Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/CPwFBpxyiDIH755lfIAFyeXBiv8.roa
File: CPwFBpxyiDIH755lfIAFyeXBiv8.roa (raw, json)
Hash identifier: eiV8cRywoz34Pq9cwEYA28zksH+tswC8i11G5GTOzCc=
Subject key identifier: 08:FC:05:06:9C:72:88:32:07:EF:9E:65:7C:80:05:C9:E5:C1:8A:FF
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01856ED4BD7259A31B459058C6288305D8D2
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/CPwFBpxyiDIH755lfIAFyeXBiv8.roa
Signing time: Sun 01 Jan 2023 19:35:13 +0000
ROA not before: Sun 01 Jan 2023 19:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27882
IP address blocks: 181.41.144.0/21 maxlen: 21
181.41.156.0/22 maxlen: 22
203.88.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 30 Jan 2023 13:34:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:bd:72:59:a3:1b:45:90:58:c6:28:83:05:d8:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 19:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08fc05069c72883207ef9e657c8005c9e5c18aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a2:60:53:68:fb:6c:e1:16:57:41:b7:7f:77:
a7:de:a6:c2:60:50:da:97:aa:b2:1b:31:5b:58:ce:
a6:f9:3c:10:36:18:fa:fa:27:10:5b:e3:ea:19:fa:
64:2d:1a:e4:5b:f5:fb:da:d5:45:33:80:29:46:a1:
c3:44:ef:cb:66:2b:4f:c7:88:0d:7a:19:53:68:6e:
70:47:41:c9:e8:c7:40:50:73:13:8d:8e:09:b9:da:
bf:2a:7d:97:e0:7e:ab:ea:be:2d:d3:fd:05:68:89:
d6:43:b5:1d:6a:bc:6f:1f:7e:86:e2:bc:28:7e:7a:
d4:c8:58:3c:ad:d4:ba:86:d8:c7:99:8a:5b:55:60:
88:20:c5:86:8a:6c:6d:cb:2f:36:3c:cd:c9:e9:ec:
ad:3a:cf:db:5e:7b:81:56:d0:84:a2:e7:93:61:3c:
70:c5:65:f0:3a:f5:0e:ed:63:b2:e9:de:d7:dc:bc:
23:ca:af:77:86:d1:c5:59:ce:23:6c:2c:1f:b9:5d:
cf:60:82:e2:c0:00:26:a9:58:a9:31:86:cd:b2:07:
9c:74:09:a7:31:e8:f1:84:ab:73:0e:52:35:69:83:
7f:b9:4e:e8:21:d5:4a:5b:00:45:f6:8d:ee:53:a0:
19:b8:cc:91:76:67:f6:16:ea:2d:53:84:8d:87:d1:
1d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FC:05:06:9C:72:88:32:07:EF:9E:65:7C:80:05:C9:E5:C1:8A:FF
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/CPwFBpxyiDIH755lfIAFyeXBiv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.41.144.0/21
181.41.156.0/22
203.88.96.0/22
Signature Algorithm: sha256WithRSAEncryption
55:c2:ab:88:7d:85:c9:c1:d5:e4:fb:22:3e:22:b4:e7:a9:2b:
81:a6:21:8f:fd:c2:48:26:a1:4d:5c:da:32:1e:aa:4a:86:6f:
a3:a2:42:ce:70:f8:d3:66:ce:df:13:d0:3b:fd:2c:c0:f0:79:
93:52:a1:18:43:96:66:38:22:8d:47:cc:66:36:01:70:82:70:
ec:87:00:9f:2f:2d:a6:31:ed:19:0c:8a:75:1f:13:5e:73:cc:
8b:a8:07:cf:88:74:3e:7e:d8:73:b2:02:24:02:03:d8:cd:50:
3e:cf:0b:b3:16:f6:f3:3c:ff:a1:6c:3d:47:d4:27:01:06:14:
ad:b6:df:09:5e:cc:65:cb:de:20:e1:43:cc:39:fa:39:73:3a:
ce:e2:f7:de:c4:69:c6:00:b7:14:a3:81:a7:88:d4:06:d2:f0:
f0:dd:46:8d:07:03:56:85:57:b6:ea:94:2c:a4:11:1a:1a:76:
44:63:00:e5:98:9d:bf:80:5a:0a:57:dc:41:77:91:be:66:c4:
ea:79:e5:f1:67:6c:00:29:d0:0c:50:f4:77:93:a3:5d:11:df:
ae:72:32:0c:56:17:75:4a:df:cb:45:c7:13:cd:27:c7:5e:ca:
86:a7:84:df:f4:63:60:36:15:77:91:1e:9a:f1:36:b5:84:85:
00:e8:78:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVu1L1yWaMbRZBYxiiDBdjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGZjMDUwNjljNzI4ODMyMDdlZjllNjU3YzgwMDVjOWU1YzE4YWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36JgU2j7bOEWV0G3f3en3qbCYFDa
l6qyGzFbWM6m+TwQNhj6+icQW+PqGfpkLRrkW/X72tVFM4ApRqHDRO/LZitPx4gN
ehlTaG5wR0HJ6MdAUHMTjY4Judq/Kn2X4H6r6r4t0/0FaInWQ7UdarxvH36G4rwo
fnrUyFg8rdS6htjHmYpbVWCIIMWGimxtyy82PM3J6eytOs/bXnuBVtCEoueTYTxw
xWXwOvUO7WOy6d7X3Lwjyq93htHFWc4jbCwfuV3PYILiwAAmqVipMYbNsgecdAmn
MejxhKtzDlI1aYN/uU7oIdVKWwBF9o3uU6AZuMyRdmf2FuotU4SNh9EdPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAj8BQaccogyB++eZXyABcnlwYr/MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQ1B3RkJweHlpRElINzU1bGZJQUZ5ZVhCaXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDtSmQAwQC
tSmcAwQCy1hgMA0GCSqGSIb3DQEBCwUAA4IBAQBVwquIfYXJwdXk+yI+IrTnqSuB
piGP/cJIJqFNXNoyHqpKhm+jokLOcPjTZs7fE9A7/SzA8HmTUqEYQ5ZmOCKNR8xm
NgFwgnDshwCfLy2mMe0ZDIp1HxNec8yLqAfPiHQ+fthzsgIkAgPYzVA+zwuzFvbz
PP+hbD1H1CcBBhSttt8JXsxly94g4UPMOfo5czrO4vfexGnGALcUo4GniNQG0vDw
3UaNBwNWhVe26pQspBEaGnZEYwDlmJ2/gFoKV9xBd5G+ZsTqeeXxZ2wAKdAMUPR3
k6NdEd+ucjIMVhd1St/LRccTzSfHXsqGp4Tf9GNgNhV3kR6a8Ta1hIUA6HgO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org