Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/1-EfD7XniDx25EybtQOsFcyZW0oQ.roa
File: 1-EfD7XniDx25EybtQOsFcyZW0oQ.roa (raw, json)
Hash identifier: v8ggMl6fiqZQlXWUwd8UmTcGGGOd0EAt5IqQPfN+3V0=
Subject key identifier: F8:47:C3:ED:79:E2:0F:1D:B9:13:26:ED:40:EB:05:73:26:56:D2:84
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 01924EB970F9CF9521DB61D06EE874928308
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/1-EfD7XniDx25EybtQOsFcyZW0oQ.roa
Signing time: Wed 02 Oct 2024 19:33:48 +0000
ROA not before: Wed 02 Oct 2024 19:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 86.110.42.0/24 maxlen: 24
86.110.48.0/24 maxlen: 24
86.110.49.0/24 maxlen: 24
86.110.50.0/24 maxlen: 24
86.110.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 12:25:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4e:b9:70:f9:cf:95:21:db:61:d0:6e:e8:74:92:83:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Oct 2 19:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f847c3ed79e20f1db91326ed40eb05732656d284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2d:52:80:7a:5b:95:62:05:b5:77:b2:04:27:
a3:8a:e4:6e:f8:2d:d2:70:0a:76:f2:40:b6:08:e9:
cd:77:84:b4:aa:cd:33:f5:22:ab:a8:0b:71:66:31:
5e:59:43:56:7f:5f:0f:4f:73:37:ae:4a:3b:ac:7a:
8c:49:48:d5:7e:1e:d4:19:69:9c:3c:99:e7:69:ad:
18:64:7b:b8:2f:31:19:9c:d2:e0:b9:aa:9e:5b:22:
59:10:6c:07:e6:f5:93:d0:21:46:49:8d:e0:62:d3:
29:78:bc:b9:e4:32:f0:fa:a6:fb:28:5e:d2:df:9e:
fe:3f:ac:bb:37:fa:22:be:18:3f:4f:72:d5:ae:2c:
39:05:ab:1c:95:a4:97:cc:d4:c6:1c:5d:37:3e:7b:
fd:23:f5:6f:ce:03:15:8c:e0:15:a0:a3:68:9d:29:
3d:71:52:e5:a9:d5:37:30:29:98:06:90:62:c8:4e:
c5:9f:47:52:d1:7a:4a:21:aa:99:3e:5f:97:19:53:
22:3e:95:40:68:96:f5:ef:a9:92:51:b9:d6:92:44:
fb:97:4c:e9:4a:61:01:ae:22:3d:1e:ea:7b:92:81:
aa:d5:29:28:5b:6d:10:94:ca:85:46:3e:42:42:93:
78:1f:79:c2:fb:ed:7d:a2:66:ef:53:6b:9d:59:ad:
84:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:47:C3:ED:79:E2:0F:1D:B9:13:26:ED:40:EB:05:73:26:56:D2:84
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/1-EfD7XniDx25EybtQOsFcyZW0oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.42.0/24
86.110.48.0/22
Signature Algorithm: sha256WithRSAEncryption
66:4d:4d:32:90:d3:66:fe:33:85:6c:ad:b4:f4:ae:ed:c1:d0:
d5:8a:f8:41:57:ed:eb:85:8c:fe:ef:bb:01:0e:4a:7e:80:95:
47:c1:6b:b8:38:24:cb:7c:7c:29:6f:4c:c1:f9:f3:f5:8c:e3:
e8:ff:92:75:02:26:cf:7d:69:2b:90:9f:50:c1:ca:58:21:98:
df:44:96:c7:63:37:84:ab:ff:94:f3:8d:79:8e:72:b8:9c:98:
e7:e9:02:de:b0:48:1a:10:64:de:6b:93:dc:7b:f5:8d:03:f8:
62:71:bc:fc:9e:63:65:38:f5:8e:d7:d5:a4:8d:74:98:95:6d:
c7:0b:73:15:38:1e:85:c0:12:15:6f:5f:53:d7:34:1d:2e:43:
03:7a:3b:dd:cd:89:05:65:cd:67:fa:d7:93:cc:62:fc:ac:fd:
45:8e:2a:14:a3:de:ce:0e:0e:4a:2a:fa:79:55:e2:f5:ae:9a:
e5:bc:70:81:c1:b1:d3:7d:f2:7a:2a:3d:30:3c:48:21:ee:bf:
97:ba:03:e7:76:00:35:e0:44:1d:89:0a:f5:23:81:c2:6d:0d:
ac:ad:de:f8:43:43:2b:3d:02:6c:a4:1f:cb:79:d2:e7:03:bc:
13:4b:c8:24:34:08:ed:92:9e:09:7c:6d:62:db:ea:18:f4:4f:
ce:bc:ca:b6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZJOuXD5z5Uh22HQbuh0koMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjQxMDAyMTkzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODQ3YzNlZDc5ZTIwZjFkYjkxMzI2ZWQ0MGViMDU3MzI2NTZkMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri1SgHpblWIFtXeyBCejiuRu+C3S
cAp28kC2COnNd4S0qs0z9SKrqAtxZjFeWUNWf18PT3M3rko7rHqMSUjVfh7UGWmc
PJnnaa0YZHu4LzEZnNLguaqeWyJZEGwH5vWT0CFGSY3gYtMpeLy55DLw+qb7KF7S
357+P6y7N/oivhg/T3LVriw5BasclaSXzNTGHF03Pnv9I/VvzgMVjOAVoKNonSk9
cVLlqdU3MCmYBpBiyE7Fn0dS0XpKIaqZPl+XGVMiPpVAaJb176mSUbnWkkT7l0zp
SmEBriI9Hup7koGq1SkoW20QlMqFRj5CQpN4H3nC++19ombvU2udWa2EdQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPhHw+154g8duRMm7UDrBXMmVtKEMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvMS1FZkQ3WG5pRHgyNUV5YnRRT3NGY3laVzBvUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvZTFhZDdhLTEyZTctNGZkMC1iNjFlLWQxYTc3NzJkYjA3
Ni8xL0Z3WjVkLV9SUzhpZnNOcTZBN3NQWUEtN0FZUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFZuKgME
AlZuMDANBgkqhkiG9w0BAQsFAAOCAQEAZk1NMpDTZv4zhWyttPSu7cHQ1Yr4QVft
64WM/u+7AQ5KfoCVR8FruDgky3x8KW9Mwfnz9Yzj6P+SdQImz31pK5CfUMHKWCGY
30SWx2M3hKv/lPONeY5yuJyY5+kC3rBIGhBk3muT3Hv1jQP4YnG8/J5jZTj1jtfV
pI10mJVtxwtzFTgehcASFW9fU9c0HS5DA3o73c2JBWXNZ/rXk8xi/Kz9RY4qFKPe
zg4OSir6eVXi9a6a5bxwgcGx033yeio9MDxIIe6/l7oD53YANeBEHYkK9SOBwm0N
rK3e+ENDKz0CbKQfy3nS5wO8E0vIJDQI7ZKeCXxtYtvqGPRPzrzKtg==
-----END CERTIFICATE-----
Generated at Fri Oct 11 17:24:45 2024 by rpki-client on console-fra.rpki-client.org