Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/BXR7HfLsXfSXguw7qAXE5vE2tbU.roa
File: BXR7HfLsXfSXguw7qAXE5vE2tbU.roa (raw, json)
Hash identifier: T4/9tRyel/qTWLK9rRRVzJTlJLGZPko1Vwj0432kEXA=
Subject key identifier: 05:74:7B:1D:F2:EC:5D:F4:97:82:EC:3B:A8:05:C4:E6:F1:36:B5:B5
Certificate issuer: /CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Certificate serial: 01856F14D81D00CA4BE92047F281B3E7CD59
Authority key identifier: 19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/BXR7HfLsXfSXguw7qAXE5vE2tbU.roa
Signing time: Sun 01 Jan 2023 20:45:15 +0000
ROA not before: Sun 01 Jan 2023 20:45:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42926
IP address blocks: 85.95.240.0/24 maxlen: 24
85.95.239.0/24 maxlen: 24
85.95.238.0/24 maxlen: 24
85.95.237.0/24 maxlen: 24
85.95.244.0/24 maxlen: 24
85.95.243.0/24 maxlen: 24
85.95.242.0/24 maxlen: 24
85.95.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:d8:1d:00:ca:4b:e9:20:47:f2:81:b3:e7:cd:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Validity
Not Before: Jan 1 20:45:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05747b1df2ec5df49782ec3ba805c4e6f136b5b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:14:4e:92:bb:4a:8a:18:5f:72:55:c9:d1:df:
8e:18:ce:1e:7e:f0:f1:91:93:b5:52:ec:b5:5b:08:
35:d3:08:f4:c0:d7:5b:c3:55:f5:65:52:d2:bd:a6:
34:73:27:86:d5:ac:21:58:b3:f7:4a:ef:84:b8:de:
70:66:cb:b7:02:38:9e:74:4c:e3:68:0c:8e:cc:67:
0b:3b:f5:58:2a:05:ea:eb:f8:87:82:70:d9:46:8f:
7c:a9:0d:ba:89:8f:f2:9e:54:e5:8b:2c:b1:2d:58:
83:3f:d8:99:15:31:37:f6:e9:09:a6:ab:7b:2e:05:
ae:9a:cd:05:65:f1:82:d3:e3:ed:78:da:6f:61:55:
ff:ca:c0:74:e2:5c:d3:b9:58:af:f2:7e:ec:29:31:
a6:99:8d:9f:f0:70:3e:9f:05:8e:d9:6b:72:a0:a3:
b2:8b:cc:c7:9e:0b:f2:a2:1d:8c:a9:3f:7d:e1:13:
8f:0c:cf:d9:af:3b:54:ec:8c:f5:d0:61:22:ba:82:
79:4f:e7:63:09:b5:a2:4b:e5:8a:d2:8d:cc:9c:65:
6c:b5:14:26:d5:ed:6f:29:86:33:f2:5f:96:55:b8:
b7:ec:5e:d5:cf:dd:a3:36:86:55:c7:ba:65:93:93:
98:25:af:af:98:3d:fb:e6:24:67:5f:3d:7e:9c:df:
80:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:74:7B:1D:F2:EC:5D:F4:97:82:EC:3B:A8:05:C4:E6:F1:36:B5:B5
X509v3 Authority Key Identifier:
keyid:19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/BXR7HfLsXfSXguw7qAXE5vE2tbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.95.237.0-85.95.244.255
Signature Algorithm: sha256WithRSAEncryption
11:1d:0e:e5:f8:18:bc:a2:bf:05:9d:70:a4:9f:ec:05:f6:e9:
6b:4e:f2:89:aa:a7:67:8f:fd:25:ba:74:b9:d8:5f:e0:16:bc:
cb:d0:ff:6d:db:04:88:7b:07:bb:ac:1a:b5:5e:7e:4b:8a:85:
76:12:a6:59:c9:a4:b8:8d:aa:cd:21:e2:b8:c1:8f:b5:f1:4c:
4e:2e:b2:ba:7d:43:f2:d1:29:b8:1f:a5:d7:f6:e9:d4:aa:53:
20:9d:c9:0b:57:f4:9c:f4:c6:0f:f5:48:24:b1:07:7d:ef:cd:
c4:6e:c2:25:86:68:30:0a:5a:fd:00:bc:99:f0:6e:f8:72:2c:
6b:9b:c3:8d:15:86:95:a5:55:92:cc:d6:29:7c:82:f6:9f:06:
f6:cd:77:20:c8:f0:ed:98:cd:6a:19:62:ff:a3:42:f0:9a:04:
b9:eb:7e:46:f3:52:6a:c2:be:e8:ea:c6:7b:24:d3:c0:3e:76:
45:bc:d1:1a:05:84:50:6d:12:86:27:e0:85:f8:88:fb:7c:53:
14:fa:49:a1:b1:04:c0:81:dd:d1:dc:3a:da:83:11:51:5d:48:
9e:a8:f0:31:05:6f:f5:16:48:a2:24:42:8c:a7:e0:9c:fc:22:
98:08:72:f1:0a:6e:5f:d0:51:10:9d:36:b1:90:cc:78:ab:04:
dd:49:44:3a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvFNgdAMpL6SBH8oGz581ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZjFhOWRkMTI2ZjM3MjM3Y2UyMDBmYjg2MTZmZjkzN2Jj
YTk2NmMwHhcNMjMwMTAxMjA0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTc0N2IxZGYyZWM1ZGY0OTc4MmVjM2JhODA1YzRlNmYxMzZiNWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBROkrtKihhfclXJ0d+OGM4efvDx
kZO1Uuy1Wwg10wj0wNdbw1X1ZVLSvaY0cyeG1awhWLP3Su+EuN5wZsu3AjiedEzj
aAyOzGcLO/VYKgXq6/iHgnDZRo98qQ26iY/ynlTliyyxLViDP9iZFTE39ukJpqt7
LgWums0FZfGC0+PteNpvYVX/ysB04lzTuViv8n7sKTGmmY2f8HA+nwWO2WtyoKOy
i8zHngvyoh2MqT994ROPDM/ZrztU7Iz10GEiuoJ5T+djCbWiS+WK0o3MnGVstRQm
1e1vKYYz8l+WVbi37F7Vz92jNoZVx7plk5OYJa+vmD375iRnXz1+nN+AcQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAV0ex3y7F30l4LsO6gFxObxNrW1MB8GA1UdIwQY
MBaAFBnxqd0SbzcjfOIA+4YW/5N7ypZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZHcDNSSnZOeU44NGdEN2hoYl9rM3ZLbG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE2M2QtMTczMC00ZDg4LWFiMzgt
M2ZkMzA5ODhmNjc3LzEvQlhSN0hmTHNYZlNYZ3V3N3FBWEU1dkUydGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE2M2QtMTczMC00ZDg4LWFiMzgtM2ZkMzA5ODhmNjc3
LzEvR2ZHcDNSSnZOeU44NGdEN2hoYl9rM3ZLbG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABVX+0D
BABVX/QwDQYJKoZIhvcNAQELBQADggEBABEdDuX4GLyivwWdcKSf7AX26WtO8omq
p2eP/SW6dLnYX+AWvMvQ/23bBIh7B7usGrVefkuKhXYSplnJpLiNqs0h4rjBj7Xx
TE4usrp9Q/LRKbgfpdf26dSqUyCdyQtX9Jz0xg/1SCSxB33vzcRuwiWGaDAKWv0A
vJnwbvhyLGubw40VhpWlVZLM1il8gvafBvbNdyDI8O2YzWoZYv+jQvCaBLnrfkbz
UmrCvujqxnsk08A+dkW80RoFhFBtEoYn4IX4iPt8UxT6SaGxBMCB3dHcOtqDEVFd
SJ6o8DEFb/UWSKIkQoyn4Jz8IpgIcvEKbl/QURCdNrGQzHirBN1JRDo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:20 2024 by rpki-client on console-fra.rpki-client.org