Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/SSWHfNgtXo5XydTwdhtp9QqoS7A.roa
File: SSWHfNgtXo5XydTwdhtp9QqoS7A.roa (raw, json)
Hash identifier: u26T/+a9I6BugWYtgTMHBX9REIBCNvOTtefkk5fgLgk=
Subject key identifier: 49:25:87:7C:D8:2D:5E:8E:57:C9:D4:F0:76:1B:69:F5:0A:A8:4B:B0
Certificate issuer: /CN=739f3ebcd26792b913c1dcb9941996e998f16078
Certificate serial: 018CC94D61FFAF8A2989280D7EE62B01860E
Authority key identifier: 73:9F:3E:BC:D2:67:92:B9:13:C1:DC:B9:94:19:96:E9:98:F1:60:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c58-vNJnkrkTwdy5lBmW6ZjxYHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/SSWHfNgtXo5XydTwdhtp9QqoS7A.roa
Signing time: Tue 02 Jan 2024 08:32:20 +0000
ROA not before: Tue 02 Jan 2024 08:32:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35063
IP address blocks: 217.171.48.0/20 maxlen: 24
46.29.144.0/21 maxlen: 24
85.237.160.0/19 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Aug 2024 10:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:61:ff:af:8a:29:89:28:0d:7e:e6:2b:01:86:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=739f3ebcd26792b913c1dcb9941996e998f16078
Validity
Not Before: Jan 2 08:32:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4925877cd82d5e8e57c9d4f0761b69f50aa84bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c3:58:eb:99:e7:71:5d:e2:2f:b4:18:c9:58:
b6:c4:6b:45:72:99:67:48:a1:8d:4c:3c:c6:08:07:
41:17:be:05:85:d2:47:13:1b:c3:87:9e:f4:c0:85:
3f:e5:c5:c0:9b:f6:a8:db:e7:37:94:54:42:16:d6:
10:a1:2c:92:c6:70:21:30:66:e0:e3:35:bf:4e:84:
a6:6c:cb:3e:16:4f:cc:2b:e1:7e:01:05:5e:00:7c:
3a:38:d2:13:aa:44:43:36:58:7d:a0:71:4a:73:78:
2f:f3:23:08:b1:d6:ee:62:97:4e:70:f7:eb:5b:a5:
97:28:0d:c1:88:00:9f:00:91:71:32:24:17:5e:1e:
a7:22:ae:1d:8a:dd:7e:c4:86:2b:02:42:27:62:d5:
e2:43:55:f1:06:4b:0c:31:da:49:61:97:98:84:02:
d8:79:9e:6f:54:bc:ae:71:4e:77:9f:80:9e:43:82:
90:0e:5f:76:36:3e:af:06:4d:92:13:6e:69:6c:80:
eb:a5:af:4a:23:d4:47:30:e9:fc:8e:a2:b6:f6:f4:
a9:d3:16:65:8d:1e:97:d4:6a:38:0f:20:04:e0:fc:
a2:36:4f:05:d5:ab:22:c2:5d:47:5b:6e:f0:59:5d:
e5:f1:8f:f6:d0:50:85:37:e0:67:c1:59:b2:b2:cd:
10:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:25:87:7C:D8:2D:5E:8E:57:C9:D4:F0:76:1B:69:F5:0A:A8:4B:B0
X509v3 Authority Key Identifier:
keyid:73:9F:3E:BC:D2:67:92:B9:13:C1:DC:B9:94:19:96:E9:98:F1:60:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c58-vNJnkrkTwdy5lBmW6ZjxYHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/SSWHfNgtXo5XydTwdhtp9QqoS7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d2d99e-a7c1-43e8-93f5-a11a96d21861/1/c58-vNJnkrkTwdy5lBmW6ZjxYHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.144.0/21
85.237.160.0/19
217.171.48.0/20
Signature Algorithm: sha256WithRSAEncryption
ac:39:12:e7:2e:ed:10:a5:a5:6e:0b:b1:5a:41:13:3b:bc:63:
86:b9:e9:ef:02:9b:83:44:82:b4:25:2f:4a:e9:0a:bb:26:2e:
33:6b:eb:d9:24:a6:22:8f:1c:a8:1b:2c:41:90:48:23:21:3f:
d0:c0:a7:33:9c:ab:df:83:2b:4a:72:5b:3e:43:13:aa:cd:97:
82:55:8d:92:90:a9:b6:da:c1:e5:00:c2:1c:39:cb:4c:4a:91:
a3:74:07:91:75:79:2e:91:1a:64:b6:86:d8:f5:42:2d:bd:52:
a2:96:65:0f:0e:67:17:eb:0e:66:27:80:58:c5:bc:1c:8c:b7:
e5:f6:dc:6a:1c:98:fa:92:47:49:4a:91:b4:06:87:db:f2:1a:
95:5b:58:d1:9f:6c:76:c2:5e:49:4c:1a:ef:8f:5e:00:e7:b9:
be:e0:b5:d1:09:12:5e:85:18:5d:bf:c6:b0:26:fc:16:5e:51:
ef:7a:20:ab:84:18:fd:26:b0:a6:b0:cd:ed:5c:51:5b:4e:6e:
d2:fa:d8:34:bb:db:6f:c6:64:70:29:8f:f2:68:5d:b2:cd:e1:
4f:c8:91:d8:10:64:1e:fa:78:62:17:c0:47:39:8e:a4:aa:eb:
7c:c3:5c:74:da:02:a8:98:34:76:f1:e2:cc:eb:4b:73:5d:42:
25:48:16:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTWH/r4opiSgNfuYrAYYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOWYzZWJjZDI2NzkyYjkxM2MxZGNiOTk0MTk5NmU5OThm
MTYwNzgwHhcNMjQwMTAyMDgzMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTI1ODc3Y2Q4MmQ1ZThlNTdjOWQ0ZjA3NjFiNjlmNTBhYTg0YmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisNY65nncV3iL7QYyVi2xGtFcpln
SKGNTDzGCAdBF74FhdJHExvDh570wIU/5cXAm/ao2+c3lFRCFtYQoSySxnAhMGbg
4zW/ToSmbMs+Fk/MK+F+AQVeAHw6ONITqkRDNlh9oHFKc3gv8yMIsdbuYpdOcPfr
W6WXKA3BiACfAJFxMiQXXh6nIq4dit1+xIYrAkInYtXiQ1XxBksMMdpJYZeYhALY
eZ5vVLyucU53n4CeQ4KQDl92Nj6vBk2SE25pbIDrpa9KI9RHMOn8jqK29vSp0xZl
jR6X1Go4DyAE4PyiNk8F1asiwl1HW27wWV3l8Y/20FCFN+BnwVmyss0Q+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEklh3zYLV6OV8nU8HYbafUKqEuwMB8GA1UdIwQY
MBaAFHOfPrzSZ5K5E8HcuZQZlumY8WB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzU4LXZOSm5rcmtUd2R5NWxCbVc2Wmp4WUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kMmQ5OWUtYTdjMS00M2U4LTkzZjUt
YTExYTk2ZDIxODYxLzEvU1NXSGZOZ3RYbzVYeWRUd2RodHA5UXFvUzdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kMmQ5OWUtYTdjMS00M2U4LTkzZjUtYTExYTk2ZDIxODYx
LzEvYzU4LXZOSm5rcmtUd2R5NWxCbVc2Wmp4WUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLh2QAwQF
Ve2gAwQE2aswMA0GCSqGSIb3DQEBCwUAA4IBAQCsORLnLu0QpaVuC7FaQRM7vGOG
uenvApuDRIK0JS9K6Qq7Ji4za+vZJKYijxyoGyxBkEgjIT/QwKcznKvfgytKcls+
QxOqzZeCVY2SkKm22sHlAMIcOctMSpGjdAeRdXkukRpktobY9UItvVKilmUPDmcX
6w5mJ4BYxbwcjLfl9txqHJj6kkdJSpG0Bofb8hqVW1jRn2x2wl5JTBrvj14A57m+
4LXRCRJehRhdv8awJvwWXlHveiCrhBj9JrCmsM3tXFFbTm7S+tg0u9tvxmRwKY/y
aF2yzeFPyJHYEGQe+nhiF8BHOY6kqut8w1x02gKomDR28eLM60tzXUIlSBaV
-----END CERTIFICATE-----
Generated at Wed Aug 7 12:50:38 2024 by rpki-client on console-fra.rpki-client.org