Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/7Czvxl3xGp-0UdOQCd28mYp-kCw.roa
File: 7Czvxl3xGp-0UdOQCd28mYp-kCw.roa (raw, json)
Hash identifier: SnBxNwXaxpFEMleYTSqHuvc1jAkcGU/1TT/z04WWw4U=
Subject key identifier: EC:2C:EF:C6:5D:F1:1A:9F:B4:51:D3:90:09:DD:BC:99:8A:7E:90:2C
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0194F917EEF8A9E064B0C21C3162854D2CA3
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/7Czvxl3xGp-0UdOQCd28mYp-kCw.roa
Signing time: Wed 12 Feb 2025 07:38:02 +0000
ROA not before: Wed 12 Feb 2025 07:38:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 86.110.33.0/24 maxlen: 24
86.110.36.0/24 maxlen: 24
86.110.44.0/24 maxlen: 24
86.110.46.0/24 maxlen: 24
86.110.54.0/24 maxlen: 24
86.110.58.0/24 maxlen: 24
86.110.59.0/24 maxlen: 24
86.110.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 10:54:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:17:ee:f8:a9:e0:64:b0:c2:1c:31:62:85:4d:2c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Feb 12 07:38:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec2cefc65df11a9fb451d39009ddbc998a7e902c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e8:8b:85:ff:d2:8a:1a:c7:91:1b:d0:ab:eb:
83:9a:b7:97:e4:d9:8c:2b:47:fa:19:75:c9:32:3e:
84:f0:15:f2:44:3c:82:c7:75:0c:b7:95:ba:27:5c:
1d:7f:bd:f8:79:83:a2:8c:b5:a1:20:1c:8b:25:e7:
03:c3:b7:1c:f2:b7:bb:b3:7a:ea:8f:3b:3a:7a:e4:
03:d2:ec:3b:5c:b8:51:88:10:db:19:a3:4a:b6:13:
da:bc:03:5b:e1:3c:94:5e:08:57:a9:47:55:24:72:
68:16:63:cd:25:65:da:fe:c9:97:d3:f2:61:41:da:
78:ca:1a:8a:40:04:76:a5:10:b5:0f:02:2f:71:87:
af:26:1a:02:03:e7:ae:81:b1:15:41:8e:38:56:ea:
62:21:10:c8:27:aa:fd:78:e5:e0:5d:5c:5a:3f:a1:
22:09:68:21:d9:63:7f:1a:50:92:48:95:24:89:8d:
70:fe:c5:99:9f:33:77:3a:6a:0d:22:9b:7f:27:b4:
d9:27:8b:b4:32:f3:62:25:5c:46:19:6b:24:09:fe:
70:3f:b9:2c:8d:3e:96:4f:d4:a5:8d:1b:39:cb:a5:
9e:6e:42:4d:bc:1b:c3:2c:7c:32:04:7b:7c:22:22:
d7:a9:c2:b1:4a:35:d3:fe:17:b2:b2:b1:fb:32:64:
2e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:2C:EF:C6:5D:F1:1A:9F:B4:51:D3:90:09:DD:BC:99:8A:7E:90:2C
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/7Czvxl3xGp-0UdOQCd28mYp-kCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.33.0/24
86.110.36.0/24
86.110.44.0/24
86.110.46.0/24
86.110.54.0/24
86.110.58.0/23
86.110.63.0/24
Signature Algorithm: sha256WithRSAEncryption
66:17:2a:31:4f:6d:1f:d8:c6:18:b0:8a:a0:74:f1:46:64:81:
54:dd:7c:cf:9b:8f:79:61:72:f4:cf:a4:2c:3d:6e:c6:d7:b9:
00:36:b1:d5:1b:38:35:8a:aa:7e:d4:5f:18:77:ae:98:c2:84:
d6:d8:f9:71:6d:5d:6c:d4:d9:22:56:83:58:9a:ac:d2:9b:bb:
3f:d9:17:61:ac:8a:3b:8f:b5:07:f3:fb:e5:ac:b1:93:c7:7f:
14:45:38:01:33:33:6f:32:65:c7:b6:2c:8c:4d:6b:2b:67:6b:
62:48:eb:2d:e0:1a:cd:5a:6f:4b:21:c1:c6:d8:76:93:b4:81:
3c:b6:21:70:e0:c0:12:cb:48:d9:4f:c1:23:f4:30:26:ba:3b:
c2:4a:c2:cf:e2:bd:71:af:b2:f3:1d:a2:4d:89:95:47:cd:4d:
9c:d4:ba:39:dd:c0:9e:97:58:28:3d:ca:a2:36:cf:f4:4e:14:
28:1b:33:71:fa:19:2a:0a:89:b4:1b:3e:c1:f8:a8:6f:a2:a0:
f3:ee:0c:6e:29:fb:a3:ef:35:a2:a4:43:ae:f0:de:c9:bd:98:
4d:e8:0c:3c:9b:2e:ce:22:33:0f:fd:d8:f9:fa:12:84:46:d7:
64:19:7e:05:ad:2c:64:56:c4:53:2d:fb:eb:e2:78:9e:d5:37:
b2:14:65:5d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZT5F+74qeBksMIcMWKFTSyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwMjEyMDczODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzJjZWZjNjVkZjExYTlmYjQ1MWQzOTAwOWRkYmM5OThhN2U5MDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uiLhf/SihrHkRvQq+uDmreX5NmM
K0f6GXXJMj6E8BXyRDyCx3UMt5W6J1wdf734eYOijLWhIByLJecDw7cc8re7s3rq
jzs6euQD0uw7XLhRiBDbGaNKthPavANb4TyUXghXqUdVJHJoFmPNJWXa/smX0/Jh
Qdp4yhqKQAR2pRC1DwIvcYevJhoCA+eugbEVQY44VupiIRDIJ6r9eOXgXVxaP6Ei
CWgh2WN/GlCSSJUkiY1w/sWZnzN3OmoNIpt/J7TZJ4u0MvNiJVxGGWskCf5wP7ks
jT6WT9SljRs5y6WebkJNvBvDLHwyBHt8IiLXqcKxSjXT/heysrH7MmQuuQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOws78Zd8RqftFHTkAndvJmKfpAsMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvN0N6dnhsM3hHcC0wVWRPUUNkMjhtWXAta0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVm4hAwQA
Vm4kAwQAVm4sAwQAVm4uAwQAVm42AwQBVm46AwQAVm4/MA0GCSqGSIb3DQEBCwUA
A4IBAQBmFyoxT20f2MYYsIqgdPFGZIFU3XzPm495YXL0z6QsPW7G17kANrHVGzg1
iqp+1F8Yd66YwoTW2PlxbV1s1NkiVoNYmqzSm7s/2RdhrIo7j7UH8/vlrLGTx38U
RTgBMzNvMmXHtiyMTWsrZ2tiSOst4BrNWm9LIcHG2HaTtIE8tiFw4MASy0jZT8Ej
9DAmujvCSsLP4r1xr7LzHaJNiZVHzU2c1Lo53cCel1goPcqiNs/0ThQoGzNx+hkq
Com0Gz7B+KhvoqDz7gxuKfuj7zWipEOu8N7JvZhN6Aw8my7OIjMP/dj5+hKERtdk
GX4FrSxkVsRTLfvr4nie1TeyFGVd
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:08:59 2025 by rpki-client