Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/SnttBPWYvj5kHHpK7_stiCAIN04.roa
File: SnttBPWYvj5kHHpK7_stiCAIN04.roa (raw, json)
Hash identifier: nM3+frKLF8aCM4q3jvJ/2HZwaYcAM7aCkM7YeAofKLk=
Subject key identifier: 4A:7B:6D:04:F5:98:BE:3E:64:1C:7A:4A:EF:FB:2D:88:20:08:37:4E
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0188FBB5C696370251C9DD267767F66E2800
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/SnttBPWYvj5kHHpK7_stiCAIN04.roa
Signing time: Tue 27 Jun 2023 07:16:14 +0000
ROA not before: Tue 27 Jun 2023 07:16:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203629
IP address blocks: 2a0f:cf84::/30 maxlen: 30
2a09:3800::/30 maxlen: 30
2a0b:ab04::/30 maxlen: 30
2a0a:2880::/30 maxlen: 30
2a09:3804::/30 maxlen: 30
2a0a:2884::/30 maxlen: 30
2a10:d8c4::/30 maxlen: 30
2a0d:2e44::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 31 Jul 2023 20:14:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fb:b5:c6:96:37:02:51:c9:dd:26:77:67:f6:6e:28:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jun 27 07:16:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a7b6d04f598be3e641c7a4aeffb2d882008374e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b3:dc:e5:d4:45:89:ac:c9:24:2f:60:aa:b7:
ee:4f:4f:60:4b:56:b5:c2:0d:90:98:13:0e:87:ab:
fc:b5:62:5b:e7:40:06:11:6d:54:f5:bc:09:29:78:
09:32:c8:4d:c1:94:15:ff:f2:14:d8:51:f3:a0:5b:
e6:e8:3c:d5:6e:b1:aa:4c:b2:cb:fc:f8:72:9f:76:
af:05:f6:c1:c8:16:13:fb:4b:09:a2:29:82:be:6e:
b3:b5:ee:d3:41:fb:ac:5e:8b:ad:c3:cd:68:45:2b:
05:13:52:e5:c2:b1:66:f7:a7:27:d3:69:fb:56:b1:
d9:ef:82:5a:92:75:e8:b7:9f:75:7e:cf:4f:f5:4d:
9f:82:ef:17:4f:a7:e3:95:15:a2:3e:f7:b3:1c:10:
4c:bd:27:fd:50:04:48:03:42:d0:a6:ea:0a:78:be:
25:66:80:ea:12:36:46:4f:f2:52:22:d9:48:7d:82:
76:02:d2:e6:cc:96:94:27:2a:83:ad:6a:00:0c:cc:
75:f1:30:ff:04:85:d6:6a:04:6b:d8:75:25:bc:46:
d5:94:ac:50:94:d8:f2:7c:a2:1d:36:bb:ff:19:cc:
e3:43:b7:de:17:1a:ee:1f:71:33:f6:2d:82:3b:63:
43:9c:b1:89:27:3f:cd:9f:01:8b:42:b4:ee:f0:b8:
a9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7B:6D:04:F5:98:BE:3E:64:1C:7A:4A:EF:FB:2D:88:20:08:37:4E
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/SnttBPWYvj5kHHpK7_stiCAIN04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3800::/29
2a0a:2880::/29
2a0b:ab04::/30
2a0d:2e44::/30
2a0f:cf84::/30
2a10:d8c4::/30
Signature Algorithm: sha256WithRSAEncryption
31:6a:cf:36:35:34:b8:89:c0:c4:26:cd:b7:d0:b8:21:6f:6f:
1a:a2:95:8f:88:2c:42:47:ce:1c:75:d5:e5:ea:f1:c4:6b:7b:
5c:3a:68:c5:52:bb:da:38:bb:40:56:14:7a:3a:17:17:55:47:
08:8a:b9:34:22:e2:4c:7a:02:da:b2:ec:b8:a0:28:35:56:65:
4d:d5:0a:a1:39:a4:cf:38:59:91:1b:cb:e5:24:cf:35:13:74:
5d:0e:02:86:de:d1:8a:1b:c2:38:ec:c8:62:e7:4d:61:67:75:
13:4a:8d:10:ff:09:65:97:f6:89:33:c2:9d:d8:7a:e7:6d:54:
d8:9a:de:42:5d:b0:e1:3e:ae:af:59:cb:f2:70:8a:d5:4f:34:
6f:c4:f4:ee:0c:4a:60:8a:e7:e8:aa:af:be:ae:26:91:dc:d3:
8e:de:ea:03:47:92:52:67:ab:ca:e9:11:d8:42:c8:7e:11:af:
09:08:55:c5:ec:72:2c:33:72:07:d2:92:cf:4f:f1:1d:2f:8f:
29:6f:f2:04:17:79:7d:40:42:21:90:fd:a6:14:55:e3:3a:1a:
94:da:23:ac:37:03:cd:2d:9f:43:04:60:8c:5e:1a:e4:33:41:
ed:de:40:09:d6:df:d5:d6:70:bc:65:04:33:15:79:91:ad:17:
3a:ea:eb:b4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYj7tcaWNwJRyd0md2f2bigAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwNjI3MDcxNjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTdiNmQwNGY1OThiZTNlNjQxYzdhNGFlZmZiMmQ4ODIwMDgzNzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLPc5dRFiazJJC9gqrfuT09gS1a1
wg2QmBMOh6v8tWJb50AGEW1U9bwJKXgJMshNwZQV//IU2FHzoFvm6DzVbrGqTLLL
/Phyn3avBfbByBYT+0sJoimCvm6zte7TQfusXoutw81oRSsFE1LlwrFm96cn02n7
VrHZ74JaknXot591fs9P9U2fgu8XT6fjlRWiPvezHBBMvSf9UARIA0LQpuoKeL4l
ZoDqEjZGT/JSItlIfYJ2AtLmzJaUJyqDrWoADMx18TD/BIXWagRr2HUlvEbVlKxQ
lNjyfKIdNrv/GczjQ7feFxruH3Ez9i2CO2NDnLGJJz/NnwGLQrTu8LipTwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEp7bQT1mL4+ZBx6Su/7LYggCDdOMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvU250dEJQV1l2ajVrSEhwSzdfc3RpQ0FJTjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgk4AAMF
AyoKKIADBQIqC6sEAwUCKg0uRAMFAioPz4QDBQIqENjEMA0GCSqGSIb3DQEBCwUA
A4IBAQAxas82NTS4icDEJs230Lghb28aopWPiCxCR84cddXl6vHEa3tcOmjFUrva
OLtAVhR6OhcXVUcIirk0IuJMegLasuy4oCg1VmVN1QqhOaTPOFmRG8vlJM81E3Rd
DgKG3tGKG8I47Mhi501hZ3UTSo0Q/wlll/aJM8Kd2HrnbVTYmt5CXbDhPq6vWcvy
cIrVTzRvxPTuDEpgiufoqq++riaR3NOO3uoDR5JSZ6vK6RHYQsh+Ea8JCFXF7HIs
M3IH0pLPT/EdL48pb/IEF3l9QEIhkP2mFFXjOhqU2iOsNwPNLZ9DBGCMXhrkM0Ht
3kAJ1t/V1nC8ZQQzFXmRrRc66uu0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org