Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/91MpPmpzcIGrzj2jEX_JTLS9OZQ.roa
File: 91MpPmpzcIGrzj2jEX_JTLS9OZQ.roa (raw, json)
Hash identifier: oRo8vBvzrXV10etVc79DZa7bKWMG7i/bfl41oUGgnXg=
Subject key identifier: F7:53:29:3E:6A:73:70:81:AB:CE:3D:A3:11:7F:C9:4C:B4:BD:39:94
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018E31AADE78FF4070D83EDD42CCD4DBCF8B
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/91MpPmpzcIGrzj2jEX_JTLS9OZQ.roa
Signing time: Tue 12 Mar 2024 07:57:45 +0000
ROA not before: Tue 12 Mar 2024 07:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 85.9.96.0/20 maxlen: 20
85.9.96.0/21 maxlen: 21
85.9.96.0/22 maxlen: 22
85.9.100.0/22 maxlen: 22
85.9.104.0/21 maxlen: 21
85.9.106.0/24 maxlen: 24
85.9.111.0/24 maxlen: 24
85.9.112.0/22 maxlen: 22
85.9.113.0/24 maxlen: 24
85.9.120.0/21 maxlen: 21
85.9.120.0/22 maxlen: 22
85.9.124.0/22 maxlen: 22
185.126.0.0/20 maxlen: 20
185.126.0.0/21 maxlen: 21
185.126.0.0/22 maxlen: 22
185.126.0.0/24 maxlen: 24
185.126.1.0/24 maxlen: 24
185.126.2.0/24 maxlen: 24
185.126.3.0/24 maxlen: 24
185.126.4.0/24 maxlen: 24
185.126.5.0/24 maxlen: 24
185.126.6.0/24 maxlen: 24
185.126.7.0/24 maxlen: 24
185.126.8.0/21 maxlen: 21
185.126.8.0/24 maxlen: 24
185.126.9.0/24 maxlen: 24
185.126.10.0/24 maxlen: 24
185.126.11.0/24 maxlen: 24
185.126.12.0/24 maxlen: 24
185.126.13.0/24 maxlen: 24
185.126.14.0/24 maxlen: 24
185.126.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Apr 2024 08:35:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:aa:de:78:ff:40:70:d8:3e:dd:42:cc:d4:db:cf:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Mar 12 07:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f753293e6a737081abce3da3117fc94cb4bd3994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:68:3b:a2:0d:97:9c:3a:b3:96:9c:0d:f5:5d:
1d:b5:7b:7a:86:76:5a:d5:16:c6:88:ba:0b:cc:de:
6a:42:75:a1:b6:c7:37:49:ed:58:d5:77:f8:af:27:
6c:d9:2d:22:81:7a:f5:0a:45:2b:d4:3e:bf:65:c5:
1f:9c:64:f6:86:da:08:86:a0:b0:27:df:3a:3c:53:
09:2b:78:a5:42:f3:50:70:3e:8f:28:8a:fc:f4:72:
53:4b:1c:e9:da:5e:e3:de:42:0e:8c:96:23:f7:26:
a7:04:d6:d6:63:5b:1f:f9:9f:dd:c4:88:04:2d:32:
b6:3e:1e:61:19:9b:a4:77:cb:b7:5e:94:79:82:32:
58:24:6c:8a:a2:38:c3:58:cc:70:78:dd:f3:72:d5:
2b:8c:7c:f7:06:e8:05:4d:0f:85:26:49:34:ee:e6:
5b:a8:20:af:49:16:58:db:36:aa:39:3e:e4:06:d8:
7c:fa:df:20:13:3b:3b:72:80:70:5e:27:5c:8c:cf:
9e:3d:1d:20:f0:01:97:24:bd:bd:44:e7:1a:eb:5a:
52:72:47:96:f0:90:fd:13:05:25:46:c3:83:2a:92:
f1:da:e2:1e:ec:67:b5:66:8e:be:5b:78:88:01:7e:
12:f1:36:19:51:09:7c:9f:f3:1e:03:2a:a3:2d:9b:
89:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:53:29:3E:6A:73:70:81:AB:CE:3D:A3:11:7F:C9:4C:B4:BD:39:94
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/91MpPmpzcIGrzj2jEX_JTLS9OZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.96.0-85.9.115.255
85.9.120.0/21
185.126.0.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:9a:b3:34:83:f0:1d:80:7d:aa:c1:28:40:f0:85:36:49:65:
c6:82:41:10:69:7d:62:f9:4b:d6:57:b1:c7:29:14:69:80:b1:
fb:e2:fe:ca:00:95:02:f6:81:60:26:de:dd:e2:dc:78:3f:23:
96:75:3b:98:49:81:99:9f:18:29:df:56:db:57:41:ba:4e:f7:
dc:15:60:d9:de:f5:0b:a1:4d:22:15:dd:e0:74:77:33:22:63:
fc:12:a9:a3:c0:6d:01:a8:d0:35:35:0f:44:86:54:69:a2:1f:
b3:a2:2a:35:a6:71:a0:7f:98:a7:c4:07:5b:b1:eb:24:ee:88:
a1:56:dc:5d:c6:5e:67:78:dd:b1:74:91:eb:4a:eb:f2:7b:e6:
80:f7:ff:1c:e7:56:65:f6:05:78:08:ba:4b:da:47:c6:25:6b:
9f:af:48:94:d9:96:c4:0c:15:b9:65:74:6f:7a:81:e1:b7:66:
69:f5:96:59:ca:0a:85:03:85:0c:ac:2c:b3:10:b7:d1:44:03:
20:07:2b:60:7c:a0:c6:cf:66:04:4c:a8:d0:ae:ad:49:82:d3:
f9:cb:26:1b:f8:19:f8:2c:ac:02:bb:b8:62:66:86:d5:9d:73:
cd:d9:9e:f9:be:9e:26:1c:a7:8c:df:7a:d2:db:41:8c:db:a0:
be:26:28:4e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY4xqt54/0Bw2D7dQszU28+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMzEyMDc1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzUzMjkzZTZhNzM3MDgxYWJjZTNkYTMxMTdmYzk0Y2I0YmQzOTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmg7og2XnDqzlpwN9V0dtXt6hnZa
1RbGiLoLzN5qQnWhtsc3Se1Y1Xf4ryds2S0igXr1CkUr1D6/ZcUfnGT2htoIhqCw
J986PFMJK3ilQvNQcD6PKIr89HJTSxzp2l7j3kIOjJYj9yanBNbWY1sf+Z/dxIgE
LTK2Ph5hGZukd8u3XpR5gjJYJGyKojjDWMxweN3zctUrjHz3BugFTQ+FJkk07uZb
qCCvSRZY2zaqOT7kBth8+t8gEzs7coBwXidcjM+ePR0g8AGXJL29ROca61pSckeW
8JD9EwUlRsODKpLx2uIe7Ge1Zo6+W3iIAX4S8TYZUQl8n/MeAyqjLZuJVQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPdTKT5qc3CBq849oxF/yUy0vTmUMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvOTFNcFBtcHpjSUdyemoyakVYX0pUTFM5T1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAVVCWAD
BAJVCXADBANVCXgDBAS5fgAwDQYJKoZIhvcNAQELBQADggEBAKCaszSD8B2AfarB
KEDwhTZJZcaCQRBpfWL5S9ZXsccpFGmAsfvi/soAlQL2gWAm3t3i3Hg/I5Z1O5hJ
gZmfGCnfVttXQbpO99wVYNne9QuhTSIV3eB0dzMiY/wSqaPAbQGo0DU1D0SGVGmi
H7OiKjWmcaB/mKfEB1ux6yTuiKFW3F3GXmd43bF0ketK6/J75oD3/xznVmX2BXgI
ukvaR8Yla5+vSJTZlsQMFblldG96geG3Zmn1llnKCoUDhQysLLMQt9FEAyAHK2B8
oMbPZgRMqNCurUmC0/nLJhv4GfgsrAK7uGJmhtWdc83Znvm+niYcp4zfetLbQYzb
oL4mKE4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org