Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/q0Q7WOX-t1nXEdMsFDLE3KXMuVA.roa
File: q0Q7WOX-t1nXEdMsFDLE3KXMuVA.roa (raw, json)
Hash identifier: Cbt1PEWtcS2kqYtYq7zDIjuYmKr6xv0SDdL/L6Ssxko=
Subject key identifier: AB:44:3B:58:E5:FE:B7:59:D7:11:D3:2C:14:32:C4:DC:A5:CC:B9:50
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018CC348C1DA9B9619115489FDA216F6AB6D
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/q0Q7WOX-t1nXEdMsFDLE3KXMuVA.roa
Signing time: Mon 01 Jan 2024 04:29:34 +0000
ROA not before: Mon 01 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 85.9.96.0/20 maxlen: 20
85.9.96.0/21 maxlen: 21
85.9.104.0/21 maxlen: 21
85.9.106.0/24 maxlen: 24
185.126.3.0/24 maxlen: 24
185.126.2.0/24 maxlen: 24
185.126.4.0/24 maxlen: 24
185.126.0.0/24 maxlen: 24
185.126.0.0/22 maxlen: 22
185.126.0.0/20 maxlen: 20
185.126.1.0/24 maxlen: 24
185.126.0.0/21 maxlen: 21
185.126.10.0/24 maxlen: 24
185.126.9.0/24 maxlen: 24
185.126.11.0/24 maxlen: 24
185.126.7.0/24 maxlen: 24
185.126.6.0/24 maxlen: 24
185.126.8.0/24 maxlen: 24
185.126.8.0/21 maxlen: 21
185.126.5.0/24 maxlen: 24
185.126.13.0/24 maxlen: 24
185.126.15.0/24 maxlen: 24
185.126.14.0/24 maxlen: 24
185.126.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 13:20:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c1:da:9b:96:19:11:54:89:fd:a2:16:f6:ab:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab443b58e5feb759d711d32c1432c4dca5ccb950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1f:58:62:9e:af:a7:ad:5c:61:dd:f3:3d:be:
4f:ca:d9:b4:75:7b:26:e3:e8:19:64:39:ef:7a:17:
36:d0:57:39:20:db:ee:4c:a8:09:1e:4c:91:26:56:
92:e2:7d:ab:10:e6:88:76:e6:9f:99:45:ee:77:0e:
27:95:7e:4b:35:5d:8e:62:9b:38:26:c2:83:dc:e9:
e3:3f:41:37:48:91:b7:30:09:95:05:df:9c:16:ef:
11:f4:f5:9d:48:80:39:a3:f3:ad:dd:17:0a:13:da:
28:49:e4:cc:06:ea:a7:7f:31:fa:07:11:ed:35:f9:
69:f8:0e:28:94:1f:13:87:90:0a:53:ef:a9:d6:0e:
b6:a5:6f:c8:fc:08:64:64:36:39:03:f3:b8:45:91:
34:7c:66:38:96:42:6e:81:35:25:6e:38:13:4d:dc:
44:1a:f2:73:60:e8:62:6f:4f:d5:07:e0:94:6c:70:
e3:f9:a9:82:a6:66:17:ee:74:69:76:e6:3a:3e:a1:
5a:53:bd:cc:53:90:d1:e7:16:54:b5:32:61:b5:d3:
8a:53:c8:04:45:34:d3:3d:81:7d:39:2a:6e:49:60:
3e:d2:4f:a7:38:e3:ac:8c:cb:c0:e7:b3:59:9e:71:
38:c4:6b:2d:07:eb:60:56:56:de:04:d8:19:2c:08:
da:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:44:3B:58:E5:FE:B7:59:D7:11:D3:2C:14:32:C4:DC:A5:CC:B9:50
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/q0Q7WOX-t1nXEdMsFDLE3KXMuVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.96.0/20
185.126.0.0/20
Signature Algorithm: sha256WithRSAEncryption
61:24:52:ea:25:ea:0c:dd:2c:e1:63:16:68:18:9e:ca:63:84:
52:0b:14:ef:21:60:5e:a3:92:02:35:07:46:d1:e8:4e:38:92:
a3:c3:b1:6c:bc:eb:4d:20:4c:f4:e2:86:59:ce:db:c4:c7:dd:
d1:de:d5:2d:00:ab:b1:13:22:74:7e:fc:12:9c:09:05:1b:61:
5d:b3:f8:7d:9c:a0:cc:9e:51:a2:fb:54:fc:54:44:ba:d2:4b:
94:2b:66:cd:2d:51:64:ef:f9:62:f2:9c:d1:a0:07:3c:5d:2d:
78:87:9b:59:90:77:bf:a3:cc:7e:71:66:bb:dc:0a:eb:6b:9a:
26:60:da:f4:60:69:35:5f:43:ad:82:93:66:34:47:d5:c6:40:
3b:96:06:93:ff:22:5c:4d:77:e3:f8:2a:cd:89:0b:69:5f:57:
8d:f3:87:37:82:81:ba:05:cc:cd:04:92:26:90:3f:73:38:ca:
fd:ca:89:ef:73:7e:74:1b:9a:0e:15:11:ef:31:c5:d4:ba:91:
0c:6d:54:e7:10:2e:a5:c5:cf:6d:f1:0b:3c:43:91:45:d3:07:
76:1b:8d:04:40:c7:15:67:5d:e3:61:cf:42:15:5c:bf:18:46:
c7:56:36:bc:93:c6:10:9b:56:e5:62:05:9b:b5:0f:d8:d2:37:
42:7e:21:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSMHam5YZEVSJ/aIW9qttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjQ0M2I1OGU1ZmViNzU5ZDcxMWQzMmMxNDMyYzRkY2E1Y2NiOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR9YYp6vp61cYd3zPb5Pytm0dXsm
4+gZZDnvehc20Fc5INvuTKgJHkyRJlaS4n2rEOaIduafmUXudw4nlX5LNV2OYps4
JsKD3OnjP0E3SJG3MAmVBd+cFu8R9PWdSIA5o/Ot3RcKE9ooSeTMBuqnfzH6BxHt
Nflp+A4olB8Th5AKU++p1g62pW/I/AhkZDY5A/O4RZE0fGY4lkJugTUlbjgTTdxE
GvJzYOhib0/VB+CUbHDj+amCpmYX7nRpduY6PqFaU73MU5DR5xZUtTJhtdOKU8gE
RTTTPYF9OSpuSWA+0k+nOOOsjMvA57NZnnE4xGstB+tgVlbeBNgZLAja8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKtEO1jl/rdZ1xHTLBQyxNylzLlQMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvcTBRN1dPWC10MW5YRWRNc0ZETEUzS1hNdVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEVQlgAwQE
uX4AMA0GCSqGSIb3DQEBCwUAA4IBAQBhJFLqJeoM3SzhYxZoGJ7KY4RSCxTvIWBe
o5ICNQdG0ehOOJKjw7FsvOtNIEz04oZZztvEx93R3tUtAKuxEyJ0fvwSnAkFG2Fd
s/h9nKDMnlGi+1T8VES60kuUK2bNLVFk7/li8pzRoAc8XS14h5tZkHe/o8x+cWa7
3Arra5omYNr0YGk1X0OtgpNmNEfVxkA7lgaT/yJcTXfj+CrNiQtpX1eN84c3goG6
BczNBJImkD9zOMr9yonvc350G5oOFRHvMcXUupEMbVTnEC6lxc9t8Qs8Q5FF0wd2
G40EQMcVZ13jYc9CFVy/GEbHVja8k8YQm1blYgWbtQ/Y0jdCfiEN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org