Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/nTX_d4iF28OQt9X1rh5lNpbuaMo.roa
File: nTX_d4iF28OQt9X1rh5lNpbuaMo.roa (raw, json)
Hash identifier: FUJt85ON+LK15q+1hKUzr0RP5FbJY4uPjk9d8g3GrUw=
Subject key identifier: 9D:35:FF:77:88:85:DB:C3:90:B7:D5:F5:AE:1E:65:36:96:EE:68:CA
Certificate issuer: /CN=fd1196d98decd38eb03f5f06b48e556c74f231f4
Certificate serial: 01856D53F927C18C411B7D2CDA29A5A09667
Authority key identifier: FD:11:96:D9:8D:EC:D3:8E:B0:3F:5F:06:B4:8E:55:6C:74:F2:31:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_RGW2Y3s046wP18GtI5VbHTyMfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/nTX_d4iF28OQt9X1rh5lNpbuaMo.roa
Signing time: Sun 01 Jan 2023 12:34:57 +0000
ROA not before: Sun 01 Jan 2023 12:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12874
IP address blocks: 2a04:a580::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f9:27:c1:8c:41:1b:7d:2c:da:29:a5:a0:96:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd1196d98decd38eb03f5f06b48e556c74f231f4
Validity
Not Before: Jan 1 12:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d35ff778885dbc390b7d5f5ae1e653696ee68ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a6:9b:9d:3f:69:9a:e4:8f:d9:36:20:5b:52:
6d:62:49:f5:09:9e:4e:e9:a9:28:9e:ae:c9:c6:94:
50:3c:e4:95:1f:e9:0e:1b:e2:99:8e:34:0b:a0:d4:
e7:05:0f:8c:a2:ae:ea:7a:e0:1a:31:92:05:d2:c4:
ff:bd:b8:79:be:3b:44:03:2a:f8:4b:d8:e7:f4:1e:
96:d7:82:b7:13:93:cd:c2:99:ce:92:b9:46:2e:96:
52:d6:ff:6c:61:29:c0:b5:0c:0e:34:1f:04:9e:df:
61:26:44:aa:5b:5d:09:fe:32:43:19:68:52:7a:8f:
be:18:8c:98:c0:34:6f:bc:85:20:d6:28:ea:2c:38:
7b:35:32:91:db:44:65:5a:8c:e7:4e:4d:ed:27:f4:
05:84:86:ee:c0:a6:38:a4:b9:c2:00:b3:52:4b:8a:
a2:ef:db:05:e9:6f:b6:da:4a:1d:45:bf:95:19:50:
ca:7b:1e:19:c9:ad:a7:ff:84:89:49:93:a6:53:f6:
07:8a:98:10:fb:02:73:73:bf:ac:a3:fb:63:0d:84:
25:b7:d4:f2:58:bd:ae:74:ea:9a:7c:37:27:f0:1e:
da:78:29:a9:27:97:00:7c:5d:bb:1c:6b:0f:55:3b:
45:a6:71:06:00:ac:b3:f4:b9:e6:9c:c5:a6:76:47:
5c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:35:FF:77:88:85:DB:C3:90:B7:D5:F5:AE:1E:65:36:96:EE:68:CA
X509v3 Authority Key Identifier:
keyid:FD:11:96:D9:8D:EC:D3:8E:B0:3F:5F:06:B4:8E:55:6C:74:F2:31:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_RGW2Y3s046wP18GtI5VbHTyMfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/nTX_d4iF28OQt9X1rh5lNpbuaMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/_RGW2Y3s046wP18GtI5VbHTyMfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a580::/29
Signature Algorithm: sha256WithRSAEncryption
4e:c0:6a:e7:c0:bf:7f:49:33:cb:38:60:48:c0:fa:6d:7a:72:
de:87:ab:b1:af:fb:07:bd:2a:c1:ff:60:d8:fd:b5:b9:2f:35:
2c:a9:cd:21:17:6e:a8:63:15:aa:d6:4f:42:e4:cb:33:c6:0a:
9d:82:d8:ee:16:ce:07:d0:2e:b8:96:87:67:c6:03:82:fd:e0:
b1:39:a1:3f:2f:8c:be:ae:d4:f7:ed:ba:55:b1:a5:dd:bd:6c:
6c:71:b5:cf:03:5e:e0:95:61:24:bf:b0:ed:3d:ce:70:66:0f:
38:b9:66:4e:39:e2:62:72:72:50:fa:27:11:42:35:91:f6:87:
4b:a9:08:6c:10:c7:ed:48:3f:af:c7:9f:00:7d:50:a0:59:de:
bd:b1:f5:eb:13:6a:84:93:0e:38:ae:e2:f4:96:9d:ce:9b:3a:
d9:d4:fc:2b:9f:1b:9d:c0:59:0c:9a:83:2d:79:18:c4:6b:8c:
ba:b2:27:b5:d6:dc:c8:ac:be:68:a5:c3:d1:8d:0a:bc:51:c7:
aa:5b:6a:81:c8:75:26:85:db:f6:1c:bd:d1:c4:c6:14:c4:c0:
6f:84:ce:65:b7:83:06:97:4e:97:1a:e8:e9:c9:37:3d:57:5f:
1e:5c:9d:7f:36:9d:f1:2d:8b:b9:15:32:f0:0c:af:9e:fd:26:
d8:f3:67:51
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtU/knwYxBG30s2imloJZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMTE5NmQ5OGRlY2QzOGViMDNmNWYwNmI0OGU1NTZjNzRm
MjMxZjQwHhcNMjMwMTAxMTIzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDM1ZmY3Nzg4ODVkYmMzOTBiN2Q1ZjVhZTFlNjUzNjk2ZWU2OGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaabnT9pmuSP2TYgW1JtYkn1CZ5O
6akonq7JxpRQPOSVH+kOG+KZjjQLoNTnBQ+Moq7qeuAaMZIF0sT/vbh5vjtEAyr4
S9jn9B6W14K3E5PNwpnOkrlGLpZS1v9sYSnAtQwONB8Ent9hJkSqW10J/jJDGWhS
eo++GIyYwDRvvIUg1ijqLDh7NTKR20RlWoznTk3tJ/QFhIbuwKY4pLnCALNSS4qi
79sF6W+22kodRb+VGVDKex4Zya2n/4SJSZOmU/YHipgQ+wJzc7+so/tjDYQlt9Ty
WL2udOqafDcn8B7aeCmpJ5cAfF27HGsPVTtFpnEGAKyz9LnmnMWmdkdcaQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ01/3eIhdvDkLfV9a4eZTaW7mjKMB8GA1UdIwQY
MBaAFP0RltmN7NOOsD9fBrSOVWx08jH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1JHVzJZM3MwNDZ3UDE4R3RJNVZiSFR5TWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS80ZDU2NjAtNTM2NC00NDU0LWE5YmUt
NGY4OTAyYmZlMTcyLzEvblRYX2Q0aUYyOE9RdDlYMXJoNWxOcGJ1YU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS80ZDU2NjAtNTM2NC00NDU0LWE5YmUtNGY4OTAyYmZlMTcy
LzEvX1JHVzJZM3MwNDZ3UDE4R3RJNVZiSFR5TWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgSlgDAN
BgkqhkiG9w0BAQsFAAOCAQEATsBq58C/f0kzyzhgSMD6bXpy3oersa/7B70qwf9g
2P21uS81LKnNIRduqGMVqtZPQuTLM8YKnYLY7hbOB9AuuJaHZ8YDgv3gsTmhPy+M
vq7U9+26VbGl3b1sbHG1zwNe4JVhJL+w7T3OcGYPOLlmTjniYnJyUPonEUI1kfaH
S6kIbBDH7Ug/r8efAH1QoFnevbH16xNqhJMOOK7i9Jadzps62dT8K58bncBZDJqD
LXkYxGuMurIntdbcyKy+aKXD0Y0KvFHHqltqgch1JoXb9hy90cTGFMTAb4TOZbeD
BpdOlxro6ck3PVdfHlydfzad8S2LuRUy8Ayvnv0m2PNnUQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:21 2024 by rpki-client on console-ams.rpki-client.org