Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/XXsd2v1P4fG-R9Sy1wxwfQV_Q-k.roa
File: XXsd2v1P4fG-R9Sy1wxwfQV_Q-k.roa (raw, json)
Hash identifier: DbP6G1FdraTxZEoygybBP4gPvJLUoVPctve//YeRpo0=
Subject key identifier: 5D:7B:1D:DA:FD:4F:E1:F1:BE:47:D4:B2:D7:0C:70:7D:05:7F:43:E9
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0196813AB4F5C5D150B54F3EFEFA19E75694
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/XXsd2v1P4fG-R9Sy1wxwfQV_Q-k.roa
Signing time: Tue 29 Apr 2025 11:07:10 +0000
ROA not before: Tue 29 Apr 2025 11:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 86.110.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 May 2025 10:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:3a:b4:f5:c5:d1:50:b5:4f:3e:fe:fa:19:e7:56:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Apr 29 11:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d7b1ddafd4fe1f1be47d4b2d70c707d057f43e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:56:5c:5d:54:c2:13:31:28:10:85:93:2a:7e:
ef:94:68:68:30:18:14:58:e2:48:a1:d5:1f:1b:9f:
3c:36:3b:13:0b:73:b9:06:00:fd:85:cf:14:e7:c5:
ed:1b:c4:c5:87:c2:c6:3c:c3:18:e5:4a:03:58:8d:
a9:16:1f:b5:ce:30:2b:52:dc:71:79:32:12:15:ab:
86:5e:1d:ac:6b:c3:48:22:54:16:22:6e:7d:04:90:
a0:d3:40:7f:8c:85:68:3d:69:a6:47:6e:6f:92:a5:
b1:f8:a0:5c:ff:13:35:a0:d3:45:59:b4:52:40:d1:
2e:83:9e:ed:a8:94:da:db:eb:63:1e:e9:98:51:61:
1a:e9:88:c6:a6:ec:ba:da:e5:99:73:0f:5e:b7:97:
de:d5:9f:3b:6c:ea:96:f1:f7:92:0f:d7:54:d2:74:
4f:60:d6:df:df:da:4a:6a:09:14:ac:88:59:c5:45:
47:74:2f:df:50:a7:46:a9:2d:92:a7:d3:d5:8c:41:
b5:d6:db:55:08:f1:cb:23:57:75:dd:9e:a0:06:99:
c8:e6:e5:89:66:a6:4c:d7:14:59:8e:ef:df:58:51:
e4:d2:10:36:70:66:fb:bb:7f:3b:65:b6:08:18:b4:
5a:f3:ec:06:d6:96:97:85:c7:ce:a2:02:0a:ea:4c:
fd:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:7B:1D:DA:FD:4F:E1:F1:BE:47:D4:B2:D7:0C:70:7D:05:7F:43:E9
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/XXsd2v1P4fG-R9Sy1wxwfQV_Q-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.34.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:78:25:c8:ab:6a:1d:d4:26:96:c4:f0:9e:3c:82:69:34:75:
e2:35:27:1f:ab:74:bd:f3:9a:94:70:8d:3d:93:53:a5:d9:ca:
0a:e7:43:de:9b:ae:99:0a:5d:ac:1b:60:c6:30:92:b1:ce:cb:
39:79:b9:12:80:d8:1e:3f:dc:e0:5a:cb:a0:58:78:79:53:ed:
31:c0:a7:e4:f6:43:0d:cf:91:78:85:32:34:bc:e8:f6:c9:1e:
66:b2:da:dc:75:c1:8e:7f:de:0a:dc:0b:89:03:79:39:f7:07:
44:f1:08:83:6f:ca:37:9c:03:9d:ba:53:b6:60:bc:92:4f:a2:
1f:3e:54:9c:90:e0:1f:d7:85:7c:f2:28:0f:41:45:83:ff:92:
46:4c:79:0e:9d:ea:8d:3a:58:7c:3d:4e:6d:27:68:0f:c6:d8:
fc:37:ff:c6:e0:1b:bc:0b:f4:cd:cb:b7:31:a1:ff:87:37:65:
fb:57:1c:1f:63:0a:37:45:52:41:44:fd:19:5f:55:5b:42:52:
bf:da:cd:1f:ca:cd:11:27:d7:c7:40:21:02:de:71:fe:ed:01:
27:37:f8:46:4a:34:8d:c1:6d:5c:2f:2f:b1:dd:6e:61:19:f6:
67:95:54:92:f5:e7:22:c7:8a:9f:f0:11:6c:e6:05:15:35:89:
12:1c:94:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaBOrT1xdFQtU8+/voZ51aUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwNDI5MTEwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDdiMWRkYWZkNGZlMWYxYmU0N2Q0YjJkNzBjNzA3ZDA1N2Y0M2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1ZcXVTCEzEoEIWTKn7vlGhoMBgU
WOJIodUfG588NjsTC3O5BgD9hc8U58XtG8TFh8LGPMMY5UoDWI2pFh+1zjArUtxx
eTISFauGXh2sa8NIIlQWIm59BJCg00B/jIVoPWmmR25vkqWx+KBc/xM1oNNFWbRS
QNEug57tqJTa2+tjHumYUWEa6YjGpuy62uWZcw9et5fe1Z87bOqW8feSD9dU0nRP
YNbf39pKagkUrIhZxUVHdC/fUKdGqS2Sp9PVjEG11ttVCPHLI1d13Z6gBpnI5uWJ
ZqZM1xRZju/fWFHk0hA2cGb7u387ZbYIGLRa8+wG1paXhcfOogIK6kz9NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF17Hdr9T+HxvkfUstcMcH0Ff0PpMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvWFhzZDJ2MVA0ZkctUjlTeTF3eHdmUVZfUS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm4iMA0G
CSqGSIb3DQEBCwUAA4IBAQBMeCXIq2od1CaWxPCePIJpNHXiNScfq3S985qUcI09
k1Ol2coK50Pem66ZCl2sG2DGMJKxzss5ebkSgNgeP9zgWsugWHh5U+0xwKfk9kMN
z5F4hTI0vOj2yR5mstrcdcGOf94K3AuJA3k59wdE8QiDb8o3nAOdulO2YLyST6If
PlSckOAf14V88igPQUWD/5JGTHkOneqNOlh8PU5tJ2gPxtj8N//G4Bu8C/TNy7cx
of+HN2X7VxwfYwo3RVJBRP0ZX1VbQlK/2s0fys0RJ9fHQCEC3nH+7QEnN/hGSjSN
wW1cLy+x3W5hGfZnlVSS9ecix4qf8BFs5gUVNYkSHJR1
-----END CERTIFICATE-----
Generated at Fri May 9 02:38:51 2025 by rpki-client