Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/TmfoZX192ANKPZwEv3cAAgJvdzk.roa
File: TmfoZX192ANKPZwEv3cAAgJvdzk.roa (raw, json)
Hash identifier: ZeC1SH0Q7fTyX4yB/d9UUw0qmku9D7JGjiXRYte0190=
Subject key identifier: 4E:67:E8:65:7D:7D:D8:03:4A:3D:9C:04:BF:77:00:02:02:6F:77:39
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 01929EE8241919833C060961041948200B36
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/TmfoZX192ANKPZwEv3cAAgJvdzk.roa
Signing time: Fri 18 Oct 2024 09:14:26 +0000
ROA not before: Fri 18 Oct 2024 09:14:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202635
IP address blocks: 86.110.32.0/24 maxlen: 24
86.110.35.0/24 maxlen: 24
86.110.38.0/24 maxlen: 24
86.110.39.0/24 maxlen: 24
86.110.40.0/24 maxlen: 24
86.110.43.0/24 maxlen: 24
86.110.45.0/24 maxlen: 24
185.158.176.0/22 maxlen: 24
185.193.60.0/22 maxlen: 24
185.244.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 14:14:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9e:e8:24:19:19:83:3c:06:09:61:04:19:48:20:0b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Oct 18 09:14:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e67e8657d7dd8034a3d9c04bf770002026f7739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c3:87:b7:26:fc:70:36:46:5f:d5:82:66:66:
b1:e2:30:f7:5b:08:5d:99:65:2b:f2:3c:8f:75:91:
10:43:fd:93:b3:4b:8c:b7:21:ea:58:10:00:e4:b7:
29:01:95:6f:a1:e9:80:1e:df:f7:2e:78:6e:44:7f:
84:2d:cf:c8:51:18:f2:be:4e:33:1e:b6:b7:f9:4b:
66:e4:45:d2:34:d7:2d:91:de:23:d9:5c:1f:0e:d9:
25:c9:5a:78:b9:4d:1f:6c:14:9f:82:52:d5:de:26:
5e:94:f6:a1:e4:ac:aa:fd:cf:ef:da:d8:98:45:5d:
a2:04:1c:d0:8e:58:14:c6:40:15:3e:7e:42:6b:51:
51:d2:44:8b:f3:c1:ca:a0:b4:9d:b1:0b:d6:3b:36:
f8:f7:f8:9c:7a:80:6e:51:63:18:37:d7:6c:4d:eb:
7c:df:0f:3d:13:a5:50:d5:1d:ab:96:b9:b9:61:ab:
ce:a8:35:8c:2f:2a:d5:e6:cb:6b:f2:63:e2:f4:b2:
21:dd:56:ad:1c:b9:d8:eb:36:67:69:f0:07:ad:8a:
82:c7:5d:3f:a1:9c:07:4b:34:c6:33:44:6c:37:6f:
ba:f9:2c:86:ed:03:21:02:3e:58:77:9d:dd:2e:41:
09:d4:20:a1:f5:21:56:62:b9:7f:47:62:eb:2c:00:
87:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:67:E8:65:7D:7D:D8:03:4A:3D:9C:04:BF:77:00:02:02:6F:77:39
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/TmfoZX192ANKPZwEv3cAAgJvdzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.32.0/24
86.110.35.0/24
86.110.38.0-86.110.40.255
86.110.43.0/24
86.110.45.0/24
185.158.176.0/22
185.193.60.0/22
185.244.100.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:69:83:a3:5b:68:4c:da:f1:c8:5c:ca:2e:e0:a2:0c:9c:4f:
5e:86:49:fb:77:4e:d7:c3:64:25:ef:19:e4:a0:d9:a8:e7:76:
1e:ce:0f:f4:c1:64:3c:da:11:8d:5b:88:e0:6a:07:b5:07:56:
36:47:4a:24:c1:54:fa:f1:c2:38:bf:8d:51:11:02:ca:63:a3:
67:90:d2:8d:a3:b8:8a:12:df:a3:56:e1:a6:c1:96:35:ea:0a:
af:5a:cf:c9:1e:88:a4:05:17:e3:ae:0f:cb:8a:20:e9:a3:88:
c2:cd:01:04:9d:9e:91:9b:9f:b9:2a:30:38:ca:92:c9:1a:48:
3f:59:88:21:33:65:e0:93:fb:9e:2e:cb:fc:04:a5:b4:77:40:
8b:a4:1d:aa:04:b0:87:86:b0:3e:fa:80:de:ec:6e:8a:e7:b9:
72:eb:8d:53:b1:85:b9:be:8c:6a:f0:51:dc:51:28:1d:af:7f:
16:a8:2a:f2:9c:1c:46:16:60:6b:f1:8e:17:f4:f6:8a:80:87:
1a:e7:1a:b2:e6:97:8d:09:78:e4:9f:de:7d:c8:4d:5d:fc:8e:
c3:4c:b9:4f:23:23:25:db:5b:2b:b1:ff:29:c4:fa:93:04:b5:
f7:23:7e:25:be:2e:64:3a:af:fb:d9:d8:3b:a2:e7:58:aa:0d:
33:5c:ef:28
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZKe6CQZGYM8BglhBBlIIAs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjQxMDE4MDkxNDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTY3ZTg2NTdkN2RkODAzNGEzZDljMDRiZjc3MDAwMjAyNmY3NzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MOHtyb8cDZGX9WCZmax4jD3Wwhd
mWUr8jyPdZEQQ/2Ts0uMtyHqWBAA5LcpAZVvoemAHt/3LnhuRH+ELc/IURjyvk4z
Hra3+Utm5EXSNNctkd4j2VwfDtklyVp4uU0fbBSfglLV3iZelPah5Kyq/c/v2tiY
RV2iBBzQjlgUxkAVPn5Ca1FR0kSL88HKoLSdsQvWOzb49/iceoBuUWMYN9dsTet8
3w89E6VQ1R2rlrm5YavOqDWMLyrV5str8mPi9LIh3VatHLnY6zZnafAHrYqCx10/
oZwHSzTGM0RsN2+6+SyG7QMhAj5Yd53dLkEJ1CCh9SFWYrl/R2LrLACHPwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFE5n6GV9fdgDSj2cBL93AAICb3c5MB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvVG1mb1pYMTkyQU5LUFp3RXYzY0FBZ0p2ZHprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAVm4gAwQA
Vm4jMAwDBAFWbiYDBABWbigDBABWbisDBABWbi0DBAK5nrADBAK5wTwDBAK59GQw
DQYJKoZIhvcNAQELBQADggEBADxpg6NbaEza8chcyi7gogycT16GSft3TtfDZCXv
GeSg2ajndh7OD/TBZDzaEY1biOBqB7UHVjZHSiTBVPrxwji/jVERAspjo2eQ0o2j
uIoS36NW4abBljXqCq9az8keiKQFF+OuD8uKIOmjiMLNAQSdnpGbn7kqMDjKkska
SD9ZiCEzZeCT+54uy/wEpbR3QIukHaoEsIeGsD76gN7sbornuXLrjVOxhbm+jGrw
UdxRKB2vfxaoKvKcHEYWYGvxjhf09oqAhxrnGrLml40JeOSf3n3ITV38jsNMuU8j
IyXbWyux/ynE+pMEtfcjfiW+LmQ6r/vZ2Dui51iqDTNc7yg=
-----END CERTIFICATE-----
Generated at Wed Nov 20 17:30:19 2024 by rpki-client on console-fra.rpki-client.org