Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/1-vFS41bPFxiyG15IsLC-SEW6h_Q.roa
File: 1-vFS41bPFxiyG15IsLC-SEW6h_Q.roa (raw, json)
Hash identifier: BZsScHeMcglUkRRk9flI/b/b+JxGa04qyIEKyQHCdF0=
Subject key identifier: FA:F1:52:E3:56:CF:17:18:B2:1B:5E:48:B0:B0:BE:48:45:BA:87:F4
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB011B0AD61E5B8F24469A4B66EB2
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/1-vFS41bPFxiyG15IsLC-SEW6h_Q.roa
Signing time: Sun 01 Jan 2023 08:04:51 +0000
ROA not before: Sun 01 Jan 2023 08:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397215
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b0:11:b0:ad:61:e5:b8:f2:44:69:a4:b6:6e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faf152e356cf1718b21b5e48b0b0be4845ba87f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:37:3a:be:e5:ff:c5:d1:31:6c:7b:22:6c:31:
90:60:73:52:e4:ed:4a:3e:fa:d1:32:f2:2b:35:da:
de:11:32:89:e3:7f:7f:74:92:d2:9e:91:76:4c:54:
7c:10:cf:30:a0:35:3e:24:26:31:4c:ae:14:34:c7:
bc:07:a9:0c:b0:1e:a4:0c:18:1a:a5:0b:00:19:d0:
cc:e0:37:93:83:f4:55:e7:c0:b3:8c:b8:fe:f8:21:
cc:d9:9e:2a:41:57:7c:29:07:06:ae:0c:fa:b3:fd:
8f:29:a6:e9:12:f2:52:2d:a6:a9:b6:99:2a:ad:64:
53:73:c4:67:3a:44:9a:c0:5e:df:da:f9:dd:91:7d:
4d:33:a4:64:f0:60:1f:85:da:f5:b9:a4:c0:2d:5b:
dc:c1:07:37:6f:a3:cf:82:08:2e:db:d7:29:c3:e6:
d6:99:1c:a5:7a:57:bd:ae:21:c0:a2:41:87:df:90:
46:58:ad:02:c4:42:5c:d7:88:db:33:f0:14:48:ac:
72:38:16:24:e3:41:52:a1:b2:2b:c3:46:88:d4:eb:
46:8b:88:0e:e3:7b:78:9c:77:5f:30:29:fc:8e:fb:
cc:26:c3:f8:0e:b5:04:c3:35:ef:c7:f7:fc:9f:d2:
a9:46:c1:c0:63:94:c8:c4:37:6c:78:61:d2:ec:36:
88:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F1:52:E3:56:CF:17:18:B2:1B:5E:48:B0:B0:BE:48:45:BA:87:F4
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/1-vFS41bPFxiyG15IsLC-SEW6h_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
33:74:30:70:b8:c3:be:17:41:45:4e:60:be:fd:99:77:1a:b8:
92:c9:d0:d4:56:fb:ce:16:e6:93:e2:e9:d3:56:96:99:f8:13:
05:3a:b7:b3:da:2e:d2:ba:b8:54:06:bc:0d:6d:e9:e4:42:c2:
50:0f:9a:52:c9:ab:89:5d:8c:b1:b1:b9:dc:04:6e:5b:ec:c7:
26:af:b3:e0:3a:d6:77:be:d1:23:b7:60:2f:6e:9c:97:a7:d4:
cc:47:24:50:f1:46:08:23:76:0c:2a:6f:49:42:82:9f:14:54:
a1:36:c2:b7:ad:85:d0:21:3b:bd:c5:22:a1:4c:41:53:f0:33:
26:5d:c1:a7:c2:be:dd:97:16:8f:f1:b4:aa:2b:46:d4:da:a1:
9d:54:3c:2a:be:f7:bf:82:51:6a:25:39:73:17:cc:f0:3e:77:
33:d6:4c:71:d1:1e:14:34:c5:d3:1b:4c:1e:08:f2:87:1c:5a:
1b:5b:20:ba:7b:34:61:40:65:21:a0:b7:66:e1:fb:41:e3:a1:
1a:f9:d9:3b:74:db:a3:57:41:b7:15:7f:d0:8e:66:99:21:47:
54:3e:ee:9a:13:98:60:a3:d3:31:af:40:7b:43:fd:48:cb:76:
13:43:12:56:09:8b:ce:ed:6a:f9:f3:bb:6f:34:ed:b9:02:73:
40:eb:05:17
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYVsXLARsK1h5bjyRGmktm6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWYxNTJlMzU2Y2YxNzE4YjIxYjVlNDhiMGIwYmU0ODQ1YmE4N2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzc6vuX/xdExbHsibDGQYHNS5O1K
PvrRMvIrNdreETKJ439/dJLSnpF2TFR8EM8woDU+JCYxTK4UNMe8B6kMsB6kDBga
pQsAGdDM4DeTg/RV58CzjLj++CHM2Z4qQVd8KQcGrgz6s/2PKabpEvJSLaaptpkq
rWRTc8RnOkSawF7f2vndkX1NM6Rk8GAfhdr1uaTALVvcwQc3b6PPgggu29cpw+bW
mRylele9riHAokGH35BGWK0CxEJc14jbM/AUSKxyOBYk40FSobIrw0aI1OtGi4gO
43t4nHdfMCn8jvvMJsP4DrUEwzXvx/f8n9KpRsHAY5TIxDdseGHS7DaIGwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPrxUuNWzxcYshteSLCwvkhFuof0MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvMS12RlM0MWJQRnhpeUcxNUlzTEMtU0VXNmhfUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvMGQyODBjLTlkODgtNGFlYS1iNTIxLTQxNmY4NWVlMjM3
Yi8xL3BhNktQWXZhcV9SMlg5cDUxVjdLakduSXZ5dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEACXRwAME
ACXRwgMEACXRxAMEACXRxjANBgkqhkiG9w0BAQsFAAOCAQEAM3QwcLjDvhdBRU5g
vv2Zdxq4ksnQ1Fb7zhbmk+Lp01aWmfgTBTq3s9ou0rq4VAa8DW3p5ELCUA+aUsmr
iV2MsbG53ARuW+zHJq+z4DrWd77RI7dgL26cl6fUzEckUPFGCCN2DCpvSUKCnxRU
oTbCt62F0CE7vcUioUxBU/AzJl3Bp8K+3ZcWj/G0qitG1NqhnVQ8Kr73v4JRaiU5
cxfM8D53M9ZMcdEeFDTF0xtMHgjyhxxaG1sguns0YUBlIaC3ZuH7QeOhGvnZO3Tb
o1dBtxV/0I5mmSFHVD7umhOYYKPTMa9Ae0P9SMt2E0MSVgmLzu1q+fO7bzTtuQJz
QOsFFw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:06 2024 by rpki-client on console-fra.rpki-client.org