Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/NPXMONh1m95nECIFlM9A9xwkfhw.roa
File: NPXMONh1m95nECIFlM9A9xwkfhw.roa (raw, json)
Hash identifier: DP0Ub2gK3De78FB9iD+RU+DjY9K6mDI0Z0e95oOeD90=
Subject key identifier: 34:F5:CC:38:D8:75:9B:DE:67:10:22:05:94:CF:40:F7:1C:24:7E:1C
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA7D21026D81850D17AEF8B38B1177
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/NPXMONh1m95nECIFlM9A9xwkfhw.roa
Signing time: Mon 02 Jan 2023 13:45:02 +0000
ROA not before: Mon 02 Jan 2023 13:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208127
IP address blocks: 2a0f:5707:ac00::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:7d:21:02:6d:81:85:0d:17:ae:f8:b3:8b:11:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34f5cc38d8759bde6710220594cf40f71c247e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dc:2c:f0:ff:f9:99:e2:45:33:a9:cf:04:e6:
75:7b:8f:86:b2:d1:a7:60:40:95:cc:41:06:7f:d0:
f9:66:4a:aa:b8:36:5b:9d:3d:d5:be:14:d4:0f:c2:
58:45:d1:9d:25:48:c9:8e:dd:54:4e:3e:8d:45:24:
38:98:5b:55:a1:70:39:ff:1c:64:da:c9:8b:dd:e9:
16:b0:4d:75:69:7a:e4:08:74:88:0c:11:6b:43:5a:
d4:a0:ed:32:63:e0:1c:85:a9:2e:ca:cf:26:93:a1:
ee:f2:3e:3e:59:87:1b:ee:50:4d:f1:3a:75:8c:f3:
d3:6a:3a:8b:04:23:45:af:74:bc:88:31:c4:f3:21:
b4:6b:35:52:9c:08:89:aa:8e:3a:06:ef:b6:42:8b:
53:cb:ba:3a:eb:ce:6d:e1:e4:7a:d1:45:f3:f6:d5:
72:b5:0b:03:02:67:ce:1a:2b:59:7a:e7:5e:59:40:
39:2c:66:0c:4b:40:78:2a:ba:96:f7:b3:31:5c:40:
b6:73:7f:69:16:0e:ec:3b:dc:8e:26:96:c0:1c:5f:
c0:09:3b:db:8b:d3:e9:7f:57:f4:98:b6:4b:aa:8f:
e2:1e:99:d7:b5:a1:16:02:70:ab:f3:a6:a6:e9:f4:
3a:85:f1:1c:1c:73:5f:f5:ab:6e:49:7b:3d:55:7f:
87:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F5:CC:38:D8:75:9B:DE:67:10:22:05:94:CF:40:F7:1C:24:7E:1C
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/NPXMONh1m95nECIFlM9A9xwkfhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ac00::/44
Signature Algorithm: sha256WithRSAEncryption
33:58:87:bd:d8:c0:62:8c:c4:29:2b:a3:be:a2:99:23:63:4e:
ec:61:6f:7b:bc:c7:7f:05:f5:f1:21:ab:92:30:e4:bb:71:6e:
27:71:4a:aa:d3:f0:27:af:2b:5f:94:df:c9:bd:1a:34:f6:49:
48:5e:74:1b:3d:90:f5:f5:f1:7a:eb:04:69:bc:b1:ff:6e:36:
03:db:b2:3b:32:79:c1:a4:2c:1e:38:5e:8d:3c:ea:58:0f:bd:
2a:38:6d:9d:59:a0:d5:9b:7a:3e:85:b9:ee:da:c0:20:a0:d5:
98:04:f0:7e:6e:58:6d:1a:cc:63:f9:8e:d9:6b:89:67:ca:33:
73:ca:af:ed:6a:5b:47:10:e2:02:1a:9a:ac:1f:2c:83:09:9f:
2f:b5:a5:d2:f6:c1:15:6c:cf:b4:9a:b9:e2:d3:36:8b:13:eb:
26:89:45:35:9b:c4:6f:62:de:94:b5:5a:d0:d5:11:df:0d:62:
fc:cc:10:e2:8d:86:8b:e6:10:71:a4:28:00:0c:89:eb:92:5e:
fc:17:da:d6:8a:1b:be:a4:b5:78:a1:fa:95:41:db:c5:77:48:
77:7f:0b:a0:e7:0e:5c:ee:b6:f2:0a:7f:18:3a:64:3f:d7:7a:
8c:d9:bd:95:53:e7:83:ba:56:83:85:70:ed:fc:5e:26:7a:19:
fb:fd:0f:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyun0hAm2BhQ0XrvizixF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGY1Y2MzOGQ4NzU5YmRlNjcxMDIyMDU5NGNmNDBmNzFjMjQ3ZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9ws8P/5meJFM6nPBOZ1e4+GstGn
YECVzEEGf9D5ZkqquDZbnT3VvhTUD8JYRdGdJUjJjt1UTj6NRSQ4mFtVoXA5/xxk
2smL3ekWsE11aXrkCHSIDBFrQ1rUoO0yY+Achakuys8mk6Hu8j4+WYcb7lBN8Tp1
jPPTajqLBCNFr3S8iDHE8yG0azVSnAiJqo46Bu+2QotTy7o6685t4eR60UXz9tVy
tQsDAmfOGitZeudeWUA5LGYMS0B4KrqW97MxXEC2c39pFg7sO9yOJpbAHF/ACTvb
i9Ppf1f0mLZLqo/iHpnXtaEWAnCr86am6fQ6hfEcHHNf9atuSXs9VX+HGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDT1zDjYdZveZxAiBZTPQPccJH4cMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvTlBYTU9OaDFtOTVuRUNJRmxNOUE5eHdrZmh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB6wA
MA0GCSqGSIb3DQEBCwUAA4IBAQAzWIe92MBijMQpK6O+opkjY07sYW97vMd/BfXx
IauSMOS7cW4ncUqq0/AnrytflN/JvRo09klIXnQbPZD19fF66wRpvLH/bjYD27I7
MnnBpCweOF6NPOpYD70qOG2dWaDVm3o+hbnu2sAgoNWYBPB+blhtGsxj+Y7Za4ln
yjNzyq/taltHEOICGpqsHyyDCZ8vtaXS9sEVbM+0mrni0zaLE+smiUU1m8RvYt6U
tVrQ1RHfDWL8zBDijYaL5hBxpCgADInrkl78F9rWihu+pLV4ofqVQdvFd0h3fwug
5w5c7rbyCn8YOmQ/13qM2b2VU+eDulaDhXDt/F4mehn7/Q9w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org