Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Ndb9QMYwGmTcxQCC7RkZf1lGXbI.roa
File: Ndb9QMYwGmTcxQCC7RkZf1lGXbI.roa (raw, json)
Hash identifier: tH36SC+RFyjObODGm84Q+5AYP4iuXr7flaim5w4mioM=
Subject key identifier: 35:D6:FD:40:C6:30:1A:64:DC:C5:00:82:ED:19:19:7F:59:46:5D:B2
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018753069B2F89D4859DC45E1137097C0269
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Ndb9QMYwGmTcxQCC7RkZf1lGXbI.roa
Signing time: Wed 05 Apr 2023 20:05:54 +0000
ROA not before: Wed 05 Apr 2023 20:05:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1004
IP address blocks: 2.56.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Apr 2023 12:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:53:06:9b:2f:89:d4:85:9d:c4:5e:11:37:09:7c:02:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Apr 5 20:05:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35d6fd40c6301a64dcc50082ed19197f59465db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d2:de:6f:b2:2b:ec:0f:ba:47:2a:d4:1b:0d:
e9:4e:26:f8:82:01:51:5c:6d:a5:b1:b7:58:1d:f5:
7d:66:4e:0b:b0:73:fd:38:dd:f1:5c:1e:80:94:88:
00:5b:05:2d:2c:94:25:f5:72:39:0a:2d:7d:a4:61:
f2:59:a0:23:91:5a:26:38:6d:10:c0:35:44:02:4a:
23:eb:85:a3:dc:27:3d:6c:63:68:03:50:a9:49:be:
c5:17:4c:e9:d7:bf:aa:d4:0a:fc:b6:0d:bc:10:cb:
db:ff:76:c4:c8:ac:95:04:f8:89:44:5f:67:dc:17:
f6:81:b8:bf:f3:29:4f:33:46:86:75:bc:f3:37:85:
d3:92:63:ea:ee:82:39:ee:a5:be:3c:0c:3b:e3:bc:
b7:d7:3e:02:c2:4d:75:da:7f:e7:b1:1a:b0:98:d1:
fd:e5:34:8a:09:ef:63:a7:0b:0f:08:fd:0c:78:89:
d0:1d:ab:54:2c:6b:f6:76:f5:26:29:64:c4:54:d0:
83:e6:d7:34:2b:75:d8:d2:10:3d:4b:c3:ad:55:c6:
fe:03:77:10:e5:cb:2b:54:fa:19:48:03:9f:1c:eb:
38:49:5f:60:c4:21:f7:3b:19:a6:6e:bf:23:e7:b4:
03:70:90:79:5e:90:43:e6:1b:63:74:b7:b8:c9:d6:
49:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D6:FD:40:C6:30:1A:64:DC:C5:00:82:ED:19:19:7F:59:46:5D:B2
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Ndb9QMYwGmTcxQCC7RkZf1lGXbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/24
Signature Algorithm: sha256WithRSAEncryption
df:3e:c8:c7:81:5f:cb:19:31:9e:3c:d0:fd:e6:cb:1e:c9:be:
5c:23:65:d9:de:20:db:eb:67:6b:d5:a9:e8:71:6a:bb:12:1d:
be:4e:b8:11:d5:bc:c6:06:c7:49:3c:8f:a8:71:27:a6:31:40:
31:34:7b:35:10:8f:a5:76:cf:9d:c9:db:b7:dc:6a:0b:6f:68:
1e:61:85:cb:09:2a:82:9b:b8:dd:64:11:58:8d:9e:36:41:00:
ff:4f:3d:15:21:98:eb:bf:3f:8a:ac:c0:1d:a7:39:57:33:79:
41:36:ad:db:30:bd:02:d5:77:ce:a5:95:19:9d:2d:9d:83:0c:
83:5c:a2:16:9b:64:94:f8:85:8a:a6:71:56:0b:24:83:65:dd:
b9:7a:6e:8d:3c:26:d6:36:3a:8f:22:b0:dd:20:28:4d:f7:ac:
7d:e6:50:a8:1c:2c:27:92:b4:18:71:9e:5d:67:10:f4:89:ac:
39:92:58:55:ae:0b:b0:b5:ac:1a:dc:c6:60:d5:e9:f8:65:c5:
ee:1e:96:b3:a6:f5:fc:c8:9c:84:4a:66:b9:68:cc:7c:4f:e6:
84:20:17:f9:84:6e:d8:5e:11:17:de:f4:9d:17:07:81:52:6e:
9a:26:ee:7e:84:6c:a4:9a:5f:4a:00:30:2b:57:c7:a6:00:48:
23:5f:6f:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdTBpsvidSFncReETcJfAJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNDA1MjAwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQ2ZmQ0MGM2MzAxYTY0ZGNjNTAwODJlZDE5MTk3ZjU5NDY1ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tLeb7Ir7A+6RyrUGw3pTib4ggFR
XG2lsbdYHfV9Zk4LsHP9ON3xXB6AlIgAWwUtLJQl9XI5Ci19pGHyWaAjkVomOG0Q
wDVEAkoj64Wj3Cc9bGNoA1CpSb7FF0zp17+q1Ar8tg28EMvb/3bEyKyVBPiJRF9n
3Bf2gbi/8ylPM0aGdbzzN4XTkmPq7oI57qW+PAw747y31z4Cwk112n/nsRqwmNH9
5TSKCe9jpwsPCP0MeInQHatULGv2dvUmKWTEVNCD5tc0K3XY0hA9S8OtVcb+A3cQ
5csrVPoZSAOfHOs4SV9gxCH3Oxmmbr8j57QDcJB5XpBD5htjdLe4ydZJnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXW/UDGMBpk3MUAgu0ZGX9ZRl2yMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvTmRiOVFNWXdHbVRjeFFDQzdSa1pmMWxHWGJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjikMA0G
CSqGSIb3DQEBCwUAA4IBAQDfPsjHgV/LGTGePND95sseyb5cI2XZ3iDb62dr1ano
cWq7Eh2+TrgR1bzGBsdJPI+ocSemMUAxNHs1EI+lds+dydu33GoLb2geYYXLCSqC
m7jdZBFYjZ42QQD/Tz0VIZjrvz+KrMAdpzlXM3lBNq3bML0C1XfOpZUZnS2dgwyD
XKIWm2SU+IWKpnFWCySDZd25em6NPCbWNjqPIrDdIChN96x95lCoHCwnkrQYcZ5d
ZxD0iaw5klhVrguwtawa3MZg1en4ZcXuHpazpvX8yJyESma5aMx8T+aEIBf5hG7Y
XhEX3vSdFweBUm6aJu5+hGykml9KADArV8emAEgjX2+L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org