Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/4Y_jL4KTLUi-T5B2zWjAi25N_R0.roa
File: 4Y_jL4KTLUi-T5B2zWjAi25N_R0.roa (raw, json)
Hash identifier: 41fTWmA6Rp2QxwLN9B/LwIgOgF3KNATx1eQ/e0l4mxk=
Subject key identifier: E1:8F:E3:2F:82:93:2D:48:BE:4F:90:76:CD:68:C0:8B:6E:4D:FD:1D
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 01942747F5F1F07FE45C719A24E1DCB0919C
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/4Y_jL4KTLUi-T5B2zWjAi25N_R0.roa
Signing time: Thu 02 Jan 2025 13:50:14 +0000
ROA not before: Thu 02 Jan 2025 13:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202656
IP address blocks: 86.110.33.0/24 maxlen: 24
86.110.40.0/24 maxlen: 24
86.110.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 07:38:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f5:f1:f0:7f:e4:5c:71:9a:24:e1:dc:b0:91:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Jan 2 13:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e18fe32f82932d48be4f9076cd68c08b6e4dfd1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:94:0d:a4:da:af:08:a0:84:e5:c2:09:30:4f:
ee:4e:eb:44:fc:f6:58:5f:cf:f8:b5:64:02:b8:b9:
ee:d3:f1:d0:6f:67:56:52:33:03:a5:18:42:4b:50:
f9:d5:5d:25:45:fd:45:3b:39:a2:d3:f4:b2:bb:39:
44:61:eb:89:18:50:9f:7e:c6:9f:14:59:b0:c6:a4:
8c:67:98:cb:74:a6:cb:95:80:d5:62:2a:e1:58:fa:
35:4c:c6:41:31:68:53:de:ef:f6:97:81:cd:b8:72:
92:20:78:7f:53:78:54:8a:06:1d:4d:80:d3:b4:3c:
df:1c:11:0a:99:58:12:2a:1a:c8:c6:b1:bb:11:1c:
db:b3:9a:0a:59:a9:3a:a2:6a:3d:1e:5e:a7:f3:c0:
87:02:24:41:da:fe:79:b0:27:53:2c:e6:f6:75:a4:
7f:69:9e:12:60:95:33:da:0b:61:df:d7:ad:b7:f7:
d7:29:48:91:62:46:c2:b4:43:be:38:85:37:56:5e:
52:f1:d5:6c:74:57:11:3b:66:2a:4e:1f:0d:b7:68:
d8:42:95:13:59:07:c0:70:16:c1:63:f6:e8:bb:7e:
7b:e0:c0:c7:a8:ed:25:c9:80:50:29:de:6d:04:ed:
0f:08:47:2d:77:f6:17:d6:0e:d9:be:a6:80:75:33:
9b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8F:E3:2F:82:93:2D:48:BE:4F:90:76:CD:68:C0:8B:6E:4D:FD:1D
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/4Y_jL4KTLUi-T5B2zWjAi25N_R0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.33.0/24
86.110.40.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:78:b7:8b:91:df:f8:8e:9e:a2:8c:2a:6b:7e:db:d0:d0:90:
1f:e1:b6:af:17:6d:4d:d0:db:36:0c:13:9f:3b:63:5c:48:31:
01:a9:a5:14:70:97:6a:04:55:6e:08:ab:60:6e:16:90:c4:20:
25:6d:5b:b6:02:3a:f5:5c:ef:b7:bf:a2:67:a9:42:ab:89:e9:
7a:67:50:a8:b2:d1:66:7d:40:a5:54:cb:c4:04:6f:96:83:0f:
2e:d4:af:26:eb:43:08:f1:1c:de:43:70:55:dd:22:63:0c:4c:
d5:fc:fa:4f:f8:9d:e2:47:b4:ec:88:c5:81:b7:44:27:fc:4d:
94:e2:b7:33:83:07:52:e2:9d:1a:58:14:61:0c:81:b4:27:40:
f5:b8:a9:36:b9:2d:42:bc:68:d6:2e:0d:2a:64:20:9f:28:7a:
68:c8:d8:e0:fc:76:62:59:f3:61:d8:ef:53:4c:58:75:6b:4d:
8e:c6:83:ef:5f:c2:8c:b1:20:9d:b6:75:97:5c:6b:18:85:86:
ea:a0:c4:e2:4b:1b:a3:4a:f2:39:60:aa:17:45:6b:c3:05:6b:
bc:aa:48:44:8c:39:a5:26:6a:0b:39:ed:fa:4a:4a:e4:b1:65:
ea:e8:c2:62:10:64:8d:9f:bb:b8:49:c9:57:f6:db:16:c3:6e:
87:38:e7:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnR/Xx8H/kXHGaJOHcsJGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwMTAyMTM1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMThmZTMyZjgyOTMyZDQ4YmU0ZjkwNzZjZDY4YzA4YjZlNGRmZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5QNpNqvCKCE5cIJME/uTutE/PZY
X8/4tWQCuLnu0/HQb2dWUjMDpRhCS1D51V0lRf1FOzmi0/SyuzlEYeuJGFCffsaf
FFmwxqSMZ5jLdKbLlYDVYirhWPo1TMZBMWhT3u/2l4HNuHKSIHh/U3hUigYdTYDT
tDzfHBEKmVgSKhrIxrG7ERzbs5oKWak6omo9Hl6n88CHAiRB2v55sCdTLOb2daR/
aZ4SYJUz2gth39ett/fXKUiRYkbCtEO+OIU3Vl5S8dVsdFcRO2YqTh8Nt2jYQpUT
WQfAcBbBY/bou3574MDHqO0lyYBQKd5tBO0PCEctd/YX1g7ZvqaAdTObsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOGP4y+Cky1Ivk+Qds1owItuTf0dMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvNFlfakw0S1RMVWktVDVCMnpXakFpMjVOX1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVm4hAwQB
Vm4oMA0GCSqGSIb3DQEBCwUAA4IBAQAteLeLkd/4jp6ijCprftvQ0JAf4bavF21N
0Ns2DBOfO2NcSDEBqaUUcJdqBFVuCKtgbhaQxCAlbVu2Ajr1XO+3v6JnqUKriel6
Z1CostFmfUClVMvEBG+Wgw8u1K8m60MI8RzeQ3BV3SJjDEzV/PpP+J3iR7TsiMWB
t0Qn/E2U4rczgwdS4p0aWBRhDIG0J0D1uKk2uS1CvGjWLg0qZCCfKHpoyNjg/HZi
WfNh2O9TTFh1a02OxoPvX8KMsSCdtnWXXGsYhYbqoMTiSxujSvI5YKoXRWvDBWu8
qkhEjDmlJmoLOe36SkrksWXq6MJiEGSNn7u4SclX9tsWw26HOOdg
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:36:36 2025 by rpki-client