Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/IBTWwpRvIfGmwZmOYRmLP5lrbIQ.roa
File: IBTWwpRvIfGmwZmOYRmLP5lrbIQ.roa (raw, json)
Hash identifier: HwbfN4NZP38Te1RI6AshI+nvLULOiMuow/QT7+lC5Nk=
Subject key identifier: 20:14:D6:C2:94:6F:21:F1:A6:C1:99:8E:61:19:8B:3F:99:6B:6C:84
Certificate issuer: /CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Certificate serial: 01856F14D9F7EC61E3D1E3BDDBED3C1D0DF1
Authority key identifier: 19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/IBTWwpRvIfGmwZmOYRmLP5lrbIQ.roa
Signing time: Sun 01 Jan 2023 20:45:15 +0000
ROA not before: Sun 01 Jan 2023 20:45:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206991
IP address blocks: 85.95.240.0/24 maxlen: 24
85.95.239.0/24 maxlen: 24
85.95.238.0/24 maxlen: 24
85.95.237.0/24 maxlen: 24
85.95.244.0/24 maxlen: 24
85.95.243.0/24 maxlen: 24
85.95.242.0/24 maxlen: 24
85.95.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:d9:f7:ec:61:e3:d1:e3:bd:db:ed:3c:1d:0d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Validity
Not Before: Jan 1 20:45:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2014d6c2946f21f1a6c1998e61198b3f996b6c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d5:35:1b:6d:b8:e5:b8:14:21:a8:f0:e9:e6:
a7:03:aa:3f:1f:15:7a:e5:c6:1b:a7:ec:28:5d:b5:
0c:4c:25:d0:dc:db:74:12:ce:fa:64:b8:08:c2:07:
fe:11:43:39:04:5f:83:48:8d:fe:c4:62:f8:b7:c3:
5d:07:78:99:e0:9b:76:f6:83:de:78:ef:7b:97:69:
87:9d:d0:7c:bd:92:2d:4b:ab:1a:c9:9f:eb:81:6c:
5c:e3:4b:2e:b8:83:2a:7a:dd:3c:e0:fa:a6:87:07:
44:ff:41:0b:ce:be:16:a1:69:90:c6:c3:08:1c:f0:
23:5a:09:c0:59:1d:4b:d2:4f:2b:cb:02:59:d6:5d:
79:68:1a:64:f5:69:1e:2a:89:d4:0c:91:c5:a8:ca:
b5:3c:5b:da:34:de:97:3b:35:c8:77:1d:07:bb:06:
cd:99:64:ce:0c:61:5c:9e:1e:05:1c:c2:d6:76:f7:
e4:61:0a:bc:e1:1e:56:b1:b2:b8:28:94:9f:23:21:
94:4c:9a:89:a4:e2:3a:28:9b:7a:8f:8f:e4:40:4c:
f8:9d:92:db:65:78:e1:26:87:1d:cd:a7:34:a3:8e:
df:95:4d:69:ec:93:b7:cb:90:5a:c5:8f:c7:1c:16:
94:6c:90:02:9d:27:bf:da:60:e1:c4:a7:3c:79:37:
3c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:14:D6:C2:94:6F:21:F1:A6:C1:99:8E:61:19:8B:3F:99:6B:6C:84
X509v3 Authority Key Identifier:
keyid:19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/IBTWwpRvIfGmwZmOYRmLP5lrbIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.95.237.0-85.95.244.255
Signature Algorithm: sha256WithRSAEncryption
50:5f:e7:13:0b:fe:7b:e3:85:3d:f0:e0:27:48:0a:72:4c:c6:
2a:df:67:d1:18:35:0f:7f:71:4c:87:ec:86:88:21:cc:8f:5a:
90:a8:5b:26:06:7a:63:cc:38:a5:ba:cd:cd:df:a3:e1:43:b7:
c0:ea:45:d3:8b:c8:98:90:cb:1c:16:26:0f:13:9d:dc:11:4f:
72:7c:b7:e1:9e:b6:e9:50:0d:61:94:24:2b:7f:bf:82:b1:fc:
f6:dd:72:38:bb:07:6f:8a:fb:c5:3c:cd:9e:9e:54:e9:0f:08:
9e:86:24:41:96:e4:7f:85:9e:c7:38:56:24:36:fd:9f:36:b7:
ee:7d:f4:d8:a7:49:cd:58:6a:8c:53:af:20:eb:f8:1f:3b:f0:
51:e3:62:ec:85:29:8f:fe:3f:30:f3:66:c1:58:d6:dc:2f:30:
56:96:27:23:3a:d2:ae:5a:c9:b2:c9:04:02:e6:df:2e:4e:12:
98:a6:2a:9b:a3:4f:e7:54:0a:0f:a5:bb:78:c2:aa:1c:c7:a6:
0b:81:e6:33:d2:5c:8f:43:40:e2:07:ac:fb:d8:c9:92:49:ec:
81:8b:e5:8a:7a:0d:92:41:82:7e:c1:b5:f9:f2:32:13:c5:09:
09:3a:b5:d9:72:93:24:e8:db:87:84:29:e7:f3:68:66:7b:18:
4e:7f:6d:ae
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvFNn37GHj0eO92+08HQ3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZjFhOWRkMTI2ZjM3MjM3Y2UyMDBmYjg2MTZmZjkzN2Jj
YTk2NmMwHhcNMjMwMTAxMjA0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDE0ZDZjMjk0NmYyMWYxYTZjMTk5OGU2MTE5OGIzZjk5NmI2Yzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNU1G2245bgUIajw6eanA6o/HxV6
5cYbp+woXbUMTCXQ3Nt0Es76ZLgIwgf+EUM5BF+DSI3+xGL4t8NdB3iZ4Jt29oPe
eO97l2mHndB8vZItS6sayZ/rgWxc40suuIMqet084PqmhwdE/0ELzr4WoWmQxsMI
HPAjWgnAWR1L0k8rywJZ1l15aBpk9WkeKonUDJHFqMq1PFvaNN6XOzXIdx0HuwbN
mWTODGFcnh4FHMLWdvfkYQq84R5WsbK4KJSfIyGUTJqJpOI6KJt6j4/kQEz4nZLb
ZXjhJocdzac0o47flU1p7JO3y5BaxY/HHBaUbJACnSe/2mDhxKc8eTc8dQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCAU1sKUbyHxpsGZjmEZiz+Za2yEMB8GA1UdIwQY
MBaAFBnxqd0SbzcjfOIA+4YW/5N7ypZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZHcDNSSnZOeU44NGdEN2hoYl9rM3ZLbG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE2M2QtMTczMC00ZDg4LWFiMzgt
M2ZkMzA5ODhmNjc3LzEvSUJUV3dwUnZJZkdtd1ptT1lSbUxQNWxyYklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE2M2QtMTczMC00ZDg4LWFiMzgtM2ZkMzA5ODhmNjc3
LzEvR2ZHcDNSSnZOeU44NGdEN2hoYl9rM3ZLbG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABVX+0D
BABVX/QwDQYJKoZIhvcNAQELBQADggEBAFBf5xML/nvjhT3w4CdICnJMxirfZ9EY
NQ9/cUyH7IaIIcyPWpCoWyYGemPMOKW6zc3fo+FDt8DqRdOLyJiQyxwWJg8TndwR
T3J8t+GetulQDWGUJCt/v4Kx/Pbdcji7B2+K+8U8zZ6eVOkPCJ6GJEGW5H+Fnsc4
ViQ2/Z82t+599NinSc1YaoxTryDr+B878FHjYuyFKY/+PzDzZsFY1twvMFaWJyM6
0q5aybLJBALm3y5OEpimKpujT+dUCg+lu3jCqhzHpguB5jPSXI9DQOIHrPvYyZJJ
7IGL5Yp6DZJBgn7BtfnyMhPFCQk6tdlykyTo24eEKefzaGZ7GE5/ba4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:14 2024 by rpki-client on console-ams.rpki-client.org