Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/CAN3DGaBRVxHP2A6hFj_DUSOgdo.roa
File: CAN3DGaBRVxHP2A6hFj_DUSOgdo.roa (raw, json)
Hash identifier: T3qxYnEMbrhE9o6cQZ2VUaPGUEqziEDJvLgyKhvUpFY=
Subject key identifier: 08:03:77:0C:66:81:45:5C:47:3F:60:3A:84:58:FF:0D:44:8E:81:DA
Certificate issuer: /CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Certificate serial: 018570829D249FEC578AEF0174096A16C59B
Authority key identifier: 70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/CAN3DGaBRVxHP2A6hFj_DUSOgdo.roa
Signing time: Mon 02 Jan 2023 03:24:46 +0000
ROA not before: Mon 02 Jan 2023 03:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30768
IP address blocks: 193.19.83.0/24 maxlen: 24
193.19.82.0/24 maxlen: 24
193.19.82.0/23 maxlen: 24
194.165.0.0/23 maxlen: 24
194.165.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Mar 2023 10:10:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:9d:24:9f:ec:57:8a:ef:01:74:09:6a:16:c5:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Validity
Not Before: Jan 2 03:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0803770c6681455c473f603a8458ff0d448e81da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f1:46:c8:ef:21:95:3e:2d:6d:06:4b:92:ec:
ce:08:cd:62:b3:e2:e5:62:be:12:41:fa:54:43:41:
6e:c0:f7:90:ec:33:a4:c0:03:45:9f:9e:36:c2:f3:
74:19:7c:b6:97:18:f5:d3:b3:41:33:d8:ab:93:cd:
3a:d9:21:d7:61:f6:9f:00:63:5d:52:95:ad:06:b1:
37:39:89:69:0b:07:db:eb:5b:2f:ed:30:d0:b7:e2:
6b:a8:d2:e8:b6:24:14:6f:fa:28:39:c4:d0:ad:e0:
81:ee:88:58:3d:b7:ae:c2:dd:7f:14:b2:f2:8d:b2:
91:be:08:20:de:a7:27:03:82:bd:88:9e:b8:58:0e:
76:ca:16:d8:df:e1:83:69:b2:0d:fb:af:5c:72:ca:
d7:e0:fc:9f:52:fa:b5:1b:a5:0d:0a:cf:fd:bb:a5:
24:5e:75:cb:8d:81:0b:d0:25:ed:29:74:20:87:3f:
fa:21:6b:0d:de:bd:ba:0e:89:9d:00:b9:e3:98:95:
82:03:0c:d7:c7:10:cc:43:83:32:d9:2c:da:fb:f1:
d8:2b:17:42:72:c5:ab:72:f8:53:99:a3:f6:bd:ea:
2c:e1:f0:38:0e:d3:32:54:e7:25:ba:db:5a:b0:14:
c3:72:d8:e1:06:8f:22:bf:2e:5b:11:c0:e1:df:55:
1d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:03:77:0C:66:81:45:5C:47:3F:60:3A:84:58:FF:0D:44:8E:81:DA
X509v3 Authority Key Identifier:
keyid:70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/CAN3DGaBRVxHP2A6hFj_DUSOgdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/cJ626qpJ3WtIPgSxQ05NrHntnTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.82.0/23
194.165.0.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:49:4d:1f:1d:11:b5:b1:f3:2d:77:cc:00:7e:cc:a3:af:8f:
40:2a:60:7c:ca:24:33:48:6a:d6:48:22:a2:2b:a5:6b:5e:60:
88:4f:5d:6b:76:d9:e3:b7:3a:9d:2f:8a:20:2c:c9:0c:af:06:
ec:79:9a:84:1b:e7:60:8c:67:66:0c:ff:dc:3d:a6:67:63:23:
03:e9:3b:1c:2e:6b:84:34:3d:04:b6:ff:77:7b:11:ee:f6:f3:
a3:b7:1e:17:63:cf:67:11:27:10:ed:ed:88:c4:1a:4e:bc:0e:
cc:1f:cc:34:cc:eb:77:4c:90:e8:83:63:3a:e6:6b:1d:e2:27:
a2:f8:05:19:01:5d:2d:d3:84:76:24:52:9f:4f:00:9f:44:52:
2b:3d:06:ea:03:cb:bf:af:5d:c7:27:2d:b5:6f:3e:9e:a7:f7:
05:ea:51:47:a9:52:99:15:17:c9:4d:6b:47:2f:ee:c1:c9:2e:
b1:6e:da:30:09:a1:76:44:b0:72:52:7d:46:ba:88:96:0a:69:
57:af:f0:04:a6:d0:32:5d:87:65:4e:56:0d:66:0e:ad:33:a4:
60:1e:10:40:be:1c:0c:a5:a5:c5:18:51:f5:2c:87:05:88:da:
fb:b0:48:e2:46:56:8d:91:83:08:72:d1:a2:bf:bf:0c:28:c0:
ac:66:06:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwgp0kn+xXiu8BdAlqFsWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWViNmVhYWE0OWRkNmI0ODNlMDRiMTQzNGU0ZGFjNzll
ZDlkMzEwHhcNMjMwMTAyMDMyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODAzNzcwYzY2ODE0NTVjNDczZjYwM2E4NDU4ZmYwZDQ0OGU4MWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/FGyO8hlT4tbQZLkuzOCM1is+Ll
Yr4SQfpUQ0FuwPeQ7DOkwANFn542wvN0GXy2lxj107NBM9irk8062SHXYfafAGNd
UpWtBrE3OYlpCwfb61sv7TDQt+JrqNLotiQUb/ooOcTQreCB7ohYPbeuwt1/FLLy
jbKRvggg3qcnA4K9iJ64WA52yhbY3+GDabIN+69ccsrX4PyfUvq1G6UNCs/9u6Uk
XnXLjYEL0CXtKXQghz/6IWsN3r26DomdALnjmJWCAwzXxxDMQ4My2Sza+/HYKxdC
csWrcvhTmaP2veos4fA4DtMyVOcluttasBTDctjhBo8ivy5bEcDh31Ud/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAgDdwxmgUVcRz9gOoRY/w1EjoHaMB8GA1UdIwQY
MBaAFHCetuqqSd1rSD4EsUNOTax57Z0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAt
OWY2ZmEwZTFhNWE1LzEvQ0FOM0RHYUJSVnhIUDJBNmhGal9EVVNPZ2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAtOWY2ZmEwZTFhNWE1
LzEvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwRNSAwQB
wqUAMA0GCSqGSIb3DQEBCwUAA4IBAQCpSU0fHRG1sfMtd8wAfsyjr49AKmB8yiQz
SGrWSCKiK6VrXmCIT11rdtnjtzqdL4ogLMkMrwbseZqEG+dgjGdmDP/cPaZnYyMD
6TscLmuEND0Etv93exHu9vOjtx4XY89nEScQ7e2IxBpOvA7MH8w0zOt3TJDog2M6
5msd4iei+AUZAV0t04R2JFKfTwCfRFIrPQbqA8u/r13HJy21bz6ep/cF6lFHqVKZ
FRfJTWtHL+7ByS6xbtowCaF2RLByUn1GuoiWCmlXr/AEptAyXYdlTlYNZg6tM6Rg
HhBAvhwMpaXFGFH1LIcFiNr7sEjiRlaNkYMIctGiv78MKMCsZgal
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:03 2024 by rpki-client on console-ams.rpki-client.org