Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ngXpvjFzH4GvfFswGPYtjlchuvc.roa
File: ngXpvjFzH4GvfFswGPYtjlchuvc.roa (raw, json)
Hash identifier: KQThv+/ErqfElXwnOxNTk6XCcTEM/aMmtC88XKsudqY=
Subject key identifier: 9E:05:E9:BE:31:73:1F:81:AF:7C:5B:30:18:F6:2D:8E:57:21:BA:F7
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018DBC532565CED9D882572F7CE373720221
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ngXpvjFzH4GvfFswGPYtjlchuvc.roa
Signing time: Sun 18 Feb 2024 13:06:22 +0000
ROA not before: Sun 18 Feb 2024 13:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 85.9.96.0/20 maxlen: 20
85.9.96.0/21 maxlen: 21
85.9.104.0/21 maxlen: 21
85.9.106.0/24 maxlen: 24
85.9.111.0/24 maxlen: 24
85.9.112.0/22 maxlen: 22
85.9.120.0/21 maxlen: 21
185.126.0.0/20 maxlen: 20
185.126.0.0/21 maxlen: 21
185.126.0.0/22 maxlen: 22
185.126.0.0/24 maxlen: 24
185.126.1.0/24 maxlen: 24
185.126.2.0/24 maxlen: 24
185.126.3.0/24 maxlen: 24
185.126.4.0/24 maxlen: 24
185.126.5.0/24 maxlen: 24
185.126.6.0/24 maxlen: 24
185.126.7.0/24 maxlen: 24
185.126.8.0/21 maxlen: 21
185.126.8.0/24 maxlen: 24
185.126.9.0/24 maxlen: 24
185.126.10.0/24 maxlen: 24
185.126.11.0/24 maxlen: 24
185.126.12.0/24 maxlen: 24
185.126.13.0/24 maxlen: 24
185.126.14.0/24 maxlen: 24
185.126.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 08:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bc:53:25:65:ce:d9:d8:82:57:2f:7c:e3:73:72:02:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Feb 18 13:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e05e9be31731f81af7c5b3018f62d8e5721baf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fe:c0:93:32:84:20:0a:98:6f:7a:36:ac:96:
34:36:eb:61:88:48:bd:60:62:bf:c7:05:ea:3e:0a:
b0:b6:56:e0:76:d5:dd:2e:aa:df:46:d0:46:73:d9:
33:e4:a7:54:0f:ce:0c:6c:27:df:89:90:12:0a:bf:
dc:48:54:15:a4:c7:af:dc:1d:6b:d1:d6:53:3e:50:
c8:28:35:44:48:a4:e1:66:55:48:71:eb:41:82:9f:
07:0c:ee:81:fc:b5:06:5a:ac:1d:a0:b1:6c:a3:68:
5d:b5:98:33:87:49:b8:30:2e:bc:8a:b3:93:6f:f7:
fc:28:f9:f3:8d:7c:23:30:36:c9:a6:69:05:40:03:
8b:92:b5:f5:e0:0d:45:82:bc:dd:7d:fc:f3:3c:14:
7b:bc:fe:33:88:4e:44:3e:06:23:73:70:a9:a5:cd:
d2:f8:d4:51:05:b6:16:0e:b5:f9:69:4e:a1:e6:6a:
72:c9:11:0d:b0:a7:21:d8:36:13:cf:9a:bf:ca:d1:
9f:b1:18:ab:5a:4b:00:db:c3:36:e6:67:59:42:c0:
c3:d0:7a:79:ba:67:19:fa:df:6a:99:ce:fb:b1:06:
7f:bd:37:fb:60:a7:52:8d:ae:1d:fc:91:0a:67:8b:
05:b1:24:56:ba:55:94:03:0d:55:1f:ad:34:59:62:
9a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:05:E9:BE:31:73:1F:81:AF:7C:5B:30:18:F6:2D:8E:57:21:BA:F7
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ngXpvjFzH4GvfFswGPYtjlchuvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.96.0-85.9.115.255
85.9.120.0/21
185.126.0.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:ba:0f:b2:73:e8:4a:58:15:2b:12:3b:76:af:f6:18:7d:f1:
b0:95:f8:ed:71:9c:00:7c:58:8c:88:ea:b1:0e:62:88:d1:2e:
39:42:73:52:c4:90:f6:9f:38:0c:5d:4c:22:87:fd:3c:3f:35:
61:4c:7b:5f:c0:dd:60:ee:14:7a:43:c7:ed:78:77:eb:ad:8f:
5a:4f:fc:46:76:37:72:cc:9c:10:91:6e:44:ac:e2:52:15:66:
4f:fa:e8:0b:d6:03:63:0c:86:26:34:62:3c:e5:a6:8c:ee:db:
70:8b:63:e1:fe:c4:2f:76:79:a8:34:dc:b5:39:db:f8:2a:98:
67:51:d9:3b:1c:02:db:7a:1b:c2:e2:c0:02:74:e2:6c:4d:04:
74:02:ec:13:0d:8c:8a:96:b0:bd:bd:2f:17:97:36:8e:f6:02:
4a:49:c6:30:08:78:4a:75:6b:03:ee:6a:55:88:d1:60:4d:8e:
49:1b:66:e2:66:68:4d:8f:55:21:84:af:2d:54:1d:5f:9a:1c:
1c:9d:ad:3d:bc:91:2e:f8:c2:e2:f1:12:56:8c:f9:e3:8a:bb:
fb:07:1a:e0:d6:ab:c9:29:36:1b:09:d2:96:a0:f3:57:93:0d:
31:e9:dc:0e:47:a3:9c:48:44:81:32:70:ce:8d:65:29:f0:1a:
6c:02:78:a6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY28UyVlztnYglcvfONzcgIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMjE4MTMwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA1ZTliZTMxNzMxZjgxYWY3YzViMzAxOGY2MmQ4ZTU3MjFiYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/7AkzKEIAqYb3o2rJY0NuthiEi9
YGK/xwXqPgqwtlbgdtXdLqrfRtBGc9kz5KdUD84MbCffiZASCr/cSFQVpMev3B1r
0dZTPlDIKDVESKThZlVIcetBgp8HDO6B/LUGWqwdoLFso2hdtZgzh0m4MC68irOT
b/f8KPnzjXwjMDbJpmkFQAOLkrX14A1FgrzdffzzPBR7vP4ziE5EPgYjc3Cppc3S
+NRRBbYWDrX5aU6h5mpyyRENsKch2DYTz5q/ytGfsRirWksA28M25mdZQsDD0Hp5
umcZ+t9qmc77sQZ/vTf7YKdSja4d/JEKZ4sFsSRWulWUAw1VH600WWKa/wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJ4F6b4xcx+Br3xbMBj2LY5XIbr3MB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvbmdYcHZqRnpINEd2ZkZzd0dQWXRqbGNodXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAVVCWAD
BAJVCXADBANVCXgDBAS5fgAwDQYJKoZIhvcNAQELBQADggEBAD+6D7Jz6EpYFSsS
O3av9hh98bCV+O1xnAB8WIyI6rEOYojRLjlCc1LEkPafOAxdTCKH/Tw/NWFMe1/A
3WDuFHpDx+14d+utj1pP/EZ2N3LMnBCRbkSs4lIVZk/66AvWA2MMhiY0Yjzlpozu
23CLY+H+xC92eag03LU52/gqmGdR2TscAtt6G8LiwAJ04mxNBHQC7BMNjIqWsL29
LxeXNo72AkpJxjAIeEp1awPualWI0WBNjkkbZuJmaE2PVSGEry1UHV+aHBydrT28
kS74wuLxElaM+eOKu/sHGuDWq8kpNhsJ0pag81eTDTHp3A5Ho5xIRIEycM6NZSnw
GmwCeKY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org