Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/1cd6ca-c052-4e3d-974d-d32e56d79b2a/1/CWTp-UUaUl2F2Xgd-OA8-Y785nk.roa
File: CWTp-UUaUl2F2Xgd-OA8-Y785nk.roa (raw, json)
Hash identifier: +T6cFH/OrfFN89fHY3GYjFUmEQPSG205OId97wJRThk=
Subject key identifier: 09:64:E9:F9:45:1A:52:5D:85:D9:78:1D:F8:E0:3C:F9:8E:FC:E6:79
Certificate issuer: /CN=852dc0d0998b8126babb9775ab40c162ef96fa2d
Certificate serial: 01856DE65355AA6D57EC0286F97031923E0B
Authority key identifier: 85:2D:C0:D0:99:8B:81:26:BA:BB:97:75:AB:40:C1:62:EF:96:FA:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hS3A0JmLgSa6u5d1q0DBYu-W-i0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/1cd6ca-c052-4e3d-974d-d32e56d79b2a/1/CWTp-UUaUl2F2Xgd-OA8-Y785nk.roa
Signing time: Sun 01 Jan 2023 15:14:49 +0000
ROA not before: Sun 01 Jan 2023 15:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62856
IP address blocks: 185.81.102.0/24 maxlen: 24
185.81.101.0/24 maxlen: 24
185.81.100.0/24 maxlen: 24
185.81.100.0/22 maxlen: 22
2a05:8780::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:53:55:aa:6d:57:ec:02:86:f9:70:31:92:3e:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=852dc0d0998b8126babb9775ab40c162ef96fa2d
Validity
Not Before: Jan 1 15:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0964e9f9451a525d85d9781df8e03cf98efce679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a9:b8:6b:1f:71:fe:0c:59:a3:ce:ef:d2:c1:
e6:71:87:c9:37:bc:a0:80:9f:66:f3:4e:d4:e2:cc:
d6:d6:d5:8d:aa:3d:e0:f5:5c:6b:e0:40:f1:13:0a:
28:a1:ab:47:c4:91:aa:19:04:20:bd:9d:7b:78:46:
d9:ed:2d:5e:48:17:d5:17:c3:23:1d:bb:b2:25:1d:
03:8e:b2:78:6a:1e:bf:3c:d2:ea:c1:6f:b3:ac:52:
b6:a1:19:fe:41:be:c7:b7:f6:ff:cd:66:05:23:5b:
6a:fb:4b:c4:4b:fa:26:29:dd:17:4d:e3:d1:38:50:
94:d3:fe:81:83:c1:51:8a:ff:7b:01:62:f6:03:c5:
70:83:35:b7:3a:32:e6:b1:92:a5:c8:d0:8b:e5:03:
e0:ca:4a:54:b6:32:e3:ac:08:56:85:12:b0:5e:0b:
2b:13:f2:14:f5:5a:47:4f:51:3c:5d:8f:00:d0:4d:
81:21:f5:aa:96:27:86:14:9a:fc:c6:d3:ad:1c:8c:
3f:6b:d8:35:65:77:3c:43:57:35:ec:8d:d1:36:58:
66:6d:4c:42:c6:5c:2b:d4:49:b0:a6:ee:7b:87:cf:
df:7d:3c:4b:7b:f9:d3:cf:08:9e:64:13:1c:b4:8a:
23:b4:02:d5:9e:30:06:0d:9d:d5:fd:e9:72:15:d7:
ac:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:64:E9:F9:45:1A:52:5D:85:D9:78:1D:F8:E0:3C:F9:8E:FC:E6:79
X509v3 Authority Key Identifier:
keyid:85:2D:C0:D0:99:8B:81:26:BA:BB:97:75:AB:40:C1:62:EF:96:FA:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hS3A0JmLgSa6u5d1q0DBYu-W-i0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/1cd6ca-c052-4e3d-974d-d32e56d79b2a/1/CWTp-UUaUl2F2Xgd-OA8-Y785nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/1cd6ca-c052-4e3d-974d-d32e56d79b2a/1/hS3A0JmLgSa6u5d1q0DBYu-W-i0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.100.0/22
IPv6:
2a05:8780::/29
Signature Algorithm: sha256WithRSAEncryption
4d:cb:36:13:61:64:58:d0:1b:ec:9d:bb:94:27:24:2f:ab:32:
7f:e1:1d:ba:7c:d8:7a:6c:87:eb:97:53:06:aa:33:25:81:91:
b3:73:4a:56:e2:d9:08:15:fb:e2:25:7c:e2:6e:e1:2c:d1:f8:
10:0f:ce:c6:82:d5:cd:82:90:31:c6:32:db:05:88:7b:4c:18:
52:04:27:3a:4b:96:f3:b9:85:6f:78:ea:bf:e3:15:12:fb:bb:
41:0f:0b:f2:08:29:c6:f2:38:9d:9f:71:a7:c2:2e:d9:1f:30:
9c:87:6f:be:d8:42:60:2e:bc:61:f9:dc:3a:c6:d1:29:09:03:
53:b6:17:f6:2a:dc:bc:ed:e4:d2:62:9f:2b:dc:12:d6:be:e7:
ab:8a:07:ed:46:6c:25:19:83:43:52:ac:70:1e:36:11:1a:01:
d8:1c:53:df:75:7e:c5:45:0d:96:a7:e4:2d:e0:ff:cc:e1:b6:
c7:dd:6b:97:e3:1a:93:0a:26:9b:a9:f6:a4:27:f9:95:55:e7:
72:04:ca:7f:b1:d9:a7:74:9b:c5:7e:84:f8:12:37:82:d9:29:
8b:b3:72:9e:fc:9b:ec:72:ff:0e:ab:82:dd:40:8e:ab:2d:77:
4d:87:cd:77:9b:af:e7:68:0d:20:91:f9:e7:de:5c:4b:cb:56:
80:62:4a:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt5lNVqm1X7AKG+XAxkj4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MmRjMGQwOTk4YjgxMjZiYWJiOTc3NWFiNDBjMTYyZWY5
NmZhMmQwHhcNMjMwMTAxMTUxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTY0ZTlmOTQ1MWE1MjVkODVkOTc4MWRmOGUwM2NmOThlZmNlNjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtam4ax9x/gxZo87v0sHmcYfJN7yg
gJ9m807U4szW1tWNqj3g9Vxr4EDxEwoooatHxJGqGQQgvZ17eEbZ7S1eSBfVF8Mj
HbuyJR0DjrJ4ah6/PNLqwW+zrFK2oRn+Qb7Ht/b/zWYFI1tq+0vES/omKd0XTePR
OFCU0/6Bg8FRiv97AWL2A8VwgzW3OjLmsZKlyNCL5QPgykpUtjLjrAhWhRKwXgsr
E/IU9VpHT1E8XY8A0E2BIfWqlieGFJr8xtOtHIw/a9g1ZXc8Q1c17I3RNlhmbUxC
xlwr1Emwpu57h8/ffTxLe/nTzwieZBMctIojtALVnjAGDZ3V/elyFdesGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAlk6flFGlJdhdl4HfjgPPmO/OZ5MB8GA1UdIwQY
MBaAFIUtwNCZi4EmuruXdatAwWLvlvotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFMzQTBKbUxnU2E2dTVkMXEwREJZdS1XLWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8xY2Q2Y2EtYzA1Mi00ZTNkLTk3NGQt
ZDMyZTU2ZDc5YjJhLzEvQ1dUcC1VVWFVbDJGMlhnZC1PQTgtWTc4NW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8xY2Q2Y2EtYzA1Mi00ZTNkLTk3NGQtZDMyZTU2ZDc5YjJh
LzEvaFMzQTBKbUxnU2E2dTVkMXEwREJZdS1XLWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVFkMA0E
AgACMAcDBQMqBYeAMA0GCSqGSIb3DQEBCwUAA4IBAQBNyzYTYWRY0BvsnbuUJyQv
qzJ/4R26fNh6bIfrl1MGqjMlgZGzc0pW4tkIFfviJXzibuEs0fgQD87GgtXNgpAx
xjLbBYh7TBhSBCc6S5bzuYVveOq/4xUS+7tBDwvyCCnG8jidn3Gnwi7ZHzCch2++
2EJgLrxh+dw6xtEpCQNTthf2Kty87eTSYp8r3BLWvuerigftRmwlGYNDUqxwHjYR
GgHYHFPfdX7FRQ2Wp+Qt4P/M4bbH3WuX4xqTCiabqfakJ/mVVedyBMp/sdmndJvF
foT4EjeC2SmLs3Ke/Jvscv8Oq4LdQI6rLXdNh813m6/naA0gkfnn3lxLy1aAYkqs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:28 2024 by rpki-client on console-ams.rpki-client.org