Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/9QQePaynN5unB_Au9PDQleE2DVM.roa
File: 9QQePaynN5unB_Au9PDQleE2DVM.roa (raw, json)
Hash identifier: uUIP4khDcta4/VEmzwlYsZZuo0Oh/qN4cmEYME9Cxao=
Subject key identifier: F5:04:1E:3D:AC:A7:37:9B:A7:07:F0:2E:F4:F0:D0:95:E1:36:0D:53
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019276469CB291600775580B1EFA3142A376
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/9QQePaynN5unB_Au9PDQleE2DVM.roa
Signing time: Thu 10 Oct 2024 11:53:12 +0000
ROA not before: Thu 10 Oct 2024 11:53:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29262
IP address blocks: 185.85.189.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.191.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.153.0/24 maxlen: 24
185.86.154.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.87.24.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.87.27.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.98.60.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.141.32.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.30.0/24 maxlen: 24
185.254.31.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
193.35.154.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
2a0c:67c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 28 Oct 2024 20:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:46:9c:b2:91:60:07:75:58:0b:1e:fa:31:42:a3:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Oct 10 11:53:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5041e3daca7379ba707f02ef4f0d095e1360d53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4d:11:3d:20:e3:f3:98:7d:ca:d8:29:2d:54:
b1:ab:99:3f:b1:99:8c:b4:98:46:81:1a:3c:d9:89:
9e:83:df:cb:c9:bf:10:fd:b0:f9:4a:df:9c:b8:0f:
9d:b9:f5:b9:e3:5d:ef:9e:2e:63:f2:cb:0e:05:eb:
d0:85:9c:a8:b1:77:2e:e6:05:ce:c9:39:d2:eb:30:
e4:d1:00:a4:ce:4e:e0:d0:a7:b0:4e:c6:30:8e:0b:
2a:e1:db:46:4b:c4:79:1c:07:4a:dd:99:6d:98:32:
83:5f:48:b3:36:49:67:f6:a6:cd:ac:73:20:78:d8:
7b:52:d0:23:cc:54:4f:8d:6b:e0:de:4f:ee:41:25:
5f:a0:4d:a2:ea:ba:6a:9d:93:86:64:d3:74:94:9f:
5f:e3:06:b4:bb:e1:cd:0a:95:a4:d8:26:33:a5:5b:
8f:57:3c:40:fa:7d:c7:4d:1f:96:f2:67:bc:ae:95:
d3:e2:4f:72:35:1e:30:e5:cf:8d:97:ad:77:28:a1:
28:55:15:04:9f:1f:97:a0:ce:9b:b6:50:11:24:07:
72:c7:87:c1:f6:11:3e:dc:f6:9f:0d:44:a7:55:a6:
27:16:5d:aa:9d:b9:fe:b4:5e:d1:f9:89:a3:11:e9:
f1:52:20:25:fd:14:f6:74:a6:64:43:9f:57:b8:bc:
6a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:04:1E:3D:AC:A7:37:9B:A7:07:F0:2E:F4:F0:D0:95:E1:36:0D:53
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/9QQePaynN5unB_Au9PDQleE2DVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.189.0-185.85.191.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.86.13.0/24
185.86.153.0-185.86.154.255
185.86.164.0/22
185.87.24.0/24
185.87.26.0/23
185.87.121.0-185.87.123.255
185.98.60.0/24
185.119.80.0/22
185.141.32.0/24
185.254.28.0/22
193.35.152.0/22
IPv6:
2a0b:6780::/29
2a0c:67c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:61:21:76:e3:e6:35:a0:ac:98:0e:0c:9c:49:f0:81:64:88:
df:2f:fd:42:36:ff:8a:77:c7:3f:80:1b:ef:70:a8:03:a6:c0:
c5:9b:71:ce:f3:d2:e6:50:82:c8:12:c3:0b:25:11:3c:a9:85:
3c:b3:a3:e0:df:60:89:3b:8c:71:60:9b:10:26:93:07:b7:92:
f7:26:87:39:a9:bd:94:4d:00:96:18:a6:15:2f:f6:66:58:cc:
d2:ca:9d:ec:20:1d:91:d0:1d:d1:6f:aa:64:ad:f5:5e:dd:8e:
fa:8f:7a:ab:d0:8c:8d:40:d0:58:86:a8:90:4e:57:a6:8b:72:
79:a8:c8:03:c8:2b:16:22:31:11:ff:ea:16:a4:16:49:76:54:
ea:d6:a5:e4:37:b4:e0:82:81:be:cb:0c:58:a4:43:8f:f9:4b:
38:19:eb:e0:16:b7:b7:94:3c:94:d9:d0:a8:cf:be:b2:b6:30:
95:b7:19:d9:b7:3b:34:c6:a6:83:9d:44:aa:bd:d2:70:00:db:
89:fa:bd:7a:9b:7b:ff:bf:5a:81:4c:57:41:a3:34:44:8a:63:
53:08:be:66:0c:de:ae:07:62:ad:eb:05:10:66:02:67:95:45:
e9:9b:94:15:a0:0b:b9:f6:92:62:29:3c:80:78:53:f2:6b:57:
f2:68:f9:5a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZJ2RpyykWAHdVgLHvoxQqN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQxMDEwMTE1MzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTA0MWUzZGFjYTczNzliYTcwN2YwMmVmNGYwZDA5NWUxMzYwZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu00RPSDj85h9ytgpLVSxq5k/sZmM
tJhGgRo82Ymeg9/Lyb8Q/bD5St+cuA+dufW5413vni5j8ssOBevQhZyosXcu5gXO
yTnS6zDk0QCkzk7g0KewTsYwjgsq4dtGS8R5HAdK3ZltmDKDX0izNkln9qbNrHMg
eNh7UtAjzFRPjWvg3k/uQSVfoE2i6rpqnZOGZNN0lJ9f4wa0u+HNCpWk2CYzpVuP
VzxA+n3HTR+W8me8rpXT4k9yNR4w5c+Nl613KKEoVRUEnx+XoM6btlARJAdyx4fB
9hE+3PafDUSnVaYnFl2qnbn+tF7R+YmjEenxUiAl/RT2dKZkQ59XuLxq3wIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFPUEHj2spzebpwfwLvTw0JXhNg1TMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvOVFRZVBheW5ONXVuQl9BdTlQRFFsZUUyRFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjB6BAIAATB0MAwDBAC5
Vb0DBAa5VYAwDAMEALlV7QMEBLlV4AMEALlWBQMEALlWDTAMAwQAuVaZAwQAuVaa
AwQCuVakAwQAuVcYAwQBuVcaMAwDBAC5V3kDBAK5V3gDBAC5YjwDBAK5d1ADBAC5
jSADBAK5/hwDBALBI5gwFAQCAAIwDgMFAyoLZ4ADBQMqDGfAMA0GCSqGSIb3DQEB
CwUAA4IBAQAqYSF24+Y1oKyYDgycSfCBZIjfL/1CNv+Kd8c/gBvvcKgDpsDFm3HO
89LmUILIEsMLJRE8qYU8s6Pg32CJO4xxYJsQJpMHt5L3Joc5qb2UTQCWGKYVL/Zm
WMzSyp3sIB2R0B3Rb6pkrfVe3Y76j3qr0IyNQNBYhqiQTlemi3J5qMgDyCsWIjER
/+oWpBZJdlTq1qXkN7TggoG+ywxYpEOP+Us4GevgFre3lDyU2dCoz76ytjCVtxnZ
tzs0xqaDnUSqvdJwANuJ+r16m3v/v1qBTFdBozREimNTCL5mDN6uB2Kt6wUQZgJn
lUXpm5QVoAu59pJiKTyAeFPya1fyaPla
-----END CERTIFICATE-----
Generated at Mon Oct 28 23:40:08 2024 by rpki-client on console-fra.rpki-client.org