Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/kDZ9zHGOPZGoqChLaFRhQ9M3Liw.roa
File: kDZ9zHGOPZGoqChLaFRhQ9M3Liw.roa (raw, json)
Hash identifier: 6Kz/IgtHXru99IY4DxllaNBZJR7pCQdE7JfgV7kitEs=
Subject key identifier: 90:36:7D:CC:71:8E:3D:91:A8:A8:28:4B:68:54:61:43:D3:37:2E:2C
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0196332141A162EAE89E2322A86AED300579
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/kDZ9zHGOPZGoqChLaFRhQ9M3Liw.roa
Signing time: Mon 14 Apr 2025 07:08:59 +0000
ROA not before: Mon 14 Apr 2025 07:08:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 86.110.34.0/24 maxlen: 24
86.110.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Apr 2025 22:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:33:21:41:a1:62:ea:e8:9e:23:22:a8:6a:ed:30:05:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Apr 14 07:08:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90367dcc718e3d91a8a8284b68546143d3372e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fa:f9:b5:7d:3c:09:46:7c:9f:ff:aa:c1:22:
93:f6:91:a8:f8:3b:a7:84:10:cc:5b:dc:13:ab:43:
3c:f8:8b:49:91:70:e8:df:f0:c7:36:b7:da:d6:f2:
cb:62:74:0a:b0:ea:90:7f:47:ce:99:39:7e:e7:8e:
17:47:18:5d:0a:61:82:dd:14:a3:c5:88:27:ad:8f:
d6:67:a4:30:55:d3:e4:3a:94:28:af:40:e7:07:1d:
3c:14:d5:6d:69:29:90:8b:29:f8:7e:58:82:a5:6c:
79:b1:7f:80:63:1f:cf:9b:84:28:e7:6e:df:4e:0a:
8f:26:9c:0b:e5:7a:2a:a2:5a:e2:0d:91:30:18:30:
a9:47:9e:ba:03:c6:2d:af:06:03:ff:c6:0e:c1:68:
0e:39:7e:68:09:6c:8f:68:68:4c:35:d3:5d:db:71:
d3:cf:74:e5:99:20:e1:61:a9:a5:a8:ad:21:7f:62:
54:0f:1f:83:ec:9f:86:c9:55:47:c4:99:83:8c:e7:
9a:f8:7a:ef:62:07:76:be:15:2d:38:43:b8:5e:37:
2f:62:74:48:6c:a3:3c:f8:e7:8f:99:1a:38:90:e8:
1a:98:44:84:b2:97:68:df:11:4d:12:46:79:62:0d:
06:d8:89:d5:a1:57:af:9a:f0:40:c0:fd:91:87:11:
38:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:36:7D:CC:71:8E:3D:91:A8:A8:28:4B:68:54:61:43:D3:37:2E:2C
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/kDZ9zHGOPZGoqChLaFRhQ9M3Liw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.34.0/24
86.110.60.0/24
Signature Algorithm: sha256WithRSAEncryption
af:28:da:c1:52:8c:d3:1e:f6:ee:5d:a2:98:11:46:6f:d2:30:
cf:61:9d:f5:a1:2f:a7:7b:a3:78:e2:2f:30:47:62:52:02:25:
0b:09:51:79:8c:1a:f4:6e:6b:31:69:5c:3a:98:18:3b:38:f6:
d9:87:8d:39:5e:b5:6d:b8:26:e1:ec:0c:35:16:a0:b9:2b:5a:
e2:b5:49:fc:66:bd:d8:0e:36:cb:8b:c8:87:4d:ca:06:b7:61:
b1:3a:71:3e:58:08:77:d8:e8:d8:57:9e:b1:b5:ff:3b:d1:23:
79:23:a2:8b:fa:5d:8d:6f:b3:63:96:26:82:3a:21:22:0e:7b:
64:e1:96:ff:68:c0:90:ee:a1:06:21:c9:1a:12:fd:7b:54:43:
42:2b:41:9f:f5:1f:e0:c4:cc:20:0e:d3:c7:10:e3:f4:60:68:
dc:b4:10:33:53:22:71:7a:6a:74:4a:e2:48:c4:1e:70:96:03:
e8:d4:ed:68:b6:68:0c:82:ff:99:e2:4a:3d:34:4a:24:59:43:
c8:0d:f1:24:a2:2d:d9:5b:73:b1:a6:27:55:04:85:b0:37:75:
55:c8:6c:07:eb:72:cb:52:fa:90:a3:1f:50:c6:47:be:4c:83:
f2:ee:39:a1:ed:3a:a6:3c:12:61:e1:7e:b0:45:59:5a:f5:e5:
eb:bf:27:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYzIUGhYuroniMiqGrtMAV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwNDE0MDcwODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDM2N2RjYzcxOGUzZDkxYThhODI4NGI2ODU0NjE0M2QzMzcyZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfr5tX08CUZ8n/+qwSKT9pGo+Dun
hBDMW9wTq0M8+ItJkXDo3/DHNrfa1vLLYnQKsOqQf0fOmTl+544XRxhdCmGC3RSj
xYgnrY/WZ6QwVdPkOpQor0DnBx08FNVtaSmQiyn4fliCpWx5sX+AYx/Pm4Qo527f
TgqPJpwL5XoqolriDZEwGDCpR566A8YtrwYD/8YOwWgOOX5oCWyPaGhMNdNd23HT
z3TlmSDhYamlqK0hf2JUDx+D7J+GyVVHxJmDjOea+HrvYgd2vhUtOEO4XjcvYnRI
bKM8+OePmRo4kOgamESEspdo3xFNEkZ5Yg0G2InVoVevmvBAwP2RhxE44QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJA2fcxxjj2RqKgoS2hUYUPTNy4sMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEva0RaOXpIR09QWkdvcUNoTGFGUmhROU0zTGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVm4iAwQA
Vm48MA0GCSqGSIb3DQEBCwUAA4IBAQCvKNrBUozTHvbuXaKYEUZv0jDPYZ31oS+n
e6N44i8wR2JSAiULCVF5jBr0bmsxaVw6mBg7OPbZh405XrVtuCbh7Aw1FqC5K1ri
tUn8Zr3YDjbLi8iHTcoGt2GxOnE+WAh32OjYV56xtf870SN5I6KL+l2Nb7NjliaC
OiEiDntk4Zb/aMCQ7qEGIckaEv17VENCK0Gf9R/gxMwgDtPHEOP0YGjctBAzUyJx
emp0SuJIxB5wlgPo1O1otmgMgv+Z4ko9NEokWUPIDfEkoi3ZW3OxpidVBIWwN3VV
yGwH63LLUvqQox9Qxke+TIPy7jmh7TqmPBJh4X6wRVla9eXrvyfT
-----END CERTIFICATE-----
Generated at Sun May 11 01:00:55 2025 by rpki-client