Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/172c4e-6f5d-475e-9be9-c4073c13ff7c/1/NVi-iTzoRufHFthjCYTTr9_puoc.roa
File: NVi-iTzoRufHFthjCYTTr9_puoc.roa (raw, json)
Hash identifier: Duk68GSjStx+ZICCAPhKmgE4cxIe308hTRqYQqFK2X8=
Subject key identifier: 35:58:BE:89:3C:E8:46:E7:C7:16:D8:63:09:84:D3:AF:DF:E9:BA:87
Certificate issuer: /CN=4f32b9eff9f02c7cabe1995a2db509d8258d35fc
Certificate serial: 018751B7D00BBFB2B70794F327ABB762B450
Authority key identifier: 4F:32:B9:EF:F9:F0:2C:7C:AB:E1:99:5A:2D:B5:09:D8:25:8D:35:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzK57_nwLHyr4ZlaLbUJ2CWNNfw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/172c4e-6f5d-475e-9be9-c4073c13ff7c/1/NVi-iTzoRufHFthjCYTTr9_puoc.roa
Signing time: Wed 05 Apr 2023 14:00:13 +0000
ROA not before: Wed 05 Apr 2023 14:00:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 378
IP address blocks: 132.76.0.0/16 maxlen: 16
132.76.0.0/15 maxlen: 15
132.77.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:b7:d0:0b:bf:b2:b7:07:94:f3:27:ab:b7:62:b4:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f32b9eff9f02c7cabe1995a2db509d8258d35fc
Validity
Not Before: Apr 5 14:00:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3558be893ce846e7c716d8630984d3afdfe9ba87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:40:42:d9:a2:78:34:d1:61:cd:ac:73:1a:84:
4c:5f:59:88:d5:2a:6d:dc:47:5b:ca:1d:74:1a:e6:
05:38:70:4d:37:aa:72:d5:6c:61:83:c4:2c:6a:6a:
7c:1c:d9:da:c8:22:4a:2d:aa:4a:bd:99:d8:ac:63:
10:eb:b2:c4:80:e1:62:7a:40:2d:a5:18:1c:28:f8:
af:66:a9:09:05:3c:9b:f3:03:c8:44:a3:9e:5d:05:
73:05:97:65:1a:dc:bc:fd:e2:5a:47:0c:60:1d:9a:
d6:27:17:02:d1:59:e6:61:96:e4:cf:82:21:25:17:
49:d6:38:11:9f:1c:98:ed:26:23:d7:26:c8:4e:de:
dd:90:ef:b2:cf:c7:07:06:c3:96:96:0d:6d:17:48:
d3:65:b5:9f:a9:4f:d4:d0:eb:22:3e:30:b1:9f:5d:
3a:97:78:c7:f0:d9:cc:34:ef:7e:08:28:d6:d0:b1:
62:bb:8b:56:4e:28:eb:4a:6f:1e:98:41:28:20:a0:
d0:34:3e:98:d6:85:8c:57:34:4e:72:d2:6d:42:52:
ed:68:b7:33:64:b6:29:83:89:08:75:43:76:1c:aa:
cc:c2:56:03:3d:f0:34:45:c4:b7:91:8b:e5:08:c1:
52:a2:46:e3:d0:91:d2:9c:b7:4b:25:0b:69:28:00:
29:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:58:BE:89:3C:E8:46:E7:C7:16:D8:63:09:84:D3:AF:DF:E9:BA:87
X509v3 Authority Key Identifier:
keyid:4F:32:B9:EF:F9:F0:2C:7C:AB:E1:99:5A:2D:B5:09:D8:25:8D:35:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzK57_nwLHyr4ZlaLbUJ2CWNNfw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/172c4e-6f5d-475e-9be9-c4073c13ff7c/1/NVi-iTzoRufHFthjCYTTr9_puoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/172c4e-6f5d-475e-9be9-c4073c13ff7c/1/TzK57_nwLHyr4ZlaLbUJ2CWNNfw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.76.0.0/15
Signature Algorithm: sha256WithRSAEncryption
53:fd:d8:e8:c8:7b:dd:01:10:3d:e8:7b:e9:a9:c1:b0:bc:c0:
91:bb:86:d5:0e:fd:0c:d6:d1:1f:cc:70:35:9a:f7:25:4e:72:
50:ff:b5:0c:71:73:af:d1:7c:2c:20:c0:2e:44:2d:1d:b5:08:
06:07:b1:9c:29:12:66:ba:4a:83:74:a4:fb:77:20:2e:3e:11:
19:41:ea:29:b6:a8:78:49:c7:99:00:99:5e:5e:b4:1b:ed:01:
50:c5:cf:19:a4:5e:f0:cf:ee:fa:28:07:11:65:5c:b5:64:22:
75:49:cc:31:97:5c:c7:1b:f1:f5:43:99:ed:66:5c:66:f9:82:
63:9f:3f:bb:ac:57:7a:b6:ea:59:4b:c4:1f:ba:30:5d:ed:b3:
6e:68:7e:e6:fe:bf:83:9a:e1:a0:3e:c9:21:4f:26:8a:10:f5:
f4:92:ae:6d:6c:35:c6:51:16:2a:4e:a6:14:91:66:45:37:4d:
96:06:a5:b5:27:06:a5:68:de:04:b5:9f:2d:4b:ee:be:b4:bd:
05:45:0d:4a:48:75:15:0f:5a:7a:82:16:45:8b:a8:a0:40:63:
37:81:30:53:08:ee:dc:da:f8:66:ce:bc:dc:e2:d7:dd:c4:52:
9b:4f:b5:fc:ce:15:c0:a7:15:59:9b:3c:45:45:21:ae:41:6c:
20:08:73:e8
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYdRt9ALv7K3B5TzJ6u3YrRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzJiOWVmZjlmMDJjN2NhYmUxOTk1YTJkYjUwOWQ4MjU4
ZDM1ZmMwHhcNMjMwNDA1MTQwMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTU4YmU4OTNjZTg0NmU3YzcxNmQ4NjMwOTg0ZDNhZmRmZTliYTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0BC2aJ4NNFhzaxzGoRMX1mI1Spt
3Edbyh10GuYFOHBNN6py1Wxhg8Qsamp8HNnayCJKLapKvZnYrGMQ67LEgOFiekAt
pRgcKPivZqkJBTyb8wPIRKOeXQVzBZdlGty8/eJaRwxgHZrWJxcC0VnmYZbkz4Ih
JRdJ1jgRnxyY7SYj1ybITt7dkO+yz8cHBsOWlg1tF0jTZbWfqU/U0OsiPjCxn106
l3jH8NnMNO9+CCjW0LFiu4tWTijrSm8emEEoIKDQND6Y1oWMVzROctJtQlLtaLcz
ZLYpg4kIdUN2HKrMwlYDPfA0RcS3kYvlCMFSokbj0JHSnLdLJQtpKAApewIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDVYvok86EbnxxbYYwmE06/f6bqHMB8GA1UdIwQY
MBaAFE8yue/58Cx8q+GZWi21CdgljTX8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpLNTdfbndMSHlyNFpsYUxiVUoyQ1dOTmZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xNzJjNGUtNmY1ZC00NzVlLTliZTkt
YzQwNzNjMTNmZjdjLzEvTlZpLWlUem9SdWZIRnRoakNZVFRyOV9wdW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xNzJjNGUtNmY1ZC00NzVlLTliZTktYzQwNzNjMTNmZjdj
LzEvVHpLNTdfbndMSHlyNFpsYUxiVUoyQ1dOTmZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEwwDQYJ
KoZIhvcNAQELBQADggEBAFP92OjIe90BED3oe+mpwbC8wJG7htUO/QzW0R/McDWa
9yVOclD/tQxxc6/RfCwgwC5ELR21CAYHsZwpEma6SoN0pPt3IC4+ERlB6im2qHhJ
x5kAmV5etBvtAVDFzxmkXvDP7vooBxFlXLVkInVJzDGXXMcb8fVDme1mXGb5gmOf
P7usV3q26llLxB+6MF3ts25ofub+v4Oa4aA+ySFPJooQ9fSSrm1sNcZRFipOphSR
ZkU3TZYGpbUnBqVo3gS1ny1L7r60vQVFDUpIdRUPWnqCFkWLqKBAYzeBMFMI7tza
+GbOvNzi193EUptPtfzOFcCnFVmbPEVFIa5BbCAIc+g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:50 2024 by rpki-client on console-fra.rpki-client.org