Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/r-PTdqlm6DwNYQNYx4MIpTBaWms.roa
File: r-PTdqlm6DwNYQNYx4MIpTBaWms.roa (raw, json)
Hash identifier: ZHCWkUyzeH4sC2ALKQVGCZZUUX8xaY3JLvdORO//tQU=
Subject key identifier: AF:E3:D3:76:A9:66:E8:3C:0D:61:03:58:C7:83:08:A5:30:5A:5A:6B
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 01943BCD51E39098A4688F846F6500356067
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/r-PTdqlm6DwNYQNYx4MIpTBaWms.roa
Signing time: Mon 06 Jan 2025 13:28:19 +0000
ROA not before: Mon 06 Jan 2025 13:28:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 86.110.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 17:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:cd:51:e3:90:98:a4:68:8f:84:6f:65:00:35:60:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Jan 6 13:28:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afe3d376a966e83c0d610358c78308a5305a5a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:81:4d:87:3d:04:b4:b7:42:ae:4d:11:d6:e4:
3f:b2:f4:85:d1:35:70:ed:d4:c8:da:10:60:7e:1d:
5d:f7:a3:48:4d:93:3d:5c:9c:f2:b9:20:f2:98:5f:
38:b6:cc:05:c0:bd:89:a8:77:42:02:82:c0:8d:78:
e6:fa:2d:29:7a:c1:da:c5:d9:1b:26:1d:84:0e:21:
b1:b2:e5:05:a5:70:d8:82:2d:5f:30:d6:4f:9c:50:
6a:0f:ea:0c:67:12:d6:53:cb:16:fb:98:83:71:7c:
73:39:2b:9c:7f:f8:f1:5c:e9:e1:82:02:34:94:a7:
77:2d:cc:59:f0:44:b2:14:08:28:5b:66:53:50:b4:
bb:e5:36:fd:53:21:36:06:be:3e:37:a3:9f:b5:ee:
63:53:ee:94:39:83:f3:f0:0a:40:d1:fb:b6:91:e5:
64:4e:51:e7:58:e5:ec:4c:be:bb:47:22:c4:e0:ee:
b4:29:1a:5b:38:6f:94:98:1b:69:55:e5:bf:e0:7b:
39:d5:c5:63:5f:e5:3c:68:25:a4:be:34:39:60:74:
ff:01:fb:87:77:96:00:29:6a:ee:f0:e2:bb:16:4f:
06:a4:cf:24:cc:52:0e:79:7d:c9:0f:04:88:38:cb:
9c:e1:67:c5:53:c1:31:9f:8c:12:68:7a:61:4b:0c:
45:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E3:D3:76:A9:66:E8:3C:0D:61:03:58:C7:83:08:A5:30:5A:5A:6B
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/r-PTdqlm6DwNYQNYx4MIpTBaWms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.59.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:47:14:78:64:72:10:40:ae:6e:18:a0:28:29:8b:17:52:23:
2d:38:b0:67:f7:68:21:22:b5:d5:b0:a9:41:f1:26:8c:4a:a3:
d9:b1:cb:7a:65:48:f4:dd:ae:bd:93:95:44:64:eb:18:d7:2b:
21:b1:3b:cf:63:fb:67:7f:23:a1:e7:2a:ff:e1:72:c9:1b:ce:
f0:5e:55:ed:ca:bb:06:c7:4d:43:d0:6f:84:02:c3:1d:92:72:
92:41:12:1e:63:6c:9c:1d:f0:26:21:44:c7:39:05:e5:ec:06:
2f:c0:cb:2c:f4:81:93:7e:ee:05:a4:84:d6:e5:ea:04:31:ed:
0e:5d:cb:3b:e0:0a:76:f3:02:58:32:49:49:1e:f0:18:be:65:
f3:82:29:a6:86:67:fe:98:5a:d2:f3:73:32:92:ce:65:87:06:
7c:42:d4:aa:d7:9d:3c:a7:ba:00:66:67:44:75:ab:32:08:17:
cd:b2:a8:5e:1b:75:6d:66:c3:f5:7b:2c:d9:fb:3e:ea:82:2f:
b2:e6:bf:4a:e6:d0:80:2e:b1:35:5c:0b:c9:ce:f2:82:d8:8d:
28:af:4d:77:f4:da:00:fb:5a:de:49:b0:57:27:10:58:a8:37:
95:9f:45:c1:3e:da:a9:c3:0d:26:09:d8:93:54:d1:59:e6:b8:
e0:cb:3b:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ7zVHjkJikaI+Eb2UANWBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwMTA2MTMyODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmUzZDM3NmE5NjZlODNjMGQ2MTAzNThjNzgzMDhhNTMwNWE1YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4FNhz0EtLdCrk0R1uQ/svSF0TVw
7dTI2hBgfh1d96NITZM9XJzyuSDymF84tswFwL2JqHdCAoLAjXjm+i0pesHaxdkb
Jh2EDiGxsuUFpXDYgi1fMNZPnFBqD+oMZxLWU8sW+5iDcXxzOSucf/jxXOnhggI0
lKd3LcxZ8ESyFAgoW2ZTULS75Tb9UyE2Br4+N6Ofte5jU+6UOYPz8ApA0fu2keVk
TlHnWOXsTL67RyLE4O60KRpbOG+UmBtpVeW/4Hs51cVjX+U8aCWkvjQ5YHT/AfuH
d5YAKWru8OK7Fk8GpM8kzFIOeX3JDwSIOMuc4WfFU8Exn4wSaHphSwxFZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/j03apZug8DWEDWMeDCKUwWlprMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvci1QVGRxbG02RHdOWVFOWXg0TUlwVEJhV21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm47MA0G
CSqGSIb3DQEBCwUAA4IBAQCwRxR4ZHIQQK5uGKAoKYsXUiMtOLBn92ghIrXVsKlB
8SaMSqPZsct6ZUj03a69k5VEZOsY1yshsTvPY/tnfyOh5yr/4XLJG87wXlXtyrsG
x01D0G+EAsMdknKSQRIeY2ycHfAmIUTHOQXl7AYvwMss9IGTfu4FpITW5eoEMe0O
Xcs74Ap28wJYMklJHvAYvmXzgimmhmf+mFrS83Myks5lhwZ8QtSq1508p7oAZmdE
dasyCBfNsqheG3VtZsP1eyzZ+z7qgi+y5r9K5tCALrE1XAvJzvKC2I0or0139NoA
+1reSbBXJxBYqDeVn0XBPtqpww0mCdiTVNFZ5rjgyzsD
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:19:31 2025 by rpki-client