Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/W-KBiWxXivhO5afFYnQ8Pcv9NhE.roa
File: W-KBiWxXivhO5afFYnQ8Pcv9NhE.roa (raw, json)
Hash identifier: vHTSmeWWuyQpcSdr/LiU++Sqxdp842zwQ6b7W6hiIDc=
Subject key identifier: 5B:E2:81:89:6C:57:8A:F8:4E:E5:A7:C5:62:74:3C:3D:CB:FD:36:11
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018943A62E1AF00FB6880DBFB4F19B50199B
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/W-KBiWxXivhO5afFYnQ8Pcv9NhE.roa
Signing time: Tue 11 Jul 2023 06:31:51 +0000
ROA not before: Tue 11 Jul 2023 06:31:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34918
IP address blocks: 85.9.96.0/20 maxlen: 20
85.9.96.0/21 maxlen: 21
185.126.2.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.1.0/24 maxlen: 24
185.126.0.0/21 maxlen: 21
85.9.104.0/21 maxlen: 21
185.126.8.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 13 Jul 2023 06:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:43:a6:2e:1a:f0:0f:b6:88:0d:bf:b4:f1:9b:50:19:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jul 11 06:31:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5be281896c578af84ee5a7c562743c3dcbfd3611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bb:0e:ca:fc:0e:28:ac:eb:5e:e3:88:76:0e:
b5:41:c7:f7:cd:f5:28:d5:1e:12:f7:32:d6:cd:c6:
35:9f:ce:1a:55:8a:34:6b:2c:75:13:bb:13:16:ce:
2b:5c:c6:76:95:3e:17:9b:f5:b1:38:c2:26:fc:62:
36:c1:78:b6:53:89:ee:fe:53:1a:5e:90:27:12:b4:
df:2b:15:9d:5a:85:d6:b3:b6:4f:15:a3:03:c4:f4:
46:f9:1c:61:81:04:19:e5:2c:08:77:7d:3c:59:c6:
ea:cd:29:38:d1:14:21:af:72:e0:9c:57:3b:21:61:
4e:e1:ef:03:dd:49:af:2f:9e:a3:c5:c3:11:db:0c:
4f:c6:d3:f0:76:e8:34:27:65:13:37:b7:bb:c8:df:
88:6a:d2:21:82:27:4b:f6:26:00:9e:ae:60:02:0e:
79:4c:a5:90:98:f6:96:b5:81:20:74:92:08:82:ee:
e2:c9:bc:57:4c:33:e2:cd:32:dc:75:f9:05:bb:57:
49:07:06:6c:bc:39:7e:a5:ae:f7:af:d9:3a:7b:19:
f2:58:a1:8d:3b:13:44:7a:a8:89:08:28:6a:db:ba:
40:51:cf:05:d1:59:71:a5:78:e2:de:2c:93:22:35:
2a:1c:81:b0:88:0b:34:bb:91:65:c2:72:96:c2:df:
9a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E2:81:89:6C:57:8A:F8:4E:E5:A7:C5:62:74:3C:3D:CB:FD:36:11
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/W-KBiWxXivhO5afFYnQ8Pcv9NhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.96.0/20
185.126.0.0/20
Signature Algorithm: sha256WithRSAEncryption
12:14:07:b0:f0:16:7f:96:8c:ea:7d:b3:db:da:2f:36:d4:32:
8e:4d:8d:11:e3:35:ca:17:ee:26:fd:d7:9b:52:49:27:bd:6b:
0b:a1:06:b0:36:fe:cc:f6:19:ec:46:e6:58:dc:9e:e0:57:13:
ae:ee:d4:7a:94:f7:9f:13:0e:cf:ec:66:e7:15:01:0c:41:8a:
55:b7:92:f8:0a:9b:e2:1f:36:4e:f5:5f:32:2b:56:db:1f:46:
ee:9f:95:ca:1a:0e:c2:f1:94:2f:7b:1d:fd:b2:04:0b:01:c7:
a1:5c:f1:7b:31:80:b1:ba:47:4c:6c:d3:8e:1e:f9:c8:c1:8d:
c3:36:01:f7:7e:62:74:98:39:33:f8:59:88:ad:52:d6:8c:2d:
2a:eb:c1:d0:d1:f6:e9:f4:10:e9:9f:00:49:8c:45:ec:f1:61:
aa:f0:dc:2c:9a:be:47:a3:cd:a5:e8:22:b0:08:bc:c9:3b:9b:
f7:6b:8c:2e:0e:c3:ca:a6:6f:ae:e9:f8:8a:cb:ab:74:4a:ec:
74:5f:1f:8b:5f:60:11:77:5f:e3:6a:07:70:a0:dc:28:93:05:
2a:b7:c7:d9:86:42:cd:4c:73:80:6f:77:5d:1f:cc:f1:e5:84:
99:89:7c:2a:35:b3:75:85:27:17:ab:92:cf:ec:28:ee:b1:6f:
a4:79:f7:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlDpi4a8A+2iA2/tPGbUBmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwNzExMDYzMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmUyODE4OTZjNTc4YWY4NGVlNWE3YzU2Mjc0M2MzZGNiZmQzNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobsOyvwOKKzrXuOIdg61Qcf3zfUo
1R4S9zLWzcY1n84aVYo0ayx1E7sTFs4rXMZ2lT4Xm/WxOMIm/GI2wXi2U4nu/lMa
XpAnErTfKxWdWoXWs7ZPFaMDxPRG+RxhgQQZ5SwId308WcbqzSk40RQhr3LgnFc7
IWFO4e8D3UmvL56jxcMR2wxPxtPwdug0J2UTN7e7yN+IatIhgidL9iYAnq5gAg55
TKWQmPaWtYEgdJIIgu7iybxXTDPizTLcdfkFu1dJBwZsvDl+pa73r9k6exnyWKGN
OxNEeqiJCChq27pAUc8F0VlxpXji3iyTIjUqHIGwiAs0u5FlwnKWwt+a3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFvigYlsV4r4TuWnxWJ0PD3L/TYRMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvVy1LQmlXeFhpdmhPNWFmRlluUThQY3Y5TmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEVQlgAwQE
uX4AMA0GCSqGSIb3DQEBCwUAA4IBAQASFAew8BZ/lozqfbPb2i821DKOTY0R4zXK
F+4m/debUkknvWsLoQawNv7M9hnsRuZY3J7gVxOu7tR6lPefEw7P7GbnFQEMQYpV
t5L4CpviHzZO9V8yK1bbH0bun5XKGg7C8ZQvex39sgQLAcehXPF7MYCxukdMbNOO
HvnIwY3DNgH3fmJ0mDkz+FmIrVLWjC0q68HQ0fbp9BDpnwBJjEXs8WGq8Nwsmr5H
o82l6CKwCLzJO5v3a4wuDsPKpm+u6fiKy6t0Sux0Xx+LX2ARd1/jagdwoNwokwUq
t8fZhkLNTHOAb3ddH8zx5YSZiXwqNbN1hScXq5LP7CjusW+kefcB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org