 maxlen: 24
91.190.101.0/24 maxlen: 24
92.62.120.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
92.62.122.0/23 maxlen: 24
185.244.139.0/24 maxlen: 24
194.169.168.0/24 maxlen: 24
194.169.169.0/24 maxlen: 24
194.169.170.0/23 maxlen: 24
212.119.32.0/23 maxlen: 24
212.119.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 12:40:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:91:35:e6:6d:57:77:24:75:da:ce:b0:ca:48:33:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 21 08:13:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3021b8717ceb4a0d9e832ff4ee3cc7fced80afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ac:a8:a8:a8:f6:be:93:af:d1:91:f5:dc:da:
0d:e1:b4:c4:83:a6:f7:45:fb:d0:c2:ed:21:25:80:
c9:0a:34:25:04:50:7c:9c:f5:a9:5c:12:f2:5d:1f:
f3:4d:6f:0b:d6:45:34:26:b3:f4:88:f3:25:ef:15:
31:04:48:ae:cf:00:53:e7:88:93:f3:6b:3f:89:14:
c6:3f:04:79:4c:f0:d3:e3:84:9c:cd:2a:b7:4f:b1:
95:ed:e5:a1:06:4d:63:12:ad:42:8c:e7:c2:91:89:
46:31:0b:38:7e:7b:8f:da:39:92:73:60:d3:33:92:
eb:8c:d6:e5:69:48:b6:fb:81:46:ac:be:bd:8f:90:
e1:b0:ad:e9:66:4f:f5:cf:86:98:71:8e:70:14:84:
42:e7:c9:49:7f:c4:0a:9e:a7:3d:93:ab:28:41:cb:
8f:01:f3:51:b0:8d:5e:88:73:cb:09:85:3b:be:1c:
fa:d7:df:20:a8:a4:2f:f7:b7:68:1f:51:ad:54:03:
27:11:a8:78:c5:a3:a6:51:26:77:23:78:c9:6e:ae:
1f:09:f5:a8:e9:8f:62:10:58:eb:1b:20:cd:ae:82:
83:ed:8b:cf:19:60:c7:eb:37:de:a0:9f:38:b7:cf:
8b:2c:7e:c1:f0:be:09:a0:da:2c:4c:50:b5:f5:7f:
00:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:02:1B:87:17:CE:B4:A0:D9:E8:32:FF:4E:E3:CC:7F:CE:D8:0A:FE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/swIbhxfOtKDZ6DL_TuPMf87YCv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.227.0/24
62.197.144.0/20
91.190.101.0/24
92.62.120.0/22
185.244.139.0/24
194.169.168.0/22
212.119.32.0-212.119.34.255
Signature Algorithm: sha256WithRSAEncryption
87:e2:0f:5f:08:d7:b2:69:99:f2:62:40:6b:8c:71:9b:20:c9:
44:e9:a5:87:fd:c4:ab:b1:34:34:f1:51:43:35:13:09:1c:d9:
a5:9c:35:81:ad:ea:cd:01:80:a2:47:ee:1a:4f:c3:bf:bc:7d:
70:da:68:20:5e:58:6d:08:17:7c:63:48:ad:87:1a:e6:b8:0a:
26:96:a5:66:e0:60:f6:f6:56:30:b8:ff:9b:61:f4:e8:58:8f:
01:4b:5d:18:34:10:4e:ca:09:7b:8d:6f:f8:d0:42:5b:1f:89:
41:61:0e:72:a8:87:6f:61:e2:53:56:22:de:7e:25:af:28:2d:
1d:44:7f:03:74:63:03:58:c3:f4:1d:68:86:3a:34:db:99:96:
a0:d4:7a:49:95:bf:d7:09:8a:0a:e2:fd:28:c8:04:a7:5e:4d:
59:4e:f5:bd:b4:29:87:5b:e9:48:8a:93:1e:d0:72:41:82:36:
55:37:e0:94:e5:7b:92:0c:7e:ee:65:61:1e:26:5c:60:c2:d7:
43:c4:a5:91:0b:d1:ee:07:47:34:de:c1:9f:30:ed:f2:8b:03:
b1:a8:b8:a7:ed:7d:db:9d:b5:fd:e9:48:45:12:cf:90:45:fb:
b0:87:75:0e:36:7e:50:d6:78:ad:02:b7:82:2b:9f:be:2b:e4:
21:a9:93:a9
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZUnkTXmbVd3JHXazrDKSDM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMjIxMDgxMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzAyMWI4NzE3Y2ViNGEwZDllODMyZmY0ZWUzY2M3ZmNlZDgwYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqyoqKj2vpOv0ZH13NoN4bTEg6b3
RfvQwu0hJYDJCjQlBFB8nPWpXBLyXR/zTW8L1kU0JrP0iPMl7xUxBEiuzwBT54iT
82s/iRTGPwR5TPDT44SczSq3T7GV7eWhBk1jEq1CjOfCkYlGMQs4fnuP2jmSc2DT
M5LrjNblaUi2+4FGrL69j5DhsK3pZk/1z4aYcY5wFIRC58lJf8QKnqc9k6soQcuP
AfNRsI1eiHPLCYU7vhz6198gqKQv97doH1GtVAMnEah4xaOmUSZ3I3jJbq4fCfWo
6Y9iEFjrGyDNroKD7YvPGWDH6zfeoJ84t8+LLH7B8L4JoNosTFC19X8AvwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLMCG4cXzrSg2egy/07jzH/O2Ar+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvc3dJYmh4Zk90S0RaNkRMX1R1UE1mODdZQ3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALZDjAwQE
PsWQAwQAW75lAwQCXD54AwQAufSLAwQCwqmoMAwDBAXUdyADBADUdyIwDQYJKoZI
hvcNAQELBQADggEBAIfiD18I17JpmfJiQGuMcZsgyUTppYf9xKuxNDTxUUM1Ewkc
2aWcNYGt6s0BgKJH7hpPw7+8fXDaaCBeWG0IF3xjSK2HGua4CiaWpWbgYPb2VjC4
/5th9OhYjwFLXRg0EE7KCXuNb/jQQlsfiUFhDnKoh29h4lNWIt5+Ja8oLR1EfwN0
YwNYw/QdaIY6NNuZlqDUekmVv9cJigri/SjIBKdeTVlO9b20KYdb6UiKkx7QckGC
NlU34JTle5IMfu5lYR4mXGDC10PEpZEL0e4HRzTewZ8w7fKLA7GouKftfdudtf3p
SEUSz5BF+7CHdQ42flDWeK0Ct4Irn74r5CGpk6k=
-----END CERTIFICATE-----
Generated at Wed Apr 16 15:31:33 2025 by rpki-client