Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/deb648-f433-43f1-9c83-d0edec9728e5/1/CAnB3GYGjB8zZDVCS9RAq_WPtsU.roa
File: CAnB3GYGjB8zZDVCS9RAq_WPtsU.roa (raw, json)
Hash identifier: 2sJwlOEFiuYeCX7usvKZI5FopYk+/yqOiOhvJe7ju9s=
Subject key identifier: 08:09:C1:DC:66:06:8C:1F:33:64:35:42:4B:D4:40:AB:F5:8F:B6:C5
Certificate issuer: /CN=8fa2f88926e0bd8401c73cedb77e99c94dcc52d7
Certificate serial: 01857082D2CCF63F4878BFBDB88F4C2C06B9
Authority key identifier: 8F:A2:F8:89:26:E0:BD:84:01:C7:3C:ED:B7:7E:99:C9:4D:CC:52:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j6L4iSbgvYQBxzztt36ZyU3MUtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/deb648-f433-43f1-9c83-d0edec9728e5/1/CAnB3GYGjB8zZDVCS9RAq_WPtsU.roa
Signing time: Mon 02 Jan 2023 03:24:59 +0000
ROA not before: Mon 02 Jan 2023 03:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212903
IP address blocks: 91.211.3.0/24 maxlen: 24
2a0c:8740::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:d2:cc:f6:3f:48:78:bf:bd:b8:8f:4c:2c:06:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fa2f88926e0bd8401c73cedb77e99c94dcc52d7
Validity
Not Before: Jan 2 03:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0809c1dc66068c1f336435424bd440abf58fb6c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f7:01:40:bb:b1:39:38:ea:18:e8:f2:a2:cd:
e1:f9:47:3b:9c:02:5a:88:24:b9:ec:53:c2:95:3f:
cf:97:c8:a9:d6:87:b0:3f:e3:c0:54:74:68:54:82:
e3:2b:94:66:2d:02:6f:34:a0:ed:c3:5a:7f:ca:75:
5c:aa:98:57:5b:0a:0f:f1:25:4f:7a:7e:74:95:fc:
c8:87:8a:20:43:37:9e:47:67:6a:e2:61:c0:fd:60:
1e:13:12:30:37:3f:0d:ef:89:08:16:fa:23:c7:ca:
a9:4a:f5:63:58:7c:7f:4b:ff:3a:80:e6:76:24:bb:
95:44:da:02:e9:5f:44:c1:98:29:1e:42:19:7e:79:
7e:49:d4:0b:7e:9d:4d:a7:5b:77:85:97:c0:34:69:
09:db:37:19:b4:d6:d8:3c:de:97:aa:23:93:ed:b9:
98:a6:de:8f:80:2f:55:15:13:ac:c6:49:8b:e1:cb:
ad:b7:79:70:1e:22:1e:a3:c7:bb:cf:b8:ce:b2:3b:
1a:08:a3:a9:1c:2f:f6:51:44:b8:3c:c3:ec:75:d7:
c5:20:f9:d7:ff:7f:5d:61:1e:7f:97:7e:8c:ab:fc:
a2:89:c0:58:24:21:1d:f1:60:eb:75:78:14:7d:27:
63:91:fa:0f:e6:b9:0c:51:2f:51:47:8f:95:ed:65:
f4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:09:C1:DC:66:06:8C:1F:33:64:35:42:4B:D4:40:AB:F5:8F:B6:C5
X509v3 Authority Key Identifier:
keyid:8F:A2:F8:89:26:E0:BD:84:01:C7:3C:ED:B7:7E:99:C9:4D:CC:52:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j6L4iSbgvYQBxzztt36ZyU3MUtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/deb648-f433-43f1-9c83-d0edec9728e5/1/CAnB3GYGjB8zZDVCS9RAq_WPtsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/deb648-f433-43f1-9c83-d0edec9728e5/1/j6L4iSbgvYQBxzztt36ZyU3MUtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.3.0/24
IPv6:
2a0c:8740::/29
Signature Algorithm: sha256WithRSAEncryption
89:74:35:8d:cb:55:d7:9b:2d:ce:88:ce:7b:74:c6:06:e9:82:
f1:d6:b1:df:74:22:91:d3:28:25:90:39:b1:ca:de:de:34:3b:
ea:12:d5:79:30:ec:f6:54:63:e8:9a:0c:8d:88:74:48:ec:ff:
5e:9b:80:96:1c:4a:59:ab:1f:e2:23:b0:5a:2d:99:c3:f4:b9:
39:9a:6e:2f:6b:18:fe:71:46:d1:ac:cc:00:e6:8d:fa:36:44:
1f:57:ed:7d:8d:6d:c4:58:4a:e7:12:e9:68:9a:07:ee:34:f9:
72:0c:1d:8e:93:7c:b2:48:4b:bc:16:17:4c:f2:14:1e:1f:bb:
4f:24:6f:99:b7:94:ba:ee:27:97:6c:47:35:17:f8:ad:7a:10:
13:af:06:3f:ae:2c:32:f7:58:df:ad:04:7a:d1:63:27:be:f8:
78:85:a5:99:dc:01:d0:c1:23:e8:29:58:48:a6:ae:48:ce:8f:
ee:8e:4c:e8:dc:dc:ee:f1:1a:aa:55:93:60:56:fa:f9:ef:cc:
4c:05:d2:53:a8:2b:94:ea:0c:9c:1c:aa:7f:cb:18:81:ec:da:
58:d5:9e:b3:16:ff:95:5e:e2:90:d4:aa:14:70:92:4c:6e:c5:
ff:2a:91:e7:60:a5:40:83:56:a3:03:0d:3d:56:f2:95:cf:78:
c3:5c:7e:0d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwgtLM9j9IeL+9uI9MLAa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYTJmODg5MjZlMGJkODQwMWM3M2NlZGI3N2U5OWM5NGRj
YzUyZDcwHhcNMjMwMTAyMDMyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODA5YzFkYzY2MDY4YzFmMzM2NDM1NDI0YmQ0NDBhYmY1OGZiNmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfcBQLuxOTjqGOjyos3h+Uc7nAJa
iCS57FPClT/Pl8ip1oewP+PAVHRoVILjK5RmLQJvNKDtw1p/ynVcqphXWwoP8SVP
en50lfzIh4ogQzeeR2dq4mHA/WAeExIwNz8N74kIFvojx8qpSvVjWHx/S/86gOZ2
JLuVRNoC6V9EwZgpHkIZfnl+SdQLfp1Np1t3hZfANGkJ2zcZtNbYPN6XqiOT7bmY
pt6PgC9VFROsxkmL4cutt3lwHiIeo8e7z7jOsjsaCKOpHC/2UUS4PMPsddfFIPnX
/39dYR5/l36Mq/yiicBYJCEd8WDrdXgUfSdjkfoP5rkMUS9RR4+V7WX03QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAgJwdxmBowfM2Q1QkvUQKv1j7bFMB8GA1UdIwQY
MBaAFI+i+Ikm4L2EAcc87bd+mclNzFLXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajZMNGlTYmd2WVFCeHp6dHQzNlp5VTNNVXRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kZWI2NDgtZjQzMy00M2YxLTljODMt
ZDBlZGVjOTcyOGU1LzEvQ0FuQjNHWUdqQjh6WkRWQ1M5UkFxX1dQdHNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kZWI2NDgtZjQzMy00M2YxLTljODMtZDBlZGVjOTcyOGU1
LzEvajZMNGlTYmd2WVFCeHp6dHQzNlp5VTNNVXRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9MDMA0E
AgACMAcDBQMqDIdAMA0GCSqGSIb3DQEBCwUAA4IBAQCJdDWNy1XXmy3OiM57dMYG
6YLx1rHfdCKR0yglkDmxyt7eNDvqEtV5MOz2VGPomgyNiHRI7P9em4CWHEpZqx/i
I7BaLZnD9Lk5mm4vaxj+cUbRrMwA5o36NkQfV+19jW3EWErnEulomgfuNPlyDB2O
k3yySEu8FhdM8hQeH7tPJG+Zt5S67ieXbEc1F/itehATrwY/riwy91jfrQR60WMn
vvh4haWZ3AHQwSPoKVhIpq5Izo/ujkzo3Nzu8RqqVZNgVvr578xMBdJTqCuU6gyc
HKp/yxiB7NpY1Z6zFv+VXuKQ1KoUcJJMbsX/KpHnYKVAg1ajAw09VvKVz3jDXH4N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:07 2024 by rpki-client on console-ams.rpki-client.org