Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/wTYo39ZPHJ1uT6uMm3ucmovBzRs.roa
File: wTYo39ZPHJ1uT6uMm3ucmovBzRs.roa (raw, json)
Hash identifier: I+b0vimRsPkD1IhBGJxEW/Psf+tQD71kDCoTTIGNmPA=
Subject key identifier: C1:36:28:DF:D6:4F:1C:9D:6E:4F:AB:8C:9B:7B:9C:9A:8B:C1:CD:1B
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0187F81086106CF6BB4F99750E63C94E5B8A
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/wTYo39ZPHJ1uT6uMm3ucmovBzRs.roa
Signing time: Sun 07 May 2023 21:14:05 +0000
ROA not before: Sun 07 May 2023 21:14:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201206
IP address blocks: 185.82.21.0/24 maxlen: 24
185.82.20.0/24 maxlen: 24
185.82.23.0/24 maxlen: 24
185.82.22.0/24 maxlen: 24
83.171.236.0/24 maxlen: 24
83.171.238.0/24 maxlen: 24
83.171.237.0/24 maxlen: 24
83.171.239.0/24 maxlen: 24
185.185.24.0/24 maxlen: 24
185.185.25.0/24 maxlen: 24
185.185.26.0/24 maxlen: 24
185.185.27.0/24 maxlen: 24
193.57.61.0/24 maxlen: 24
193.57.60.0/24 maxlen: 24
193.57.63.0/24 maxlen: 24
193.57.62.0/24 maxlen: 24
2a05:8b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f8:10:86:10:6c:f6:bb:4f:99:75:0e:63:c9:4e:5b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: May 7 21:14:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c13628dfd64f1c9d6e4fab8c9b7b9c9a8bc1cd1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:85:a0:f7:97:36:50:06:7e:c0:d7:08:c0:07:
c3:32:10:15:b5:d1:ad:a0:8c:59:0c:39:40:04:7d:
fe:01:4a:4a:fb:28:62:0a:c6:9d:69:37:f2:9b:f6:
e0:6d:d0:16:37:8a:99:e4:70:5a:92:2d:d7:e7:93:
b8:2a:7b:e3:be:ec:6f:b3:a7:e9:62:b5:0c:db:73:
c5:46:72:f3:ea:b7:fd:9f:2a:5c:de:4e:06:53:5e:
32:3a:6d:19:04:61:a1:02:a3:0d:3f:83:a4:04:34:
13:58:a3:2c:53:09:f4:6f:3c:be:b2:51:0f:4f:8e:
75:c4:1a:d9:a1:ae:c1:22:ce:f7:65:23:4f:44:3d:
05:dd:4c:11:67:5b:1e:5d:d1:74:41:14:c7:12:bd:
8c:1b:7d:61:ff:8e:d8:21:d0:88:5e:5d:97:7c:5d:
13:3e:97:c9:00:6a:09:98:29:81:69:39:b4:cc:5d:
9b:81:53:2f:3a:fe:e6:1a:44:bf:d9:74:9c:b5:c6:
a3:dc:a7:f2:a8:cf:79:2b:10:78:54:2b:ad:43:14:
af:84:72:26:a1:f4:cb:f4:9e:a3:8f:18:51:71:87:
0a:49:99:ee:bc:06:9b:ee:7f:2e:7d:64:2f:bf:76:
d4:ee:eb:ec:17:4d:60:06:84:9d:68:96:0a:5f:de:
1c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:36:28:DF:D6:4F:1C:9D:6E:4F:AB:8C:9B:7B:9C:9A:8B:C1:CD:1B
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/wTYo39ZPHJ1uT6uMm3ucmovBzRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.236.0/22
185.82.20.0/22
185.185.24.0/22
193.57.60.0/22
IPv6:
2a05:8b80::/29
Signature Algorithm: sha256WithRSAEncryption
43:5d:14:08:4f:53:f3:47:ad:64:56:dc:98:76:08:1d:d6:1d:
0f:3c:05:46:c5:1e:0a:3d:56:f4:e5:b7:79:99:e5:d0:3c:b0:
94:ee:79:96:7c:9e:66:53:e0:16:2b:55:77:50:65:78:95:4b:
60:fa:3e:0f:92:02:39:93:c1:d5:2d:bd:6a:04:eb:82:b9:c9:
c2:c9:fa:20:e1:11:57:b6:bc:60:5b:82:d9:ad:b7:3a:74:7a:
50:bc:07:24:27:bb:09:cc:bc:d6:dc:90:96:af:da:15:0d:6a:
ff:7d:f4:c3:2e:b5:f6:da:ce:02:7f:ea:13:88:25:62:5e:2d:
28:ef:2e:a2:7d:5e:4d:48:49:42:6c:f2:90:23:c1:c2:1b:3a:
96:0d:01:67:0d:ca:e6:26:52:05:84:29:80:5c:bb:f0:31:06:
ca:34:0b:70:89:b1:f2:11:1c:b6:9d:6c:f4:c1:44:46:51:01:
c2:e6:0d:52:9a:4c:35:69:4b:d4:6e:7f:f8:02:dc:3a:07:cd:
45:28:e2:8a:c5:aa:a1:ca:e6:1a:c7:df:36:44:49:71:4f:f6:
a0:04:84:04:51:a0:89:03:4e:e9:92:fb:90:57:65:df:e5:2f:
65:a8:6d:b0:8f:90:72:6b:39:e5:21:fe:2b:bb:d9:9d:d3:4b:
7c:3c:dd:88
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYf4EIYQbPa7T5l1DmPJTluKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjMwNTA3MjExNDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTM2MjhkZmQ2NGYxYzlkNmU0ZmFiOGM5YjdiOWM5YThiYzFjZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoWg95c2UAZ+wNcIwAfDMhAVtdGt
oIxZDDlABH3+AUpK+yhiCsadaTfym/bgbdAWN4qZ5HBaki3X55O4Knvjvuxvs6fp
YrUM23PFRnLz6rf9nypc3k4GU14yOm0ZBGGhAqMNP4OkBDQTWKMsUwn0bzy+slEP
T451xBrZoa7BIs73ZSNPRD0F3UwRZ1seXdF0QRTHEr2MG31h/47YIdCIXl2XfF0T
PpfJAGoJmCmBaTm0zF2bgVMvOv7mGkS/2XSctcaj3KfyqM95KxB4VCutQxSvhHIm
ofTL9J6jjxhRcYcKSZnuvAab7n8ufWQvv3bU7uvsF01gBoSdaJYKX94ckQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFME2KN/WTxydbk+rjJt7nJqLwc0bMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvd1RZbzM5WlBISjF1VDZ1TW0zdWNtb3ZCelJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCU6vsAwQC
uVIUAwQCubkYAwQCwTk8MA0EAgACMAcDBQMqBYuAMA0GCSqGSIb3DQEBCwUAA4IB
AQBDXRQIT1PzR61kVtyYdggd1h0PPAVGxR4KPVb05bd5meXQPLCU7nmWfJ5mU+AW
K1V3UGV4lUtg+j4PkgI5k8HVLb1qBOuCucnCyfog4RFXtrxgW4LZrbc6dHpQvAck
J7sJzLzW3JCWr9oVDWr/ffTDLrX22s4Cf+oTiCViXi0o7y6ifV5NSElCbPKQI8HC
GzqWDQFnDcrmJlIFhCmAXLvwMQbKNAtwibHyERy2nWz0wURGUQHC5g1Smkw1aUvU
bn/4Atw6B81FKOKKxaqhyuYax982RElxT/agBIQEUaCJA07pkvuQV2Xf5S9lqG2w
j5ByaznlIf4ru9md00t8PN2I
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:56 2024 by rpki-client on console-ams.rpki-client.org