Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/uJ8UkpMLNotUP1zz9C-xXqiFJuE.roa
File: uJ8UkpMLNotUP1zz9C-xXqiFJuE.roa (raw, json)
Hash identifier: rExsG0aNeiKKbMG3BQtIkU89RJsaXiGPe7WYqtKFvLg=
Subject key identifier: B8:9F:14:92:93:0B:36:8B:54:3F:5C:F3:F4:2F:B1:5E:A8:85:26:E1
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 01942604D817B2291614015396995E6CF859
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/uJ8UkpMLNotUP1zz9C-xXqiFJuE.roa
Signing time: Thu 02 Jan 2025 07:57:19 +0000
ROA not before: Thu 02 Jan 2025 07:57:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 86.110.48.0/24 maxlen: 24
86.110.49.0/24 maxlen: 24
86.110.50.0/24 maxlen: 24
86.110.51.0/24 maxlen: 24
86.110.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:04:d8:17:b2:29:16:14:01:53:96:99:5e:6c:f8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Jan 2 07:57:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b89f1492930b368b543f5cf3f42fb15ea88526e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:61:10:87:66:1e:4e:a5:5b:23:0c:0d:11:0b:
43:a5:00:27:07:5a:bb:1f:62:d5:24:3a:47:b0:8e:
10:25:00:65:ce:5a:cd:da:58:55:79:ef:d7:26:68:
f4:b2:90:0c:62:4e:96:47:83:b8:8d:d6:4f:8f:d9:
18:22:81:76:e3:3b:60:4f:03:fe:96:92:c0:58:5f:
76:15:d4:50:46:49:c9:1a:3f:45:1a:17:94:e5:d1:
08:fd:6d:6c:95:af:66:2c:f0:85:1f:88:be:9a:8f:
9d:a3:01:b0:29:7d:85:5b:28:12:09:b0:56:5e:8d:
7b:42:25:2f:dd:5d:6f:26:05:4a:a9:f4:4b:ab:7e:
ed:0b:1a:0c:db:fa:b2:b5:b4:3c:36:88:bf:d7:c0:
1f:1b:7b:c0:dd:f6:23:ba:2e:fc:54:19:75:fd:4f:
94:9e:49:fb:e1:aa:26:36:30:50:84:9c:0a:f7:a5:
5a:49:a1:6f:28:4d:50:ed:42:85:58:75:60:66:c8:
d6:1e:a1:57:6f:f6:1e:92:14:bd:e9:d0:62:62:da:
a2:c2:11:d7:16:63:69:3b:98:86:bf:88:61:38:9d:
d4:22:9f:97:09:cc:f9:c2:20:a7:49:1b:03:d1:fc:
e3:b6:24:7d:36:9c:5b:b6:19:13:de:2b:44:6b:0c:
2e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:9F:14:92:93:0B:36:8B:54:3F:5C:F3:F4:2F:B1:5E:A8:85:26:E1
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/uJ8UkpMLNotUP1zz9C-xXqiFJuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.48.0/22
86.110.61.0/24
Signature Algorithm: sha256WithRSAEncryption
63:77:cc:89:0d:b6:a0:06:aa:de:b5:b4:a1:cc:0d:86:39:a0:
32:f4:76:6b:9b:fa:2d:72:00:a8:20:bd:b9:7d:67:2a:2f:47:
f9:ba:3d:97:53:0d:e1:5e:d1:7d:fb:70:ff:b2:7c:45:39:4f:
3f:26:e1:9c:6c:f0:a1:32:65:b2:a8:01:dc:f5:7e:cc:6f:a2:
08:2e:6a:21:13:d8:40:6c:29:04:81:6f:bf:09:bb:e8:f4:0c:
f5:d8:7e:09:c1:cf:9b:97:90:d3:6a:b7:8d:49:8e:85:0c:85:
c3:5b:ec:cc:13:e3:64:3e:67:d0:d3:c2:2c:91:63:2d:bb:43:
25:9f:36:2c:16:0c:38:d1:8d:64:6c:f5:0e:65:2b:1b:cf:7e:
5b:53:b8:21:71:c6:c4:18:c0:91:70:5d:76:11:9a:b1:07:2e:
af:27:ac:a9:3a:86:25:03:3c:76:91:aa:9f:99:1e:78:4f:13:
aa:84:bd:73:e8:93:f8:ba:fa:ad:9a:25:79:65:b4:13:e8:cd:
4f:7d:a7:b4:49:51:fa:03:c3:fa:ba:c5:95:ce:6c:43:7c:48:
c6:32:97:df:77:a1:3b:56:f5:53:84:8c:38:8b:ed:ac:9f:95:
98:4c:27:5a:c5:16:c9:40:c0:54:e8:e8:ee:bd:f1:4b:93:e4:
4c:1b:cd:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmBNgXsikWFAFTlplebPhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwMTAyMDc1NzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODlmMTQ5MjkzMGIzNjhiNTQzZjVjZjNmNDJmYjE1ZWE4ODUyNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8mEQh2YeTqVbIwwNEQtDpQAnB1q7
H2LVJDpHsI4QJQBlzlrN2lhVee/XJmj0spAMYk6WR4O4jdZPj9kYIoF24ztgTwP+
lpLAWF92FdRQRknJGj9FGheU5dEI/W1sla9mLPCFH4i+mo+dowGwKX2FWygSCbBW
Xo17QiUv3V1vJgVKqfRLq37tCxoM2/qytbQ8Noi/18AfG3vA3fYjui78VBl1/U+U
nkn74aomNjBQhJwK96VaSaFvKE1Q7UKFWHVgZsjWHqFXb/YekhS96dBiYtqiwhHX
FmNpO5iGv4hhOJ3UIp+XCcz5wiCnSRsD0fzjtiR9NpxbthkT3itEawwuHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLifFJKTCzaLVD9c8/QvsV6ohSbhMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvdUo4VWtwTUxOb3RVUDF6ejlDLXhYcWlGSnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVm4wAwQA
Vm49MA0GCSqGSIb3DQEBCwUAA4IBAQBjd8yJDbagBqretbShzA2GOaAy9HZrm/ot
cgCoIL25fWcqL0f5uj2XUw3hXtF9+3D/snxFOU8/JuGcbPChMmWyqAHc9X7Mb6II
LmohE9hAbCkEgW+/Cbvo9Az12H4Jwc+bl5DTareNSY6FDIXDW+zME+NkPmfQ08Is
kWMtu0MlnzYsFgw40Y1kbPUOZSsbz35bU7ghccbEGMCRcF12EZqxBy6vJ6ypOoYl
Azx2kaqfmR54TxOqhL1z6JP4uvqtmiV5ZbQT6M1Pfae0SVH6A8P6usWVzmxDfEjG
Mpffd6E7VvVThIw4i+2sn5WYTCdaxRbJQMBU6OjuvfFLk+RMG81X
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:50:06 2025 by rpki-client