Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/jz3IKzDprTqUcVSZxObgGtPQd5w.roa
File: jz3IKzDprTqUcVSZxObgGtPQd5w.roa (raw, json)
Hash identifier: AdzRrVELZC9fh0JCBmUGTzhUvwA26v/0v53yxy2/Wb8=
Subject key identifier: 8F:3D:C8:2B:30:E9:AD:3A:94:71:54:99:C4:E6:E0:1A:D3:D0:77:9C
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0196001B47EEDA6456EB7DA9CE94814A5F70
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/jz3IKzDprTqUcVSZxObgGtPQd5w.roa
Signing time: Fri 04 Apr 2025 09:21:49 +0000
ROA not before: Fri 04 Apr 2025 09:21:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 86.110.33.0/24 maxlen: 24
86.110.34.0/24 maxlen: 24
86.110.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 09:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:1b:47:ee:da:64:56:eb:7d:a9:ce:94:81:4a:5f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Apr 4 09:21:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f3dc82b30e9ad3a94715499c4e6e01ad3d0779c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d3:ec:f1:6f:6e:93:f6:1c:c7:c4:89:4a:7f:
eb:28:28:9b:e8:65:c7:8d:e0:e0:9e:c4:e0:25:21:
a0:97:ba:7d:5e:c2:fd:a3:c2:37:b8:9b:59:0a:2a:
65:a2:03:f9:20:9f:ab:3f:0c:85:99:56:63:f3:5e:
c6:26:30:85:fa:9b:69:60:37:a7:e7:a9:72:8e:d3:
34:2b:e8:2b:e1:d4:bb:0f:87:8f:d1:f8:1c:58:32:
ba:c7:46:a0:cc:d8:ed:26:5e:d6:84:52:2e:78:6a:
07:62:64:53:49:cc:40:ae:84:9c:ec:29:57:9f:84:
ed:2f:58:17:35:56:97:77:a4:8b:00:93:a0:0e:78:
72:8c:2c:c0:39:c0:72:88:e1:ef:4f:f1:d2:45:2d:
35:50:4f:42:a8:86:90:3a:86:75:1c:cf:a0:9a:8a:
38:ab:2a:b3:30:ed:21:b4:62:f2:a0:8f:27:92:8e:
ff:5b:6c:46:26:06:a0:80:54:7e:e4:65:b4:a4:e4:
25:cb:7e:29:e8:a2:24:71:2f:74:b6:69:04:f0:0f:
a4:0b:50:30:6d:b4:e8:d4:e7:93:4a:69:32:7e:0b:
65:f2:1f:f1:4e:62:32:e5:5e:42:0e:a6:25:44:ce:
d2:8b:36:95:07:da:1e:ff:28:2f:1b:73:b2:89:09:
12:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:3D:C8:2B:30:E9:AD:3A:94:71:54:99:C4:E6:E0:1A:D3:D0:77:9C
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/jz3IKzDprTqUcVSZxObgGtPQd5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.33.0-86.110.34.255
86.110.55.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:55:b7:91:79:cc:32:0f:f9:53:60:09:c9:b3:89:cd:94:80:
9d:88:04:33:d4:40:b0:b2:ed:81:c5:03:c2:97:74:eb:e5:dd:
a6:1f:78:87:41:58:b3:8c:cf:e4:87:29:38:01:2d:4d:7d:a4:
19:5f:88:1f:de:bb:79:a4:dd:60:8a:f9:45:ad:26:63:3d:22:
27:fe:1f:85:5b:76:f3:b9:0d:17:e4:4d:a0:ea:01:6a:0f:07:
4f:56:6c:ee:81:75:fa:30:fd:07:f1:50:f0:ec:d9:36:8d:40:
7d:58:af:94:d6:13:b0:e1:e1:14:26:9e:11:fa:61:eb:7a:70:
15:86:66:74:82:82:8e:01:4e:f2:77:ab:4b:27:f4:89:17:92:
26:f9:ea:3a:3b:4f:06:d4:5e:9a:8a:be:08:4b:95:81:e6:b8:
20:23:af:1b:08:48:ec:7f:6b:e8:b1:43:19:7c:de:d3:07:01:
b8:d6:4c:53:7f:34:ca:63:55:7b:04:27:9b:35:01:cb:34:6d:
87:74:ce:23:29:b0:95:b0:dd:96:58:7d:5b:3d:f0:34:9a:1c:
ce:16:36:b9:b8:e3:34:f8:23:29:9c:26:ea:0a:76:1d:ee:6b:
c6:9b:38:4d:d4:44:7a:22:7b:eb:2d:9f:7c:c2:fc:5e:87:62:
fb:08:4e:f8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZYAG0fu2mRW632pzpSBSl9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwNDA0MDkyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjNkYzgyYjMwZTlhZDNhOTQ3MTU0OTljNGU2ZTAxYWQzZDA3NzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49Ps8W9uk/Ycx8SJSn/rKCib6GXH
jeDgnsTgJSGgl7p9XsL9o8I3uJtZCiplogP5IJ+rPwyFmVZj817GJjCF+ptpYDen
56lyjtM0K+gr4dS7D4eP0fgcWDK6x0agzNjtJl7WhFIueGoHYmRTScxAroSc7ClX
n4TtL1gXNVaXd6SLAJOgDnhyjCzAOcByiOHvT/HSRS01UE9CqIaQOoZ1HM+gmoo4
qyqzMO0htGLyoI8nko7/W2xGJgaggFR+5GW0pOQly34p6KIkcS90tmkE8A+kC1Aw
bbTo1OeTSmkyfgtl8h/xTmIy5V5CDqYlRM7SizaVB9oe/ygvG3OyiQkSlwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI89yCsw6a06lHFUmcTm4BrT0HecMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvanozSUt6RHByVHFVY1ZTWnhPYmdHdFBRZDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABWbiED
BABWbiIDBABWbjcwDQYJKoZIhvcNAQELBQADggEBAFpVt5F5zDIP+VNgCcmzic2U
gJ2IBDPUQLCy7YHFA8KXdOvl3aYfeIdBWLOMz+SHKTgBLU19pBlfiB/eu3mk3WCK
+UWtJmM9Iif+H4VbdvO5DRfkTaDqAWoPB09WbO6Bdfow/QfxUPDs2TaNQH1Yr5TW
E7Dh4RQmnhH6Yet6cBWGZnSCgo4BTvJ3q0sn9IkXkib56jo7TwbUXpqKvghLlYHm
uCAjrxsISOx/a+ixQxl83tMHAbjWTFN/NMpjVXsEJ5s1Acs0bYd0ziMpsJWw3ZZY
fVs98DSaHM4WNrm44zT4IymcJuoKdh3ua8abOE3URHoie+stn3zC/F6HYvsITvg=
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:59:32 2025 by rpki-client