Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/opNq8lgnTJUdH6hiFuH5aRTWqXo.roa
File: opNq8lgnTJUdH6hiFuH5aRTWqXo.roa (raw, json)
Hash identifier: Ktos2qF5GCXrXa+vhw32KJguz1qo14GW0R6YKoMAIxg=
Subject key identifier: A2:93:6A:F2:58:27:4C:95:1D:1F:A8:62:16:E1:F9:69:14:D6:A9:7A
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0192847EC02A23775DE4342FFE16AEDE8B9D
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/opNq8lgnTJUdH6hiFuH5aRTWqXo.roa
Signing time: Sun 13 Oct 2024 06:09:12 +0000
ROA not before: Sun 13 Oct 2024 06:09:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 86.110.44.0/24 maxlen: 24
86.110.46.0/24 maxlen: 24
86.110.56.0/24 maxlen: 24
86.110.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 23:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:84:7e:c0:2a:23:77:5d:e4:34:2f:fe:16:ae:de:8b:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Oct 13 06:09:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2936af258274c951d1fa86216e1f96914d6a97a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:dc:19:37:d1:08:32:63:26:f6:e9:2e:ce:d3:
37:d8:58:de:2d:2e:77:49:b3:b4:da:c7:54:71:fc:
ab:62:32:20:19:9e:90:f2:f0:75:f1:b0:92:02:bc:
c9:da:e8:f7:85:33:30:d6:bf:b2:4c:38:01:61:e2:
47:37:4e:10:0e:9c:d5:5b:e5:66:e4:a3:bf:0c:aa:
1c:c1:59:3c:93:d5:0f:33:25:98:ed:2c:4e:22:a4:
5d:fa:28:82:96:fc:2e:a0:2c:97:ca:fa:b8:03:42:
a6:9f:8e:4d:43:d0:86:6a:4d:10:89:35:aa:15:33:
89:65:99:4f:b5:18:70:6f:fc:c5:a4:8b:fe:45:bb:
89:cc:02:18:8e:59:ef:08:85:83:8b:c1:4e:c4:e7:
08:01:25:6b:5d:68:af:23:c9:08:a4:c3:5b:21:28:
b7:cf:3c:2c:d5:d3:73:a9:f0:42:9f:47:d8:42:ff:
6b:a6:ea:0c:b0:91:e1:8e:86:07:71:30:78:43:b0:
06:ee:ff:68:a5:79:27:c0:6d:a2:08:5f:65:80:c7:
2b:c8:6b:67:94:d1:7c:f0:4e:97:87:67:18:24:12:
c1:26:4a:64:55:f0:6e:82:fe:02:b9:79:5c:42:a5:
17:4e:08:b8:9e:8c:67:9b:e3:d4:81:5c:95:4b:05:
80:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:93:6A:F2:58:27:4C:95:1D:1F:A8:62:16:E1:F9:69:14:D6:A9:7A
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/opNq8lgnTJUdH6hiFuH5aRTWqXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.44.0/24
86.110.46.0/24
86.110.56.0/24
86.110.63.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:92:85:c4:66:9f:df:c8:e0:c7:79:65:fe:08:94:2e:b4:8d:
c1:d4:9a:ae:74:d2:1c:d2:eb:db:32:df:b5:f0:17:4d:87:c8:
08:e1:44:b3:e7:79:82:4f:4b:ef:c4:81:8f:53:fb:b2:8d:3d:
47:26:de:4e:d0:bc:4a:09:cf:b9:2c:29:77:1e:5c:6d:a4:f1:
32:38:6f:82:01:ff:8e:bb:98:05:41:c7:a5:a1:f3:8f:ff:4f:
0f:ca:88:48:4f:49:ef:d5:ee:90:19:ae:b8:bd:75:30:89:c5:
ef:40:ee:a6:de:af:9b:e9:33:76:c5:1b:e5:79:2f:cb:0f:d8:
20:69:e4:47:11:7b:52:4f:17:e5:27:bd:5c:8a:c2:cb:ec:2b:
66:5a:99:cf:44:f3:56:d8:49:98:f2:5c:5d:ee:3b:db:e3:b0:
a7:4b:9f:e3:da:95:64:d3:a6:5e:cc:da:97:5b:f1:4d:18:92:
cd:e1:2d:62:03:b7:0c:7c:e0:8b:28:5e:6f:19:ca:d5:ef:31:
34:94:d5:70:2c:58:e9:93:ce:42:aa:8b:ee:31:1b:75:f1:8f:
bd:fd:8c:3c:30:c4:2b:b5:22:ae:06:ab:20:10:e9:88:ba:32:
14:c9:4d:a2:dd:7f:87:3f:91:f3:0b:e4:aa:58:a7:68:ab:2d:
e7:81:37:ec
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKEfsAqI3dd5DQv/hau3oudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjQxMDEzMDYwOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjkzNmFmMjU4Mjc0Yzk1MWQxZmE4NjIxNmUxZjk2OTE0ZDZhOTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdwZN9EIMmMm9ukuztM32FjeLS53
SbO02sdUcfyrYjIgGZ6Q8vB18bCSArzJ2uj3hTMw1r+yTDgBYeJHN04QDpzVW+Vm
5KO/DKocwVk8k9UPMyWY7SxOIqRd+iiClvwuoCyXyvq4A0Kmn45NQ9CGak0QiTWq
FTOJZZlPtRhwb/zFpIv+RbuJzAIYjlnvCIWDi8FOxOcIASVrXWivI8kIpMNbISi3
zzws1dNzqfBCn0fYQv9rpuoMsJHhjoYHcTB4Q7AG7v9opXknwG2iCF9lgMcryGtn
lNF88E6Xh2cYJBLBJkpkVfBugv4CuXlcQqUXTgi4noxnm+PUgVyVSwWATwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKKTavJYJ0yVHR+oYhbh+WkU1ql6MB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvb3BOcThsZ25USlVkSDZoaUZ1SDVhUlRXcVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVm4sAwQA
Vm4uAwQAVm44AwQAVm4/MA0GCSqGSIb3DQEBCwUAA4IBAQA+koXEZp/fyODHeWX+
CJQutI3B1JqudNIc0uvbMt+18BdNh8gI4USz53mCT0vvxIGPU/uyjT1HJt5O0LxK
Cc+5LCl3HlxtpPEyOG+CAf+Ou5gFQcelofOP/08PyohIT0nv1e6QGa64vXUwicXv
QO6m3q+b6TN2xRvleS/LD9ggaeRHEXtSTxflJ71cisLL7CtmWpnPRPNW2EmY8lxd
7jvb47CnS5/j2pVk06ZezNqXW/FNGJLN4S1iA7cMfOCLKF5vGcrV7zE0lNVwLFjp
k85CqovuMRt18Y+9/Yw8MMQrtSKuBqsgEOmIujIUyU2i3X+HP5HzC+SqWKdoqy3n
gTfs
-----END CERTIFICATE-----
Generated at Tue Nov 12 02:40:04 2024 by rpki-client on console-fra.rpki-client.org