Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/NTjxgC006VIas0XCw-SR44_77GY.roa
File: NTjxgC006VIas0XCw-SR44_77GY.roa (raw, json)
Hash identifier: zxBIiF/70DGPTbqNJ6b9E2kC5bkym+bLIxJq0JSMMmg=
Subject key identifier: 35:38:F1:80:2D:34:E9:52:1A:B3:45:C2:C3:E4:91:E3:8F:FB:EC:66
Certificate issuer: /CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Certificate serial: 01856DDD44E15F47049E3DC725449B7A2313
Authority key identifier: A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/NTjxgC006VIas0XCw-SR44_77GY.roa
Signing time: Sun 01 Jan 2023 15:04:55 +0000
ROA not before: Sun 01 Jan 2023 15:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1880
IP address blocks: 192.67.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:44:e1:5f:47:04:9e:3d:c7:25:44:9b:7a:23:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Validity
Not Before: Jan 1 15:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3538f1802d34e9521ab345c2c3e491e38ffbec66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3a:ac:4f:6a:13:57:10:7a:23:78:f8:ec:b4:
fb:fd:34:85:8b:de:be:1a:b9:88:99:7b:ce:a1:a0:
9d:5b:cb:38:40:ec:99:17:ee:3b:d0:fc:e0:70:8f:
f9:6d:3e:90:b1:99:3f:6d:dc:0f:30:9e:12:e5:31:
1e:57:dc:aa:e0:b2:6a:38:29:39:a6:34:21:5e:6e:
95:b3:9e:d6:68:15:fd:bb:f3:d4:e2:8b:ca:43:96:
49:02:46:d7:ee:aa:b5:31:4e:d3:4e:8f:c3:ba:1e:
1f:45:11:05:ff:33:a7:a3:27:ba:25:11:c3:38:54:
10:6e:b5:60:e6:90:29:78:d9:08:07:ee:9e:20:7d:
27:4d:e0:c4:64:b8:19:1e:6e:91:e6:b6:ed:5f:e7:
f2:a2:25:3b:18:59:a9:1f:74:93:61:83:74:45:8f:
43:f0:4b:af:4e:bc:7a:fc:15:2a:e1:07:7e:39:2b:
60:65:73:66:50:a3:19:d4:50:f3:2d:15:2a:e8:14:
b7:d0:47:c7:63:40:78:4e:a3:96:18:d8:6b:06:7b:
ab:c7:d4:07:02:25:18:9c:85:32:e3:a6:84:48:fe:
42:36:20:0f:8b:c2:27:d7:dd:af:a1:af:40:94:96:
bf:0e:4f:2b:95:29:78:cc:82:99:69:47:9b:a3:95:
12:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:38:F1:80:2D:34:E9:52:1A:B3:45:C2:C3:E4:91:E3:8F:FB:EC:66
X509v3 Authority Key Identifier:
keyid:A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/NTjxgC006VIas0XCw-SR44_77GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/qCybwtLaz9bxMNhahP7eq_F5pWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.67.58.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:45:92:f2:b5:9b:8b:6e:f7:55:eb:a6:12:09:10:01:e8:2b:
46:a9:77:b6:5c:d8:38:3c:d8:6d:8b:aa:be:3a:c8:02:3c:67:
d3:4f:48:5b:3c:fd:1d:0e:f4:12:1a:a9:e6:9e:1f:a5:83:9a:
ce:16:23:cd:8b:e4:a5:29:b0:88:78:c1:7e:5d:d9:ab:a9:72:
fc:e8:21:a3:03:59:78:bd:dd:a7:01:d3:ad:f8:f0:9a:78:3a:
80:e5:da:1f:16:36:26:e4:2a:d1:ee:8a:1f:ad:f1:3f:5f:b9:
62:bc:7f:33:be:31:99:71:ff:4d:ab:10:07:89:c4:cf:09:b4:
9a:65:f4:7f:e0:94:09:79:39:8f:5a:bf:39:5c:3d:04:c8:3f:
c2:83:6b:56:84:ed:ca:6b:14:d0:1b:62:b9:3d:c6:a5:c2:a8:
f8:3c:83:67:2a:1a:3b:9e:c2:1c:c6:19:a7:27:eb:1b:8f:f6:
e0:4b:e8:9e:1f:10:2b:63:e7:02:e8:d9:44:5c:4e:28:bb:7f:
48:b2:fc:83:c7:27:32:4c:f7:e0:b0:96:4a:d5:fb:e6:21:78:
7c:2d:53:f4:4c:c6:a6:55:5f:43:08:73:e9:ce:ee:33:ae:e8:
16:d4:b0:be:6e:99:27:c0:53:dd:14:d6:09:d6:55:83:b6:16:
57:68:68:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3UThX0cEnj3HJUSbeiMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MmM5YmMyZDJkYWNmZDZmMTMwZDg1YTg0ZmVkZWFiZjE3
OWE1NjcwHhcNMjMwMTAxMTUwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTM4ZjE4MDJkMzRlOTUyMWFiMzQ1YzJjM2U0OTFlMzhmZmJlYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jqsT2oTVxB6I3j47LT7/TSFi96+
GrmImXvOoaCdW8s4QOyZF+470PzgcI/5bT6QsZk/bdwPMJ4S5TEeV9yq4LJqOCk5
pjQhXm6Vs57WaBX9u/PU4ovKQ5ZJAkbX7qq1MU7TTo/Duh4fRREF/zOnoye6JRHD
OFQQbrVg5pApeNkIB+6eIH0nTeDEZLgZHm6R5rbtX+fyoiU7GFmpH3STYYN0RY9D
8EuvTrx6/BUq4Qd+OStgZXNmUKMZ1FDzLRUq6BS30EfHY0B4TqOWGNhrBnurx9QH
AiUYnIUy46aESP5CNiAPi8In192voa9AlJa/Dk8rlSl4zIKZaUebo5USSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDU48YAtNOlSGrNFwsPkkeOP++xmMB8GA1UdIwQY
MBaAFKgsm8LS2s/W8TDYWoT+3qvxeaVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUN5Ynd0TGF6OWJ4TU5oYWhQN2VxX0Y1cFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYjkxODUtNDBiNS00OTBiLTlhZjgt
NTVjMTQwYzlmNTRmLzEvTlRqeGdDMDA2VklhczBYQ3ctU1I0NF83N0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYjkxODUtNDBiNS00OTBiLTlhZjgtNTVjMTQwYzlmNTRm
LzEvcUN5Ynd0TGF6OWJ4TU5oYWhQN2VxX0Y1cFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEM6MA0G
CSqGSIb3DQEBCwUAA4IBAQAeRZLytZuLbvdV66YSCRAB6CtGqXe2XNg4PNhti6q+
OsgCPGfTT0hbPP0dDvQSGqnmnh+lg5rOFiPNi+SlKbCIeMF+XdmrqXL86CGjA1l4
vd2nAdOt+PCaeDqA5dofFjYm5CrR7oofrfE/X7livH8zvjGZcf9NqxAHicTPCbSa
ZfR/4JQJeTmPWr85XD0EyD/Cg2tWhO3KaxTQG2K5Pcalwqj4PINnKho7nsIcxhmn
J+sbj/bgS+ieHxArY+cC6NlEXE4ou39IsvyDxycyTPfgsJZK1fvmIXh8LVP0TMam
VV9DCHPpzu4zrugW1LC+bpknwFPdFNYJ1lWDthZXaGgo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:01 2024 by rpki-client on console-fra.rpki-client.org