Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/qxLX_m9GYMSwRmdG3xpSl0LeLbc.roa
File: qxLX_m9GYMSwRmdG3xpSl0LeLbc.roa (raw, json)
Hash identifier: 5Umioc6Iop1paty2X7cgx1i536uLBLSX+Kvq+H3xfhA=
Subject key identifier: AB:12:D7:FE:6F:46:60:C4:B0:46:67:46:DF:1A:52:97:42:DE:2D:B7
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018D10933AD098E65E8862C76EF7A6C9C536
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/qxLX_m9GYMSwRmdG3xpSl0LeLbc.roa
Signing time: Tue 16 Jan 2024 04:41:40 +0000
ROA not before: Tue 16 Jan 2024 04:41:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Jan 2024 03:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:10:93:3a:d0:98:e6:5e:88:62:c7:6e:f7:a6:c9:c5:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 16 04:41:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab12d7fe6f4660c4b0466746df1a529742de2db7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:73:c0:6a:60:39:f0:de:db:48:33:f5:6f:b3:
72:84:1c:8f:81:89:96:e8:38:17:58:58:d6:f1:c2:
bc:93:9f:95:88:e6:0c:8d:25:7c:1d:bb:d8:fc:a5:
db:dd:35:75:b9:8a:3c:e2:34:cf:8b:32:c3:70:6a:
65:6b:97:67:5a:8c:11:d0:c9:3b:25:dc:53:ce:ac:
70:4e:cf:9d:03:a5:8f:d8:6b:f3:02:b4:ec:1f:fd:
ce:01:01:c7:0e:41:08:81:2f:d8:f2:38:a8:f3:5f:
99:f9:57:69:0a:46:0d:82:d5:99:d1:00:92:f0:81:
6d:e8:9d:98:c2:8a:1c:59:76:aa:2e:24:de:6f:46:
bb:2b:ff:6b:99:75:3d:c0:ed:fd:1a:b8:3b:24:a5:
fd:8f:96:67:60:fd:ac:68:b0:45:9a:e8:58:92:16:
f7:e5:fd:7b:a9:8f:bc:8f:43:26:b2:cf:20:e1:27:
cd:2d:ad:b6:bc:2e:fc:0b:3b:b9:2d:38:32:bc:27:
f0:b9:7c:83:41:bb:04:25:f8:f0:91:74:8d:13:ea:
fe:29:9c:54:e8:e9:a1:64:93:d1:0a:4e:a7:3d:02:
32:dd:b8:46:9a:77:84:39:93:da:7c:7a:c6:8d:94:
b0:43:98:e5:8c:f7:a8:97:8f:da:07:41:44:ef:79:
0e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:12:D7:FE:6F:46:60:C4:B0:46:67:46:DF:1A:52:97:42:DE:2D:B7
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/qxLX_m9GYMSwRmdG3xpSl0LeLbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.115.255
185.57.72.0/22
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300e::/48
Signature Algorithm: sha256WithRSAEncryption
7a:2d:ba:3f:b4:0a:55:15:03:09:8c:f6:09:a0:73:dc:0e:7f:
c4:7b:dc:38:a7:f3:ee:53:6b:5b:75:7f:55:bb:3c:c2:a2:a2:
d0:32:e4:96:65:90:e8:9f:ea:97:8f:52:ca:34:72:31:2f:34:
6d:7c:de:f2:8c:eb:35:68:3f:50:26:87:5b:c4:00:7b:6d:c7:
ed:31:cc:5b:3c:a2:29:2b:b7:a6:76:51:ab:49:ec:11:cb:1b:
e7:20:fa:76:9e:f0:d2:b5:34:63:ef:94:2a:ad:fd:94:f4:b8:
f8:43:83:39:ef:67:7b:08:5e:12:89:eb:4d:a5:46:a6:51:bb:
77:06:e8:fd:d6:6a:04:27:9e:0b:47:8a:68:81:3e:d4:38:4d:
e3:c0:46:fe:a6:71:32:19:79:76:4c:ed:9d:ca:46:c3:51:2a:
56:22:54:d6:88:48:c7:d0:43:aa:96:1d:95:e4:21:b1:2b:a8:
84:26:80:75:9c:b0:c9:8e:7b:11:1f:1c:27:ef:47:9a:45:a5:
46:0f:8c:3d:01:19:4b:36:7b:23:87:51:3a:6b:9e:a1:e6:d4:
36:0e:60:cf:42:22:79:13:3d:bd:2f:a7:7d:3d:7e:5b:9f:a6:
24:6b:cf:a8:a3:36:98:e1:fd:b2:83:ec:ee:28:fa:fd:5c:bc:
29:8e:80:1b
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAY0QkzrQmOZeiGLHbvemycU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTE2MDQ0MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjEyZDdmZTZmNDY2MGM0YjA0NjY3NDZkZjFhNTI5NzQyZGUyZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3PAamA58N7bSDP1b7NyhByPgYmW
6DgXWFjW8cK8k5+ViOYMjSV8HbvY/KXb3TV1uYo84jTPizLDcGpla5dnWowR0Mk7
JdxTzqxwTs+dA6WP2GvzArTsH/3OAQHHDkEIgS/Y8jio81+Z+VdpCkYNgtWZ0QCS
8IFt6J2YwoocWXaqLiTeb0a7K/9rmXU9wO39Grg7JKX9j5ZnYP2saLBFmuhYkhb3
5f17qY+8j0Mmss8g4SfNLa22vC78Czu5LTgyvCfwuXyDQbsEJfjwkXSNE+r+KZxU
6OmhZJPRCk6nPQIy3bhGmneEOZPafHrGjZSwQ5jljPeol4/aB0FE73kOWQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFKsS1/5vRmDEsEZnRt8aUpdC3i23MB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvcXhMWF9tOUdZTVN3Um1kRzN4cFNsMExlTGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwPAQCAAEwNjAMAwQFVXVg
AwQCVXVwAwQCuTlIAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDA3
BAIAAjAxMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGAMH
ACoDMsAwDjANBgkqhkiG9w0BAQsFAAOCAQEAei26P7QKVRUDCYz2CaBz3A5/xHvc
OKfz7lNrW3V/Vbs8wqKi0DLklmWQ6J/ql49SyjRyMS80bXze8ozrNWg/UCaHW8QA
e23H7THMWzyiKSu3pnZRq0nsEcsb5yD6dp7w0rU0Y++UKq39lPS4+EODOe9newhe
EonrTaVGplG7dwbo/dZqBCeeC0eKaIE+1DhN48BG/qZxMhl5dkztncpGw1EqViJU
1ohIx9BDqpYdleQhsSuohCaAdZywyY57ER8cJ+9HmkWlRg+MPQEZSzZ7I4dROmue
oebUNg5gz0IieRM9vS+nfT1+W5+mJGvPqKM2mOH9soPs7ij6/Vy8KY6AGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:08 2024 by rpki-client on console-fra.rpki-client.org