Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/yxWdoE8WOXeVhczr--RU8Cngb10.roa
File: yxWdoE8WOXeVhczr--RU8Cngb10.roa (raw, json)
Hash identifier: x1xCxInVzlr0LpwwMEryQ94SRw28e+h2mYWlVaPlrSQ=
Subject key identifier: CB:15:9D:A0:4F:16:39:77:95:85:CC:EB:FB:E4:54:F0:29:E0:6F:5D
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0193165EF2CC5ACBA285FB345D1173249D47
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/yxWdoE8WOXeVhczr--RU8Cngb10.roa
Signing time: Sun 10 Nov 2024 13:59:01 +0000
ROA not before: Sun 10 Nov 2024 13:59:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 86.110.36.0/24 maxlen: 24
86.110.37.0/24 maxlen: 24
86.110.53.0/24 maxlen: 24
86.110.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 23:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:16:5e:f2:cc:5a:cb:a2:85:fb:34:5d:11:73:24:9d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Nov 10 13:59:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb159da04f1639779585ccebfbe454f029e06f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:36:d6:ad:fc:c1:b9:02:61:d3:0e:b2:51:9b:
19:e9:71:58:ef:5a:09:c0:6d:bf:be:b2:fe:8f:6a:
c4:4f:fb:45:34:88:b3:02:ff:26:0e:53:e6:f4:a7:
a9:a2:62:ca:45:8d:91:d4:c4:9d:48:50:76:b6:3e:
a2:ca:7a:cb:e2:45:6e:5f:6a:af:e1:54:b4:19:f9:
20:88:22:63:0f:a9:3a:86:92:b8:df:76:cf:cb:53:
a8:c9:94:72:9a:9b:92:3e:98:15:90:ed:49:ab:8e:
7a:9d:3c:37:51:38:09:64:79:8d:90:4d:ff:1e:b9:
65:3f:b8:f1:a6:25:d7:72:3a:dd:9a:56:16:2b:f5:
c8:df:da:ee:f1:ef:7f:f0:06:c9:f0:ae:18:38:7e:
6c:56:de:70:a0:1f:ed:98:50:55:22:69:6f:b3:9c:
8d:13:8c:04:2c:26:42:d9:5d:0f:63:88:f6:66:ef:
bf:ce:72:5b:7b:3c:1c:75:fd:f2:e0:87:9d:75:e0:
a1:e6:8b:da:f6:05:31:01:8c:e2:9e:06:58:63:e0:
06:24:e5:e5:25:79:db:d8:41:c5:59:96:f3:40:6f:
58:37:d9:23:31:f7:9d:ce:83:8a:1f:89:4a:88:4a:
8b:d1:65:bf:af:cb:da:10:b3:f7:e7:e2:5d:85:e0:
d8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:15:9D:A0:4F:16:39:77:95:85:CC:EB:FB:E4:54:F0:29:E0:6F:5D
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/yxWdoE8WOXeVhczr--RU8Cngb10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.36.0/23
86.110.53.0/24
86.110.58.0/24
Signature Algorithm: sha256WithRSAEncryption
87:e8:dc:7f:c6:1e:34:cb:c4:68:00:f6:6f:23:cc:b0:cf:89:
4c:af:5c:ec:6d:28:cd:35:12:04:be:84:ef:12:4b:3e:4b:b2:
fd:00:2f:52:90:43:96:ae:25:21:18:fb:8a:c5:6c:4a:6a:95:
f3:03:2c:b5:e0:48:28:43:6a:60:0c:81:a8:85:bb:d2:18:4f:
4c:44:6e:98:cd:63:39:48:62:98:f4:6a:84:49:fd:2d:e0:99:
dc:a6:8b:f4:c7:41:24:26:60:14:0b:ef:43:84:52:92:16:6a:
46:36:4c:e1:82:c7:b6:b1:8c:47:03:9d:04:d4:47:a9:1b:0a:
5a:80:57:aa:98:38:fd:54:e2:18:06:b3:d1:c1:be:83:5b:59:
d0:4e:d6:e5:2a:0c:88:29:ca:f0:dd:9e:be:ad:9a:c9:3a:f2:
ba:95:c8:de:58:76:cf:50:c1:89:6c:34:cf:e5:75:30:c7:ed:
bd:b4:c9:be:18:4b:5e:b0:36:e8:27:ac:ef:c0:77:9d:90:0d:
34:f9:86:c2:01:a6:63:58:76:3b:8d:ac:e9:68:a0:66:fc:60:
1c:e4:60:aa:a5:0c:ad:39:9d:11:14:c6:52:42:39:9b:16:2b:
98:99:7b:bb:c7:af:4e:45:ef:37:95:a6:ad:c2:4d:d8:d0:5c:
15:69:4e:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMWXvLMWsuihfs0XRFzJJ1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjQxMTEwMTM1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjE1OWRhMDRmMTYzOTc3OTU4NWNjZWJmYmU0NTRmMDI5ZTA2ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjbWrfzBuQJh0w6yUZsZ6XFY71oJ
wG2/vrL+j2rET/tFNIizAv8mDlPm9KepomLKRY2R1MSdSFB2tj6iynrL4kVuX2qv
4VS0GfkgiCJjD6k6hpK433bPy1OoyZRympuSPpgVkO1Jq456nTw3UTgJZHmNkE3/
HrllP7jxpiXXcjrdmlYWK/XI39ru8e9/8AbJ8K4YOH5sVt5woB/tmFBVImlvs5yN
E4wELCZC2V0PY4j2Zu+/znJbezwcdf3y4IeddeCh5ova9gUxAYzingZYY+AGJOXl
JXnb2EHFWZbzQG9YN9kjMfedzoOKH4lKiEqL0WW/r8vaELP35+JdheDYlQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMsVnaBPFjl3lYXM6/vkVPAp4G9dMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEveXhXZG9FOFdPWGVWaGN6ci0tUlU4Q25nYjEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVm4kAwQA
Vm41AwQAVm46MA0GCSqGSIb3DQEBCwUAA4IBAQCH6Nx/xh40y8RoAPZvI8ywz4lM
r1zsbSjNNRIEvoTvEks+S7L9AC9SkEOWriUhGPuKxWxKapXzAyy14EgoQ2pgDIGo
hbvSGE9MRG6YzWM5SGKY9GqESf0t4Jncpov0x0EkJmAUC+9DhFKSFmpGNkzhgse2
sYxHA50E1EepGwpagFeqmDj9VOIYBrPRwb6DW1nQTtblKgyIKcrw3Z6+rZrJOvK6
lcjeWHbPUMGJbDTP5XUwx+29tMm+GEtesDboJ6zvwHedkA00+YbCAaZjWHY7jazp
aKBm/GAc5GCqpQytOZ0RFMZSQjmbFiuYmXu7x69ORe83laatwk3Y0FwVaU5K
-----END CERTIFICATE-----
Generated at Tue Nov 12 02:40:04 2024 by rpki-client on console-fra.rpki-client.org