Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/w7Hyt4et40_vUFuXw-l7pK8cD-A.roa
File: w7Hyt4et40_vUFuXw-l7pK8cD-A.roa (raw, json)
Hash identifier: Nl+W+ttZnIcHvRVnONl6u380DN/zxaiuKFRggUdoHIY=
Subject key identifier: C3:B1:F2:B7:87:AD:E3:4F:EF:50:5B:97:C3:E9:7B:A4:AF:1C:0F:E0
Certificate issuer: /CN=3cde2470c8563949487a3e78743c544c99ec8a64
Certificate serial: 018CC72701F23476FB64FBF7DB949BEA1945
Authority key identifier: 3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/w7Hyt4et40_vUFuXw-l7pK8cD-A.roa
Signing time: Mon 01 Jan 2024 22:31:11 +0000
ROA not before: Mon 01 Jan 2024 22:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30857
IP address blocks: 86.111.192.0/24 maxlen: 24
86.111.192.0/22 maxlen: 22
86.111.196.0/24 maxlen: 24
86.111.193.0/24 maxlen: 24
86.111.197.0/24 maxlen: 24
86.111.194.0/24 maxlen: 24
86.111.195.0/24 maxlen: 24
2001:67c:130::/48 maxlen: 48
2001:67c:18c8::/47 maxlen: 47
Validation: Failed, certificate revoked on Mon 11 Mar 2024 09:58:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:01:f2:34:76:fb:64:fb:f7:db:94:9b:ea:19:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cde2470c8563949487a3e78743c544c99ec8a64
Validity
Not Before: Jan 1 22:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3b1f2b787ade34fef505b97c3e97ba4af1c0fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fa:0f:c6:2e:b7:e6:dc:b1:c4:6c:b1:2e:46:
ac:d1:64:b7:44:39:de:9f:4f:78:95:30:c1:03:cf:
6e:0f:eb:78:c8:9b:1e:f8:5d:c6:1b:c2:8f:ce:ca:
77:c9:b7:54:a2:ec:56:85:34:9f:30:92:85:0b:66:
67:21:94:e4:71:e6:d2:70:3a:b5:76:8b:e4:8b:d4:
9b:cc:13:f3:70:45:92:d4:9a:24:89:87:d1:9f:14:
47:ef:58:d2:84:8b:e4:93:5a:40:dd:d7:0e:5a:17:
66:e6:72:d8:5a:e2:ed:cb:83:c9:3c:f7:b5:2e:96:
da:b6:c6:5a:cc:56:a3:d2:aa:e3:de:f6:8b:43:2f:
d4:62:bc:13:e8:a9:1f:b5:5c:ff:8f:9c:b8:d4:2c:
c3:76:30:a8:2b:42:a0:56:8a:9e:27:61:ea:a3:da:
3d:4d:f6:5c:9b:04:04:99:53:5c:1b:24:b5:74:04:
8c:08:84:13:54:84:33:2f:62:c4:79:3b:50:4b:1c:
03:90:bd:42:99:98:b2:b6:b9:21:c3:f7:98:a0:8b:
22:2b:4b:65:89:85:0b:9f:a3:56:4f:7a:a9:9a:34:
ab:43:aa:17:eb:d1:17:9b:01:19:7b:cb:bc:5f:26:
fb:de:b1:8c:1b:a7:64:89:c7:1a:d2:f2:9e:3f:e7:
3e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:B1:F2:B7:87:AD:E3:4F:EF:50:5B:97:C3:E9:7B:A4:AF:1C:0F:E0
X509v3 Authority Key Identifier:
keyid:3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/w7Hyt4et40_vUFuXw-l7pK8cD-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.192.0-86.111.197.255
IPv6:
2001:67c:130::/48
2001:67c:18c8::/47
Signature Algorithm: sha256WithRSAEncryption
85:67:31:01:2b:05:ca:96:eb:0a:87:f6:f2:e0:39:12:a5:48:
7c:e8:db:92:a3:52:67:f1:ed:f0:bd:63:dd:a5:6c:54:f9:a6:
a1:7c:2d:af:8b:ae:89:9a:97:fa:54:06:30:02:42:74:a4:0c:
b5:c7:4d:e0:1a:68:8e:f3:1b:c7:af:20:49:07:01:be:0e:73:
9b:ce:be:2e:1e:6e:77:07:b6:7b:91:b1:88:a3:24:08:4e:3b:
6e:8e:91:2a:be:a8:71:09:bb:ab:db:de:d6:19:5a:ec:7a:d9:
9d:65:3e:b7:67:80:4f:4f:f6:2d:2e:34:ca:a3:aa:28:2a:ea:
ad:49:51:9a:58:74:35:41:58:b6:c7:cb:7a:77:5e:51:3a:c3:
50:54:09:c6:6e:78:7a:d3:8c:4b:7f:70:9e:fb:66:a9:5d:10:
3b:66:2e:21:bd:05:56:9c:e3:b9:65:b3:57:34:cb:d5:d7:26:
2b:0d:40:5c:4b:24:87:0f:e9:31:83:7c:b2:4e:f5:b2:d1:7e:
a1:96:e5:43:29:d3:42:06:c2:cd:d8:97:04:0b:f0:5d:24:76:
2f:d7:8c:06:a1:73:45:7b:0e:2d:7f:ba:83:d9:ee:89:ae:b4:
66:a5:d0:be:63:a6:1c:11:8c:11:23:7f:d1:48:d0:96:74:e2:
9f:92:02:2e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzHJwHyNHb7ZPv325Sb6hlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGUyNDcwYzg1NjM5NDk0ODdhM2U3ODc0M2M1NDRjOTll
YzhhNjQwHhcNMjQwMTAxMjIzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2IxZjJiNzg3YWRlMzRmZWY1MDViOTdjM2U5N2JhNGFmMWMwZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/oPxi635tyxxGyxLkas0WS3RDne
n094lTDBA89uD+t4yJse+F3GG8KPzsp3ybdUouxWhTSfMJKFC2ZnIZTkcebScDq1
dovki9SbzBPzcEWS1JokiYfRnxRH71jShIvkk1pA3dcOWhdm5nLYWuLty4PJPPe1
LpbatsZazFaj0qrj3vaLQy/UYrwT6KkftVz/j5y41CzDdjCoK0KgVoqeJ2Hqo9o9
TfZcmwQEmVNcGyS1dASMCIQTVIQzL2LEeTtQSxwDkL1CmZiytrkhw/eYoIsiK0tl
iYULn6NWT3qpmjSrQ6oX69EXmwEZe8u8Xyb73rGMG6dkicca0vKeP+c+KwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMOx8reHreNP71Bbl8Ppe6SvHA/gMB8GA1UdIwQY
MBaAFDzeJHDIVjlJSHo+eHQ8VEyZ7IpkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUt
NDQxNzFiMmY1OTllLzEvdzdIeXQ0ZXQ0MF92VUZ1WHctbDdwSzhjRC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUtNDQxNzFiMmY1OTll
LzEvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAUBAIAATAOMAwDBAZWb8AD
BAFWb8QwGAQCAAIwEgMHACABBnwBMAMHASABBnwYyDANBgkqhkiG9w0BAQsFAAOC
AQEAhWcxASsFypbrCof28uA5EqVIfOjbkqNSZ/Ht8L1j3aVsVPmmoXwtr4uuiZqX
+lQGMAJCdKQMtcdN4BpojvMbx68gSQcBvg5zm86+Lh5udwe2e5GxiKMkCE47bo6R
Kr6ocQm7q9ve1hla7HrZnWU+t2eAT0/2LS40yqOqKCrqrUlRmlh0NUFYtsfLende
UTrDUFQJxm54etOMS39wnvtmqV0QO2YuIb0FVpzjuWWzVzTL1dcmKw1AXEskhw/p
MYN8sk71stF+oZblQynTQgbCzdiXBAvwXSR2L9eMBqFzRXsOLX+6g9nuia60ZqXQ
vmOmHBGMESN/0UjQlnTin5ICLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:30 2024 by rpki-client on console-ams.rpki-client.org