Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/_fK8ISmUD7QJW7RSjiFUaZyn7B4.roa
File: _fK8ISmUD7QJW7RSjiFUaZyn7B4.roa (raw, json)
Hash identifier: aqNYtrlnvyJshSmGtKWAXZclIb0jlSILeNqA1jGVIPs=
Subject key identifier: FD:F2:BC:21:29:94:0F:B4:09:5B:B4:52:8E:21:54:69:9C:A7:EC:1E
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 01934A0D5DFF66A9688F2FCB5289B23272DE
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/_fK8ISmUD7QJW7RSjiFUaZyn7B4.roa
Signing time: Wed 20 Nov 2024 14:50:09 +0000
ROA not before: Wed 20 Nov 2024 14:50:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 86.110.33.0/24 maxlen: 24
86.110.34.0/24 maxlen: 24
86.110.40.0/24 maxlen: 24
86.110.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 20:11:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4a:0d:5d:ff:66:a9:68:8f:2f:cb:52:89:b2:32:72:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Nov 20 14:50:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdf2bc2129940fb4095bb4528e2154699ca7ec1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:23:cd:cf:7c:c9:a9:4f:b8:fb:c3:80:d5:ad:
96:2e:9d:94:59:18:7a:a5:0a:a5:b1:24:dd:8b:ac:
c5:22:2f:3d:2f:df:da:b9:6c:48:70:68:d3:57:a6:
4a:fc:26:f0:cb:7e:67:c3:f9:c5:56:7e:29:4b:26:
b2:91:e3:bf:5b:13:dd:2f:8a:9a:9b:e6:bd:8f:25:
2a:15:e4:1f:2b:98:11:64:a3:58:4f:2c:6a:40:71:
a5:83:f6:49:96:2a:c9:7b:61:90:23:33:36:18:17:
b9:32:01:0b:11:f6:33:ad:4c:fc:9b:98:89:6a:5b:
0a:2a:ad:26:45:83:ff:6e:66:1b:10:7e:27:c7:f0:
d3:92:5a:81:bc:fd:3a:4f:05:7a:19:24:aa:36:2b:
0e:83:11:98:fd:d8:80:05:2d:6a:ec:af:86:f0:70:
89:b0:e4:3c:d3:21:99:50:e9:d8:cd:80:a5:e9:96:
6d:fa:8e:55:ba:ef:5d:02:5f:19:8f:33:1a:96:16:
37:f1:da:48:d8:e0:f8:c2:ba:bd:ba:2b:02:16:49:
24:15:d7:a2:44:74:d2:08:03:b6:90:3a:09:4c:a8:
8b:be:b7:97:d2:55:af:3d:47:e0:1b:f0:50:a2:d4:
8f:82:a2:0e:f1:8c:d9:e8:b9:e2:e2:d4:83:fc:76:
06:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F2:BC:21:29:94:0F:B4:09:5B:B4:52:8E:21:54:69:9C:A7:EC:1E
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/_fK8ISmUD7QJW7RSjiFUaZyn7B4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.33.0-86.110.34.255
86.110.40.0/24
86.110.59.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:9f:f9:1c:a7:a7:10:86:be:da:d5:c0:7d:62:e9:a7:71:64:
57:75:6c:37:57:d8:89:1d:c9:07:5e:3a:da:a0:68:41:54:c6:
d9:f8:67:9a:70:d6:d4:1f:43:50:4b:44:1c:c5:a7:27:5a:fe:
40:4a:47:5f:dd:9f:c0:b5:7e:eb:09:14:26:0d:eb:75:da:a8:
6b:17:79:cc:d9:cc:cd:b5:90:f7:a7:39:8e:83:93:8c:90:d7:
b3:06:43:79:13:d3:04:2d:b4:79:6b:6a:ae:d3:9d:55:97:15:
10:14:3e:bc:c8:7a:aa:5a:a4:6e:f3:73:c5:93:f0:cc:37:09:
56:c3:d2:25:8b:d5:db:9f:7e:9f:71:ce:fa:1e:47:ca:ca:9a:
e1:5f:3b:a9:34:c1:a7:5f:de:45:bb:ce:b2:a4:a6:ac:0a:57:
4e:ca:f1:ab:9d:8b:da:ad:57:9a:6e:58:27:16:1c:72:47:f7:
92:77:9a:d8:93:b9:39:53:66:7d:a5:e0:03:34:8b:35:52:32:
f7:c9:5d:c7:e9:1b:9e:34:50:86:1f:ad:62:76:b5:ab:70:84:
80:7e:58:75:d0:1a:01:45:b8:99:f7:45:b0:9d:43:32:92:d1:
e5:59:25:c3:49:bf:a8:dd:83:15:eb:bd:86:3a:21:5e:dc:e6:
6e:5d:21:9a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZNKDV3/Zqlojy/LUomyMnLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjQxMTIwMTQ1MDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGYyYmMyMTI5OTQwZmI0MDk1YmI0NTI4ZTIxNTQ2OTljYTdlYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyPNz3zJqU+4+8OA1a2WLp2UWRh6
pQqlsSTdi6zFIi89L9/auWxIcGjTV6ZK/Cbwy35nw/nFVn4pSyaykeO/WxPdL4qa
m+a9jyUqFeQfK5gRZKNYTyxqQHGlg/ZJlirJe2GQIzM2GBe5MgELEfYzrUz8m5iJ
alsKKq0mRYP/bmYbEH4nx/DTklqBvP06TwV6GSSqNisOgxGY/diABS1q7K+G8HCJ
sOQ80yGZUOnYzYCl6ZZt+o5Vuu9dAl8ZjzMalhY38dpI2OD4wrq9uisCFkkkFdei
RHTSCAO2kDoJTKiLvreX0lWvPUfgG/BQotSPgqIO8YzZ6Lni4tSD/HYG4wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP3yvCEplA+0CVu0Uo4hVGmcp+weMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvX2ZLOElTbVVEN1FKVzdSU2ppRlVhWnluN0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABWbiED
BABWbiIDBABWbigDBABWbjswDQYJKoZIhvcNAQELBQADggEBALGf+RynpxCGvtrV
wH1i6adxZFd1bDdX2IkdyQdeOtqgaEFUxtn4Z5pw1tQfQ1BLRBzFpyda/kBKR1/d
n8C1fusJFCYN63XaqGsXeczZzM21kPenOY6Dk4yQ17MGQ3kT0wQttHlraq7TnVWX
FRAUPrzIeqpapG7zc8WT8Mw3CVbD0iWL1duffp9xzvoeR8rKmuFfO6k0wadf3kW7
zrKkpqwKV07K8audi9qtV5puWCcWHHJH95J3mtiTuTlTZn2l4AM0izVSMvfJXcfp
G540UIYfrWJ2tatwhIB+WHXQGgFFuJn3RbCdQzKS0eVZJcNJv6jdgxXrvYY6IV7c
5m5dIZo=
-----END CERTIFICATE-----
Generated at Wed Nov 20 22:21:00 2024 by rpki-client on console-ams.rpki-client.org