Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/8tpJGPBuF2F_25uFuK8KzYcaFc8.roa
File: 8tpJGPBuF2F_25uFuK8KzYcaFc8.roa (raw, json)
Hash identifier: hI7rMvVYu9ApyUwXjTZTU0deWzatXc4cOyqzdP6weYY=
Subject key identifier: F2:DA:49:18:F0:6E:17:61:7F:DB:9B:85:B8:AF:0A:CD:87:1A:15:CF
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018F23D84459F7EC1B90C8ACD180789476BB
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/8tpJGPBuF2F_25uFuK8KzYcaFc8.roa
Signing time: Sun 28 Apr 2024 08:35:26 +0000
ROA not before: Sun 28 Apr 2024 08:35:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 85.9.96.0/20 maxlen: 20
85.9.96.0/21 maxlen: 21
85.9.96.0/22 maxlen: 22
85.9.100.0/22 maxlen: 22
85.9.104.0/21 maxlen: 21
85.9.105.0/24 maxlen: 24
85.9.106.0/24 maxlen: 24
85.9.107.0/24 maxlen: 24
85.9.108.0/24 maxlen: 24
85.9.109.0/24 maxlen: 24
85.9.110.0/24 maxlen: 24
85.9.111.0/24 maxlen: 24
85.9.112.0/22 maxlen: 22
85.9.113.0/24 maxlen: 24
85.9.120.0/21 maxlen: 21
85.9.120.0/22 maxlen: 22
85.9.124.0/22 maxlen: 22
185.126.0.0/20 maxlen: 20
185.126.0.0/21 maxlen: 21
185.126.0.0/22 maxlen: 22
185.126.0.0/24 maxlen: 24
185.126.1.0/24 maxlen: 24
185.126.2.0/24 maxlen: 24
185.126.3.0/24 maxlen: 24
185.126.4.0/24 maxlen: 24
185.126.5.0/24 maxlen: 24
185.126.6.0/24 maxlen: 24
185.126.7.0/24 maxlen: 24
185.126.8.0/21 maxlen: 21
185.126.8.0/24 maxlen: 24
185.126.9.0/24 maxlen: 24
185.126.10.0/24 maxlen: 24
185.126.11.0/24 maxlen: 24
185.126.12.0/24 maxlen: 24
185.126.13.0/24 maxlen: 24
185.126.14.0/24 maxlen: 24
185.126.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 09:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:23:d8:44:59:f7:ec:1b:90:c8:ac:d1:80:78:94:76:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Apr 28 08:35:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2da4918f06e17617fdb9b85b8af0acd871a15cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:78:e9:12:47:31:f7:7c:14:af:2b:94:0e:7f:
2f:df:14:d9:28:db:66:6b:85:25:1a:25:40:36:ba:
f1:82:cc:d8:9f:b3:0a:1e:ef:aa:e7:3f:21:b3:3c:
f9:64:f1:c8:3e:20:a2:3b:0f:cf:77:c8:24:f0:da:
d4:65:ae:cc:60:d4:7c:f1:8a:7c:98:32:9f:d7:f2:
38:4b:32:18:d9:c6:64:08:81:d6:85:3f:1c:3b:3b:
a6:98:e2:d0:e5:d5:b9:87:94:f3:9c:c7:77:42:89:
5a:af:86:68:c7:4b:55:53:2d:58:d7:50:96:20:d4:
20:23:94:38:98:94:6f:72:fc:ca:6d:29:92:d6:5e:
49:bb:a0:4b:b6:3b:a4:03:5c:37:0f:21:c8:37:ed:
97:13:7c:86:ef:14:52:ef:99:f4:14:c0:2c:0b:a8:
91:9f:92:73:4a:b6:ef:8b:e1:77:33:29:39:20:68:
78:c9:b7:79:a8:0a:48:67:80:47:f7:48:93:4a:5e:
29:5e:a6:ab:b2:fc:18:0a:f5:4e:9e:28:b2:67:84:
a4:52:c8:73:00:df:0b:03:91:85:7a:fb:ae:e4:69:
82:64:67:61:12:01:fd:5d:e7:81:78:9b:00:85:08:
a6:7f:fb:db:56:31:e7:fc:9a:4b:15:72:bd:79:65:
bd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DA:49:18:F0:6E:17:61:7F:DB:9B:85:B8:AF:0A:CD:87:1A:15:CF
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/8tpJGPBuF2F_25uFuK8KzYcaFc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.96.0-85.9.115.255
85.9.120.0/21
185.126.0.0/20
Signature Algorithm: sha256WithRSAEncryption
b5:ef:2a:0d:10:1c:b7:6a:3c:d8:17:24:b2:68:3c:88:63:ee:
0f:4a:44:9a:40:5a:98:2e:26:13:96:e2:ae:ac:50:9d:e3:0b:
07:1d:1c:28:b0:78:65:08:08:17:08:b2:47:58:be:39:d5:e6:
3d:2f:31:1a:7a:48:d7:d8:c4:9f:b1:5d:56:41:ed:66:ee:ba:
bf:74:0a:8f:e9:d6:2e:ef:73:fd:35:f0:28:42:03:44:d9:8f:
ac:0a:4e:11:55:60:93:4a:19:1b:06:d1:b4:4d:6b:ee:ec:4b:
1e:b9:d2:ed:ce:15:29:68:a8:6d:fc:6c:d2:f7:1d:69:eb:25:
36:41:5a:5c:96:bc:1c:49:15:e9:15:ed:40:45:e8:a4:64:f8:
64:a4:e7:d3:82:15:2b:eb:bc:e4:74:6f:24:aa:6a:3a:51:5b:
d2:a6:a9:e0:d9:5a:ef:71:d6:e2:d6:df:42:8b:96:8f:1a:3f:
27:1f:c0:15:52:b4:07:5e:04:ee:db:74:85:36:16:e1:33:0e:
cf:74:73:fd:91:54:a3:5b:3a:38:dd:5e:b0:72:df:49:78:53:
1f:2c:3a:2e:6c:c2:8f:74:28:16:eb:34:ce:26:80:cb:59:5d:
b6:2d:f8:ba:01:22:c1:25:7b:10:c9:44:6d:b2:1e:ca:bf:83:
e7:79:f7:46
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY8j2ERZ9+wbkMis0YB4lHa7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwNDI4MDgzNTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmRhNDkxOGYwNmUxNzYxN2ZkYjliODViOGFmMGFjZDg3MWExNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXjpEkcx93wUryuUDn8v3xTZKNtm
a4UlGiVANrrxgszYn7MKHu+q5z8hszz5ZPHIPiCiOw/Pd8gk8NrUZa7MYNR88Yp8
mDKf1/I4SzIY2cZkCIHWhT8cOzummOLQ5dW5h5TznMd3Qolar4Zox0tVUy1Y11CW
INQgI5Q4mJRvcvzKbSmS1l5Ju6BLtjukA1w3DyHIN+2XE3yG7xRS75n0FMAsC6iR
n5JzSrbvi+F3Myk5IGh4ybd5qApIZ4BH90iTSl4pXqarsvwYCvVOniiyZ4SkUshz
AN8LA5GFevuu5GmCZGdhEgH9XeeBeJsAhQimf/vbVjHn/JpLFXK9eWW9JwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPLaSRjwbhdhf9ubhbivCs2HGhXPMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvOHRwSkdQQnVGMkZfMjV1RnVLOEt6WWNhRmM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAVVCWAD
BAJVCXADBANVCXgDBAS5fgAwDQYJKoZIhvcNAQELBQADggEBALXvKg0QHLdqPNgX
JLJoPIhj7g9KRJpAWpguJhOW4q6sUJ3jCwcdHCiweGUICBcIskdYvjnV5j0vMRp6
SNfYxJ+xXVZB7Wbuur90Co/p1i7vc/018ChCA0TZj6wKThFVYJNKGRsG0bRNa+7s
Sx650u3OFSloqG38bNL3HWnrJTZBWlyWvBxJFekV7UBF6KRk+GSk59OCFSvrvOR0
bySqajpRW9KmqeDZWu9x1uLW30KLlo8aPycfwBVStAdeBO7bdIU2FuEzDs90c/2R
VKNbOjjdXrBy30l4Ux8sOi5swo90KBbrNM4mgMtZXbYt+LoBIsElexDJRG2yHsq/
g+d590Y=
-----END CERTIFICATE-----
Generated at Tue Apr 30 12:15:45 2024 by rpki-client on console-fra.rpki-client.org