Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/qrr9cmQQWMzqkFpEC0868XpgXdM.roa
File: qrr9cmQQWMzqkFpEC0868XpgXdM.roa (raw, json)
Hash identifier: JnsHeYquO6n6RsFL4mH6TyK8g8Ay+gaJB1squqTPAoM=
Subject key identifier: AA:BA:FD:72:64:10:58:CC:EA:90:5A:44:0B:4F:3A:F1:7A:60:5D:D3
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018B661DE186A6556F75A01E4CA951BDC7D7
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/qrr9cmQQWMzqkFpEC0868XpgXdM.roa
Signing time: Wed 25 Oct 2023 09:15:16 +0000
ROA not before: Wed 25 Oct 2023 09:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3177
IP address blocks: 85.9.86.0/23 maxlen: 23
185.131.29.0/24 maxlen: 24
85.9.116.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:1d:e1:86:a6:55:6f:75:a0:1e:4c:a9:51:bd:c7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Oct 25 09:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aabafd72641058ccea905a440b4f3af17a605dd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fa:51:82:4e:76:97:54:01:af:34:33:a2:6d:
46:bd:92:e4:5f:c3:df:e1:b4:a5:ae:62:4b:c3:08:
f6:ea:1b:2d:e4:99:be:7d:17:83:d4:d3:6c:6b:a9:
5c:80:f8:f2:ab:12:4b:33:ea:cf:96:55:4a:47:b7:
fb:f4:8f:4a:ff:77:33:f6:0e:e9:3f:26:6a:d6:c7:
51:f6:c4:39:44:56:04:a8:f7:56:2e:ae:9c:8a:5e:
32:81:9b:d8:43:43:0b:83:94:80:bf:36:fe:e3:b2:
18:74:dc:49:c2:77:b3:a3:93:75:df:ec:db:93:5b:
89:53:bb:db:1b:87:46:32:01:83:1a:78:41:83:8c:
02:c8:d5:45:07:4a:17:78:df:19:d4:c5:de:d1:1d:
76:69:39:b2:0d:8d:82:cd:ad:c8:f8:22:b7:9d:c5:
6d:60:3f:d4:53:8d:16:fb:20:62:47:35:be:9c:83:
60:15:d7:d8:ba:37:75:89:0e:11:da:95:7a:a8:fe:
9c:f7:8a:fe:8a:e9:85:85:d1:5b:6f:34:25:ab:31:
1a:da:1f:c2:3e:7c:80:e4:22:05:e2:0f:e1:1d:63:
96:47:26:99:af:61:0a:92:b4:a9:f0:ef:2c:4d:16:
87:00:06:4f:c6:6f:b2:dd:75:24:cb:8a:b2:9f:f1:
75:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:BA:FD:72:64:10:58:CC:EA:90:5A:44:0B:4F:3A:F1:7A:60:5D:D3
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/qrr9cmQQWMzqkFpEC0868XpgXdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.86.0/23
85.9.116.0/22
185.131.29.0/24
Signature Algorithm: sha256WithRSAEncryption
59:39:42:ea:fd:96:90:05:39:a3:e7:b8:c9:f2:75:38:ee:af:
22:e7:55:5e:3e:8c:3c:5a:53:b9:09:76:e8:ed:59:50:78:be:
c7:6e:64:56:f3:8c:b3:a1:96:6a:d2:df:9b:88:be:c9:60:ed:
21:2c:5d:78:2f:55:2d:a6:e5:22:85:50:f8:fe:68:3d:fa:b3:
6e:fc:b9:0c:9a:08:16:3c:e6:25:e0:7a:ac:8b:ba:48:64:54:
c6:e4:81:87:bb:6e:0e:fc:e4:2e:5d:56:a0:d2:f7:1c:6d:14:
21:5d:35:3b:cc:e0:82:66:73:7b:6d:6b:71:e8:6a:9f:14:73:
fb:98:bd:09:61:56:a7:1f:7e:dc:c6:ce:6b:17:8e:27:f7:8d:
5b:52:4f:68:fc:a9:68:73:55:fa:57:f7:65:12:6f:98:f0:eb:
4f:2a:1c:9d:a6:a4:90:16:9e:69:38:76:70:ad:d6:3b:e5:45:
74:71:ea:c6:2d:5f:03:a2:2a:f2:c3:90:9e:5f:d6:0b:b8:e1:
13:60:8f:61:66:d2:91:cc:40:6f:8f:ed:ec:a1:d7:e5:e6:70:
6f:05:6f:89:3c:ff:6a:19:cc:47:45:f8:e1:7a:a7:de:6f:84:
8a:68:e4:1e:47:1a:1a:69:4e:a7:58:bc:2e:36:06:92:42:f4:
e4:59:b6:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtmHeGGplVvdaAeTKlRvcfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMxMDI1MDkxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWJhZmQ3MjY0MTA1OGNjZWE5MDVhNDQwYjRmM2FmMTdhNjA1ZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfpRgk52l1QBrzQzom1GvZLkX8Pf
4bSlrmJLwwj26hst5Jm+fReD1NNsa6lcgPjyqxJLM+rPllVKR7f79I9K/3cz9g7p
PyZq1sdR9sQ5RFYEqPdWLq6cil4ygZvYQ0MLg5SAvzb+47IYdNxJwnezo5N13+zb
k1uJU7vbG4dGMgGDGnhBg4wCyNVFB0oXeN8Z1MXe0R12aTmyDY2Cza3I+CK3ncVt
YD/UU40W+yBiRzW+nINgFdfYujd1iQ4R2pV6qP6c94r+iumFhdFbbzQlqzEa2h/C
PnyA5CIF4g/hHWOWRyaZr2EKkrSp8O8sTRaHAAZPxm+y3XUky4qyn/F12wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKq6/XJkEFjM6pBaRAtPOvF6YF3TMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvcXJyOWNtUVFXTXpxa0ZwRUMwODY4WHBnWGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVQlWAwQC
VQl0AwQAuYMdMA0GCSqGSIb3DQEBCwUAA4IBAQBZOULq/ZaQBTmj57jJ8nU47q8i
51VePow8WlO5CXbo7VlQeL7HbmRW84yzoZZq0t+biL7JYO0hLF14L1UtpuUihVD4
/mg9+rNu/LkMmggWPOYl4Hqsi7pIZFTG5IGHu24O/OQuXVag0vccbRQhXTU7zOCC
ZnN7bWtx6GqfFHP7mL0JYVanH37cxs5rF44n941bUk9o/Kloc1X6V/dlEm+Y8OtP
KhydpqSQFp5pOHZwrdY75UV0cerGLV8Doiryw5CeX9YLuOETYI9hZtKRzEBvj+3s
odfl5nBvBW+JPP9qGcxHRfjheqfeb4SKaOQeRxoaaU6nWLwuNgaSQvTkWbbh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org