Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/sWoH5Wi2HlSrIhlEEVKfOKox0f0.roa
File: sWoH5Wi2HlSrIhlEEVKfOKox0f0.roa (raw, json)
Hash identifier: oV7wDGgkwhj6FuRAYnfOr71ODnP5Cx7GDmbBZkcFKh8=
Subject key identifier: B1:6A:07:E5:68:B6:1E:54:AB:22:19:44:11:52:9F:38:AA:31:D1:FD
Certificate issuer: /CN=69507f066f2bb0389dd88436074e1426114f2d92
Certificate serial: 019200F6374A3B001439E8DC1E0D8E7E8618
Authority key identifier: 69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/sWoH5Wi2HlSrIhlEEVKfOKox0f0.roa
Signing time: Tue 17 Sep 2024 17:09:48 +0000
ROA not before: Tue 17 Sep 2024 17:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210079
IP address blocks: 2.56.88.0/24 maxlen: 24
2.56.89.0/24 maxlen: 24
95.142.35.0/24 maxlen: 24
95.142.36.0/24 maxlen: 24
95.142.37.0/24 maxlen: 24
95.142.38.0/24 maxlen: 24
95.142.39.0/24 maxlen: 24
95.142.40.0/24 maxlen: 24
95.142.42.0/24 maxlen: 24
95.142.43.0/24 maxlen: 24
95.142.44.0/24 maxlen: 24
178.208.68.0/24 maxlen: 24
178.208.69.0/24 maxlen: 24
178.208.70.0/24 maxlen: 24
178.208.71.0/24 maxlen: 24
178.208.92.0/24 maxlen: 24
178.208.94.0/24 maxlen: 24
178.208.95.0/24 maxlen: 24
185.105.109.0/24 maxlen: 24
185.105.110.0/24 maxlen: 24
185.105.111.0/24 maxlen: 24
185.154.52.0/24 maxlen: 24
185.154.53.0/24 maxlen: 24
185.154.54.0/24 maxlen: 24
185.154.55.0/24 maxlen: 24
2a09:c140:3::/48 maxlen: 48
2a09:c140:db::/48 maxlen: 48
2a09:c140:900d::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:00:f6:37:4a:3b:00:14:39:e8:dc:1e:0d:8e:7e:86:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69507f066f2bb0389dd88436074e1426114f2d92
Validity
Not Before: Sep 17 17:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b16a07e568b61e54ab22194411529f38aa31d1fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9b:29:75:d5:85:b4:14:92:1f:6e:9f:09:63:
c8:5c:6c:4b:fd:92:e4:c4:27:0e:70:72:d9:ca:51:
32:97:79:24:58:d4:62:ed:df:61:6a:36:3a:92:5c:
c8:6d:95:eb:97:29:7b:e3:1d:61:d8:e0:21:bf:12:
3b:05:71:bf:ac:6f:1f:1a:1b:87:08:f7:04:8a:24:
80:d6:45:df:2c:bd:0d:f4:57:52:aa:76:1d:34:a9:
68:dc:e8:1e:28:63:c2:1e:ad:8b:f3:1f:aa:1e:3e:
f8:64:83:1f:7f:96:f1:d7:b6:f4:df:32:6d:5f:68:
0d:2a:16:82:3f:10:98:ae:ed:85:a7:2b:b4:6c:36:
cf:fb:68:fa:17:3a:07:23:9d:0d:5b:c0:c7:42:f9:
87:20:60:90:23:8c:59:00:7b:75:73:bf:da:ab:16:
47:97:7c:32:92:3b:d0:f1:9b:cb:0c:e7:dc:d2:ab:
52:fb:a3:7b:cd:a1:0a:97:b5:9e:24:63:fd:68:db:
81:94:e2:5c:e8:8e:42:ce:95:60:80:55:ce:b7:35:
c5:ce:79:57:97:a4:67:60:8a:5a:a1:8e:00:78:2f:
d1:37:14:4c:8d:4d:78:e0:22:4b:da:d0:85:50:a8:
cd:ae:fe:28:57:99:72:6f:64:a8:db:c2:4b:1b:f7:
66:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:6A:07:E5:68:B6:1E:54:AB:22:19:44:11:52:9F:38:AA:31:D1:FD
X509v3 Authority Key Identifier:
keyid:69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/sWoH5Wi2HlSrIhlEEVKfOKox0f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.88.0/23
95.142.35.0-95.142.40.255
95.142.42.0-95.142.44.255
178.208.68.0/22
178.208.92.0/24
178.208.94.0/23
185.105.109.0-185.105.111.255
185.154.52.0/22
IPv6:
2a09:c140:3::/48
2a09:c140:db::/48
2a09:c140:900d::/48
Signature Algorithm: sha256WithRSAEncryption
7d:f5:bc:7e:1a:45:69:df:58:a1:13:e5:a8:63:c1:6a:82:78:
3d:9a:0b:72:2c:14:a5:51:87:b5:7e:97:48:50:bb:47:f1:66:
15:9c:b7:57:e3:9f:4c:f7:d6:3f:c1:a1:1c:cc:bc:53:68:1e:
cd:97:28:b4:fe:20:34:36:77:33:97:39:91:70:6e:a9:f7:c0:
85:de:67:de:f6:fc:7c:89:d7:06:6d:e1:0a:c4:f8:6d:8e:63:
3f:d4:c3:c8:08:0d:bb:59:8e:c8:c3:c1:f0:16:63:65:bc:d6:
9e:ec:42:f2:57:65:6b:6e:2b:5f:84:a9:ef:9c:ab:a7:cc:b0:
b0:ad:fc:46:ac:39:40:8b:4c:d5:7a:7e:92:c6:e0:76:d1:ee:
b6:26:c8:83:2f:83:c5:f3:29:61:e9:44:dc:cb:bb:16:25:e7:
01:e3:28:d2:de:66:3e:f1:da:1d:ec:29:45:3d:0c:68:39:28:
5c:b4:dd:8d:f5:4b:00:42:4f:04:97:f1:44:bd:5a:68:5e:1f:
28:f0:92:81:80:bf:da:20:0e:87:93:65:ae:8e:0f:6e:17:68:
5b:8d:b6:8b:2d:a7:d7:ea:a8:d9:43:7a:8a:68:80:2d:98:a5:
26:3e:64:bb:c5:c9:a1:26:ea:e5:98:44:8c:c6:b0:c2:0b:05:
03:f5:91:2d
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZIA9jdKOwAUOejcHg2OfoYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTA3ZjA2NmYyYmIwMzg5ZGQ4ODQzNjA3NGUxNDI2MTE0
ZjJkOTIwHhcNMjQwOTE3MTcwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTZhMDdlNTY4YjYxZTU0YWIyMjE5NDQxMTUyOWYzOGFhMzFkMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpspddWFtBSSH26fCWPIXGxL/ZLk
xCcOcHLZylEyl3kkWNRi7d9hajY6klzIbZXrlyl74x1h2OAhvxI7BXG/rG8fGhuH
CPcEiiSA1kXfLL0N9FdSqnYdNKlo3OgeKGPCHq2L8x+qHj74ZIMff5bx17b03zJt
X2gNKhaCPxCYru2Fpyu0bDbP+2j6FzoHI50NW8DHQvmHIGCQI4xZAHt1c7/aqxZH
l3wykjvQ8ZvLDOfc0qtS+6N7zaEKl7WeJGP9aNuBlOJc6I5CzpVggFXOtzXFznlX
l6RnYIpaoY4AeC/RNxRMjU144CJL2tCFUKjNrv4oV5lyb2So28JLG/dm2wIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFLFqB+Voth5UqyIZRBFSnziqMdH9MB8GA1UdIwQY
MBaAFGlQfwZvK7A4ndiENgdOFCYRTy2SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEt
MGUxYjhmZWE4OTEzLzEvc1dvSDVXaTJIbFNySWhsRUVWS2ZPS294MGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEtMGUxYjhmZWE4OTEz
LzEvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwTgQCAAEwSAMEAQI4WDAM
AwQAX44jAwQAX44oMAwDBAFfjioDBABfjiwDBAKy0EQDBACy0FwDBAGy0F4wDAME
ALlpbQMEBLlpYAMEArmaNDAhBAIAAjAbAwcAKgnBQAADAwcAKgnBQADbAwcAKgnB
QJANMA0GCSqGSIb3DQEBCwUAA4IBAQB99bx+GkVp31ihE+WoY8Fqgng9mgtyLBSl
UYe1fpdIULtH8WYVnLdX459M99Y/waEczLxTaB7Nlyi0/iA0NnczlzmRcG6p98CF
3mfe9vx8idcGbeEKxPhtjmM/1MPICA27WY7Iw8HwFmNlvNae7ELyV2VrbitfhKnv
nKunzLCwrfxGrDlAi0zVen6SxuB20e62JsiDL4PF8ylh6UTcy7sWJecB4yjS3mY+
8dod7ClFPQxoOShctN2N9UsAQk8El/FEvVpoXh8o8JKBgL/aIA6Hk2Wujg9uF2hb
jbaLLafX6qjZQ3qKaIAtmKUmPmS7xcmhJurlmESMxrDCCwUD9ZEt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:47 2025 by rpki-client