Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/bede90-939b-492c-b0c8-73bbd02cbd37/1/CANr1XcMiflnrwLZtWiiivJ4NlM.roa
File: CANr1XcMiflnrwLZtWiiivJ4NlM.roa (raw, json)
Hash identifier: U6mOdrgwc/37JbhLq3jytoIPsEIkqBtVr3vpSfkBjqs=
Subject key identifier: 08:03:6B:D5:77:0C:89:F9:67:AF:02:D9:B5:68:A2:8A:F2:78:36:53
Certificate issuer: /CN=778a2f36602c76fa7297b4e59f58dda0d501ea0d
Certificate serial: 01856CAF1ABD4B5323A65682749F097D1E70
Authority key identifier: 77:8A:2F:36:60:2C:76:FA:72:97:B4:E5:9F:58:DD:A0:D5:01:EA:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d4ovNmAsdvpyl7Tln1jdoNUB6g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/bede90-939b-492c-b0c8-73bbd02cbd37/1/CANr1XcMiflnrwLZtWiiivJ4NlM.roa
Signing time: Sun 01 Jan 2023 09:34:53 +0000
ROA not before: Sun 01 Jan 2023 09:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38948
IP address blocks: 80.251.80.0/20 maxlen: 24
2a0b:8140::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:1a:bd:4b:53:23:a6:56:82:74:9f:09:7d:1e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=778a2f36602c76fa7297b4e59f58dda0d501ea0d
Validity
Not Before: Jan 1 09:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08036bd5770c89f967af02d9b568a28af2783653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3b:ca:b3:d8:55:f4:be:a4:04:8c:ef:42:f2:
18:27:c3:68:13:61:d1:55:be:29:db:66:6a:a3:29:
b9:7a:6d:5e:08:2b:88:b1:5a:8f:66:73:a5:d1:29:
42:cb:c8:45:6d:3b:42:c3:6f:f2:11:5e:89:16:51:
3a:3b:f4:c3:eb:a1:61:0d:9c:8f:b0:7b:55:20:7b:
bb:6d:78:2a:10:60:ca:ee:ed:8d:bf:3f:8d:62:5f:
0b:8b:64:25:55:71:31:a1:0e:06:c4:d2:ca:37:26:
2d:bb:fd:93:22:89:fa:ab:89:32:52:ee:92:69:59:
a3:9b:33:18:42:89:73:25:d7:05:4f:17:a6:3b:1e:
14:4f:c4:bb:6b:d8:dc:0b:ec:9e:50:8f:cf:45:2d:
8d:c9:40:20:5a:b0:da:a5:9e:be:3a:e5:cd:23:35:
da:98:02:a4:7f:cf:75:28:2c:91:2d:ea:a2:cc:9a:
99:de:15:74:ae:2a:45:9e:85:2f:1a:49:38:f0:21:
b3:91:d7:4e:aa:ed:2d:d1:8b:e6:70:78:13:93:65:
7c:b2:6c:4c:29:1c:d7:4f:6c:9d:9f:3d:75:e5:3e:
b4:3a:53:21:c4:85:d8:16:de:d0:01:99:3a:19:51:
18:f3:51:e4:f7:8d:3d:54:39:16:f6:ba:34:66:0a:
42:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:03:6B:D5:77:0C:89:F9:67:AF:02:D9:B5:68:A2:8A:F2:78:36:53
X509v3 Authority Key Identifier:
keyid:77:8A:2F:36:60:2C:76:FA:72:97:B4:E5:9F:58:DD:A0:D5:01:EA:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4ovNmAsdvpyl7Tln1jdoNUB6g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bede90-939b-492c-b0c8-73bbd02cbd37/1/CANr1XcMiflnrwLZtWiiivJ4NlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bede90-939b-492c-b0c8-73bbd02cbd37/1/d4ovNmAsdvpyl7Tln1jdoNUB6g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.251.80.0/20
IPv6:
2a0b:8140::/29
Signature Algorithm: sha256WithRSAEncryption
25:ba:be:b8:35:ba:27:d9:5a:77:dc:16:ea:47:08:86:15:95:
c3:dc:91:64:ce:00:ea:a9:15:82:d9:bd:0e:ff:2d:2e:1b:10:
4b:a4:0a:14:20:bf:e4:6f:df:e3:c3:47:11:99:18:bc:43:89:
8c:ab:5f:86:b2:f5:de:98:b6:1a:fc:66:d4:ea:30:e8:9e:49:
e3:10:a1:ba:12:bc:f7:0a:1e:31:6e:aa:46:5f:a7:1f:52:0b:
c1:99:95:a1:4a:23:e8:65:95:f9:76:38:ba:28:c9:bb:c6:e8:
f3:a9:c0:68:1a:c3:ce:b9:d6:04:ca:80:a4:a3:08:f2:82:ba:
ba:0d:20:e0:b4:9b:3d:a3:8d:ca:fb:df:fe:5a:e4:8d:ff:e6:
2b:c9:27:2c:62:63:d9:31:d0:38:31:7a:cc:d5:65:0f:14:71:
44:88:32:e3:13:6d:0a:cc:96:c1:46:8d:f9:f6:93:e0:6f:c3:
cf:bb:62:0f:d3:ce:84:2d:8b:35:12:5c:d8:36:88:de:f6:c3:
f3:7c:55:84:a1:97:f7:55:84:04:0d:2a:db:53:19:7f:65:36:
96:7f:c2:08:9a:ec:e4:a4:09:66:a3:62:49:9e:82:da:a7:05:
76:d9:85:2e:ff:5d:fc:da:78:1a:48:1a:3d:3d:e3:42:a0:c3:
7f:e0:b7:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsrxq9S1MjplaCdJ8JfR5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3OGEyZjM2NjAyYzc2ZmE3Mjk3YjRlNTlmNThkZGEwZDUw
MWVhMGQwHhcNMjMwMTAxMDkzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODAzNmJkNTc3MGM4OWY5NjdhZjAyZDliNTY4YTI4YWYyNzgzNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jvKs9hV9L6kBIzvQvIYJ8NoE2HR
Vb4p22Zqoym5em1eCCuIsVqPZnOl0SlCy8hFbTtCw2/yEV6JFlE6O/TD66FhDZyP
sHtVIHu7bXgqEGDK7u2Nvz+NYl8Li2QlVXExoQ4GxNLKNyYtu/2TIon6q4kyUu6S
aVmjmzMYQolzJdcFTxemOx4UT8S7a9jcC+yeUI/PRS2NyUAgWrDapZ6+OuXNIzXa
mAKkf891KCyRLeqizJqZ3hV0ripFnoUvGkk48CGzkddOqu0t0YvmcHgTk2V8smxM
KRzXT2ydnz115T60OlMhxIXYFt7QAZk6GVEY81Hk9409VDkW9ro0ZgpCIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAgDa9V3DIn5Z68C2bVoooryeDZTMB8GA1UdIwQY
MBaAFHeKLzZgLHb6cpe05Z9Y3aDVAeoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDRvdk5tQXNkdnB5bDdUbG4xamRvTlVCNmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9iZWRlOTAtOTM5Yi00OTJjLWIwYzgt
NzNiYmQwMmNiZDM3LzEvQ0FOcjFYY01pZmxucndMWnRXaWlpdko0TmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9iZWRlOTAtOTM5Yi00OTJjLWIwYzgtNzNiYmQwMmNiZDM3
LzEvZDRvdk5tQXNkdnB5bDdUbG4xamRvTlVCNmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUPtQMA0E
AgACMAcDBQMqC4FAMA0GCSqGSIb3DQEBCwUAA4IBAQAlur64Nbon2Vp33BbqRwiG
FZXD3JFkzgDqqRWC2b0O/y0uGxBLpAoUIL/kb9/jw0cRmRi8Q4mMq1+GsvXemLYa
/GbU6jDonknjEKG6Erz3Ch4xbqpGX6cfUgvBmZWhSiPoZZX5dji6KMm7xujzqcBo
GsPOudYEyoCkowjygrq6DSDgtJs9o43K+9/+WuSN/+YryScsYmPZMdA4MXrM1WUP
FHFEiDLjE20KzJbBRo359pPgb8PPu2IP086ELYs1ElzYNoje9sPzfFWEoZf3VYQE
DSrbUxl/ZTaWf8IImuzkpAlmo2JJnoLapwV22YUu/1382ngaSBo9PeNCoMN/4LcH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:26 2024 by rpki-client on console-ams.rpki-client.org