Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/1TubY2ZdP4B7oBgBHBJNMJDybvs.roa
File: 1TubY2ZdP4B7oBgBHBJNMJDybvs.roa (raw, json)
Hash identifier: RIvg538kWMfaX/VCD6AilZfywn+Sx5ydGOFkkxStcuw=
Subject key identifier: D5:3B:9B:63:66:5D:3F:80:7B:A0:18:01:1C:12:4D:30:90:F2:6E:FB
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CBE6321D658BCC2C4B5B0675DE797
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/1TubY2ZdP4B7oBgBHBJNMJDybvs.roa
Signing time: Sun 01 Jan 2023 08:04:55 +0000
ROA not before: Sun 01 Jan 2023 08:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397237
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:be:63:21:d6:58:bc:c2:c4:b5:b0:67:5d:e7:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d53b9b63665d3f807ba018011c124d3090f26efb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:68:d5:04:f5:63:d2:9b:d4:15:e0:e0:0e:f3:
5d:00:7d:bf:25:eb:2e:bd:20:7b:74:b6:29:a1:cc:
57:98:97:b6:d7:d0:e2:a9:9d:42:fb:4c:96:27:19:
a7:86:ff:fa:5e:95:b9:c1:3d:e7:71:97:bc:f8:59:
fd:ab:a7:96:f7:f0:06:ac:6b:bd:33:4a:2a:00:cf:
ed:c2:81:6a:6c:94:a2:e1:be:b9:d2:13:41:a3:c7:
51:b0:7d:b7:f8:e9:a0:e9:10:3f:1d:a2:48:4c:99:
2b:17:e8:2a:a7:a7:15:90:f6:49:73:11:8e:ca:75:
78:ba:92:f5:d9:a9:c0:4d:09:26:c6:75:a8:c9:9b:
3e:1e:22:a6:53:bf:84:96:fc:e8:56:23:4f:6a:6a:
08:c9:ce:35:79:ad:6b:bc:75:1d:ac:9a:31:59:bf:
c1:67:ef:4e:ce:ac:b1:4a:f4:b4:ef:9c:7a:f1:1a:
1b:8b:64:a5:73:48:e3:06:34:8e:ac:05:72:ec:21:
8b:bd:cd:cc:5c:b6:d2:c3:94:60:eb:11:af:47:3e:
8f:8f:5a:c2:a5:a6:c9:f9:a8:8c:bf:ba:48:c1:7d:
d8:d7:c1:e2:d7:4d:ea:03:d2:e3:26:1b:69:a7:a0:
66:8e:99:87:55:a9:d7:db:20:07:9d:3e:a4:27:ea:
9e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:3B:9B:63:66:5D:3F:80:7B:A0:18:01:1C:12:4D:30:90:F2:6E:FB
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/1TubY2ZdP4B7oBgBHBJNMJDybvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
11:f3:b5:bb:dd:4e:82:bd:04:41:37:ba:c0:38:8e:a4:3f:2f:
73:b6:c7:5d:cd:64:a8:8f:91:b6:06:6a:ce:e4:e2:60:5a:5d:
47:a4:95:a2:13:a7:c7:6f:4d:b3:51:1c:d6:b7:ed:5d:23:8e:
a7:67:8a:f5:1a:4c:74:6f:de:25:09:9d:dc:2c:44:6d:70:6d:
65:66:d9:39:8d:f2:00:54:61:19:5a:79:e0:2b:25:b7:3a:18:
1d:e7:98:c2:9a:d8:f2:4b:3f:18:24:fd:a0:1a:9a:9f:d7:ad:
39:2a:c4:76:8c:3f:4d:39:85:51:a1:5b:3e:d1:7e:f7:59:ba:
b9:92:c3:1c:94:43:8f:4a:c7:ec:27:1c:06:c7:d5:8d:85:fb:
c4:82:fa:da:dd:4f:ca:dc:a3:31:5c:c2:a4:88:12:99:7c:9c:
ed:85:a5:db:63:77:7f:85:ae:6d:64:6e:b2:ef:5f:0b:ed:63:
86:4a:72:7b:ff:c8:2b:23:fc:e5:df:a1:8f:ab:e8:a4:5c:47:
fa:5d:a3:88:18:59:e8:b1:8d:d2:25:08:13:99:6b:ec:ac:39:
16:5c:ad:66:c1:73:e3:73:3e:22:97:bb:5b:f5:d0:5c:f2:f1:
6f:94:f6:7f:f4:05:07:d3:16:e8:2d:89:1d:4b:76:cd:bc:39:
04:39:0f:c1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXL5jIdZYvMLEtbBnXeeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTNiOWI2MzY2NWQzZjgwN2JhMDE4MDExYzEyNGQzMDkwZjI2ZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWjVBPVj0pvUFeDgDvNdAH2/Jesu
vSB7dLYpocxXmJe219DiqZ1C+0yWJxmnhv/6XpW5wT3ncZe8+Fn9q6eW9/AGrGu9
M0oqAM/twoFqbJSi4b650hNBo8dRsH23+Omg6RA/HaJITJkrF+gqp6cVkPZJcxGO
ynV4upL12anATQkmxnWoyZs+HiKmU7+ElvzoViNPamoIyc41ea1rvHUdrJoxWb/B
Z+9OzqyxSvS075x68Robi2Slc0jjBjSOrAVy7CGLvc3MXLbSw5Rg6xGvRz6Pj1rC
pabJ+aiMv7pIwX3Y18Hi103qA9LjJhtpp6BmjpmHVanX2yAHnT6kJ+qeiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNU7m2NmXT+Ae6AYARwSTTCQ8m77MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvMVR1YlkyWmRQNEI3b0JnQkhCSk5NSkR5YnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAR87W73U6CvQRBN7rA
OI6kPy9ztsddzWSoj5G2BmrO5OJgWl1HpJWiE6fHb02zURzWt+1dI46nZ4r1Gkx0
b94lCZ3cLERtcG1lZtk5jfIAVGEZWnngKyW3Ohgd55jCmtjySz8YJP2gGpqf1605
KsR2jD9NOYVRoVs+0X73Wbq5ksMclEOPSsfsJxwGx9WNhfvEgvra3U/K3KMxXMKk
iBKZfJzthaXbY3d/ha5tZG6y718L7WOGSnJ7/8grI/zl36GPq+ikXEf6XaOIGFno
sY3SJQgTmWvsrDkWXK1mwXPjcz4il7tb9dBc8vFvlPZ/9AUH0xboLYkdS3bNvDkE
OQ/B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:24 2024 by rpki-client on console-fra.rpki-client.org