Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/NXotEHTAng3iaaYfXdvijQG23-k.roa
File: NXotEHTAng3iaaYfXdvijQG23-k.roa (raw, json)
Hash identifier: HZ6QIKGXawldbzuK/6JhxsnwiavF5OVoQ0SXv5faNE4=
Subject key identifier: 35:7A:2D:10:74:C0:9E:0D:E2:69:A6:1F:5D:DB:E2:8D:01:B6:DF:E9
Certificate issuer: /CN=7976d7d0bbcc08516523d5df24e6882b72ca5693
Certificate serial: 018CAFC16CA1CEA280D15D51FF7036B9BBE8
Authority key identifier: 79:76:D7:D0:BB:CC:08:51:65:23:D5:DF:24:E6:88:2B:72:CA:56:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXbX0LvMCFFlI9XfJOaIK3LKVpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/NXotEHTAng3iaaYfXdvijQG23-k.roa
Signing time: Thu 28 Dec 2023 09:28:58 +0000
ROA not before: Thu 28 Dec 2023 09:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 103.39.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:c1:6c:a1:ce:a2:80:d1:5d:51:ff:70:36:b9:bb:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7976d7d0bbcc08516523d5df24e6882b72ca5693
Validity
Not Before: Dec 28 09:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=357a2d1074c09e0de269a61f5ddbe28d01b6dfe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3e:6f:6c:fc:bb:de:91:66:9f:bd:99:9f:21:
b2:59:9f:e0:74:29:b0:8d:d5:3c:d6:57:52:a1:b0:
69:11:66:84:f4:b1:d2:dc:fb:15:85:92:98:b0:38:
a3:b3:93:45:18:94:af:f1:a1:7b:ff:95:94:a9:bc:
d1:d9:53:3b:1c:6e:8d:e9:e7:70:fd:70:09:a0:9f:
b0:32:b9:e8:6a:6d:77:54:74:a6:76:12:54:4d:f3:
8a:4e:cf:91:e4:be:60:2b:08:78:d5:8c:da:ae:2d:
78:46:01:c8:b7:f6:26:b6:7c:ec:a5:81:64:c4:3c:
56:1a:16:7b:60:eb:f2:15:cd:25:ed:82:ee:a9:97:
ff:f0:2d:66:cb:ae:87:cf:85:27:3d:3f:2f:6d:bc:
48:16:94:e3:0b:4c:bc:d8:40:d7:22:fc:2c:7c:dc:
87:0b:f3:df:bd:89:45:88:81:49:b9:77:a4:c3:54:
a9:a8:1c:bf:4c:0a:f3:07:f1:52:4e:b6:89:f1:74:
d3:71:0b:73:bd:49:9d:6a:d7:2d:12:23:07:aa:01:
57:08:14:9b:e0:ed:b0:c7:d4:e7:15:0a:f6:86:f8:
6a:ef:d3:4e:1b:05:d1:a9:aa:b8:aa:a6:27:05:60:
11:95:36:22:4f:ea:8a:d7:c9:37:c5:fd:ce:98:88:
2e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7A:2D:10:74:C0:9E:0D:E2:69:A6:1F:5D:DB:E2:8D:01:B6:DF:E9
X509v3 Authority Key Identifier:
keyid:79:76:D7:D0:BB:CC:08:51:65:23:D5:DF:24:E6:88:2B:72:CA:56:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXbX0LvMCFFlI9XfJOaIK3LKVpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/NXotEHTAng3iaaYfXdvijQG23-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/eXbX0LvMCFFlI9XfJOaIK3LKVpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.39.40.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:b1:5c:23:12:26:4d:b1:55:ab:ac:bd:8a:76:11:41:77:77:
4a:e7:e7:a7:b3:56:a5:d0:bc:75:50:d2:18:a7:6b:17:db:e4:
6c:cd:09:32:51:fa:5d:56:c5:e5:54:3a:9f:41:78:e7:c0:c5:
29:cd:f2:fc:c0:4d:8d:1f:02:65:0c:23:07:a3:e3:d4:80:cd:
16:a9:c3:9d:58:61:52:54:a7:a4:45:fa:1c:98:f7:0a:46:2b:
60:8b:48:0c:fd:fb:ed:92:1b:a2:32:48:1e:cf:18:61:24:3e:
63:b0:4b:c5:ef:d4:b8:f0:87:73:3c:87:bf:55:dd:7a:0b:5f:
18:b0:6a:1c:fe:6c:99:0b:fd:81:3c:04:52:ad:3e:5f:33:ba:
a8:e3:ce:78:29:91:f5:4a:13:fd:fd:14:77:54:14:ae:8b:95:
a6:f7:28:69:b7:06:c0:4f:4d:d7:57:22:e6:18:c5:a7:2c:1f:
31:e3:7e:6d:87:69:d6:de:4e:95:fc:77:de:f3:44:b2:ca:af:
2a:61:ef:fe:e1:9b:11:fe:3f:52:bf:5e:4a:92:6b:2f:9f:84:
9e:76:f4:14:d6:f8:92:3f:fe:40:d4:5e:c9:99:6e:15:2d:3d:
f6:d3:de:14:c1:8c:88:3b:84:88:e3:15:46:03:b7:cf:fd:84:
22:36:65:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyvwWyhzqKA0V1R/3A2ubvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NzZkN2QwYmJjYzA4NTE2NTIzZDVkZjI0ZTY4ODJiNzJj
YTU2OTMwHhcNMjMxMjI4MDkyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdhMmQxMDc0YzA5ZTBkZTI2OWE2MWY1ZGRiZTI4ZDAxYjZkZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD5vbPy73pFmn72ZnyGyWZ/gdCmw
jdU81ldSobBpEWaE9LHS3PsVhZKYsDijs5NFGJSv8aF7/5WUqbzR2VM7HG6N6edw
/XAJoJ+wMrnoam13VHSmdhJUTfOKTs+R5L5gKwh41Yzari14RgHIt/YmtnzspYFk
xDxWGhZ7YOvyFc0l7YLuqZf/8C1my66Hz4UnPT8vbbxIFpTjC0y82EDXIvwsfNyH
C/PfvYlFiIFJuXekw1SpqBy/TArzB/FSTraJ8XTTcQtzvUmdatctEiMHqgFXCBSb
4O2wx9TnFQr2hvhq79NOGwXRqaq4qqYnBWARlTYiT+qK18k3xf3OmIguLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDV6LRB0wJ4N4mmmH13b4o0Btt/pMB8GA1UdIwQY
MBaAFHl219C7zAhRZSPV3yTmiCtyylaTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhiWDBMdk1DRkZsSTlYZkpPYUlLM0xLVnBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kZDY5NDMtNmZjZS00MzA5LTg3MTMt
ODU0MTgyY2IwNmE2LzEvTlhvdEVIVEFuZzNpYWFZZlhkdmlqUUcyMy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kZDY5NDMtNmZjZS00MzA5LTg3MTMtODU0MTgyY2IwNmE2
LzEvZVhiWDBMdk1DRkZsSTlYZkpPYUlLM0xLVnBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZycoMA0G
CSqGSIb3DQEBCwUAA4IBAQBNsVwjEiZNsVWrrL2KdhFBd3dK5+ens1al0Lx1UNIY
p2sX2+RszQkyUfpdVsXlVDqfQXjnwMUpzfL8wE2NHwJlDCMHo+PUgM0WqcOdWGFS
VKekRfocmPcKRitgi0gM/fvtkhuiMkgezxhhJD5jsEvF79S48IdzPIe/Vd16C18Y
sGoc/myZC/2BPARSrT5fM7qo4854KZH1ShP9/RR3VBSui5Wm9yhptwbAT03XVyLm
GMWnLB8x435th2nW3k6V/Hfe80Syyq8qYe/+4ZsR/j9Sv15Kkmsvn4SedvQU1viS
P/5A1F7JmW4VLT32094UwYyIO4SI4xVGA7fP/YQiNmU+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:58 2024 by rpki-client on console-fra.rpki-client.org