Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/2lWSrA0zWZ30QDa6usGON2-UzAg.roa
File: 2lWSrA0zWZ30QDa6usGON2-UzAg.roa (raw, json)
Hash identifier: vYzVJ/snSuHlUZtguSB1gow5th8hs0w/F6XyiHQCRPI=
Subject key identifier: DA:55:92:AC:0D:33:59:9D:F4:40:36:BA:BA:C1:8E:37:6F:94:CC:08
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB61082D791BCAAED938CFA4911A0
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/2lWSrA0zWZ30QDa6usGON2-UzAg.roa
Signing time: Sun 01 Jan 2023 08:04:53 +0000
ROA not before: Sun 01 Jan 2023 08:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397224
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b6:10:82:d7:91:bc:aa:ed:93:8c:fa:49:11:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da5592ac0d33599df44036babac18e376f94cc08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ee:23:af:dc:8c:34:82:50:8a:68:20:7e:30:
b6:a3:1f:fc:1d:eb:2e:95:64:f7:d2:4e:e0:1c:2d:
25:3f:6a:6b:6b:49:67:4f:3c:98:bf:54:53:42:17:
7b:38:04:28:5c:5e:06:16:73:37:4f:02:34:ce:55:
e8:53:c9:f4:cf:51:33:40:d1:58:38:b4:7b:da:99:
27:8f:d7:de:0f:1c:2c:5b:3a:5d:7c:08:3a:2a:23:
ff:ea:ad:0e:f8:90:87:dc:6d:6e:67:db:65:a9:09:
e3:d6:83:ad:66:58:d4:1b:7a:5d:1f:03:1a:e7:17:
bf:d4:01:83:fa:33:f9:e7:8a:1e:f3:a9:c3:74:c4:
50:10:56:f3:f5:d2:a8:7d:87:42:0e:0d:33:74:b5:
51:f1:81:43:a0:85:7e:8f:83:b2:60:b1:65:d0:55:
a6:ff:bf:44:cb:a4:de:2a:98:34:33:bb:62:6e:00:
9f:ec:34:67:19:b7:65:ee:a1:35:aa:86:f9:1d:c4:
1e:5e:d4:4c:95:98:71:72:60:55:1a:15:89:3e:be:
99:a4:a3:69:8e:db:fd:02:5b:62:4b:41:66:66:8e:
f7:4c:a0:03:0b:49:d9:a1:9b:d3:9c:b4:51:6a:b3:
e5:aa:cf:51:32:62:e3:11:29:07:63:02:d0:7b:3e:
2c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:55:92:AC:0D:33:59:9D:F4:40:36:BA:BA:C1:8E:37:6F:94:CC:08
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/2lWSrA0zWZ30QDa6usGON2-UzAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
78:55:3a:3d:fc:43:14:db:0f:cf:3b:76:9f:51:de:22:4e:32:
d1:78:de:bf:07:19:aa:78:f7:81:5c:e8:3c:00:16:94:6a:8b:
20:8e:97:eb:8f:d1:3d:e5:1d:75:1c:43:a9:c5:c5:6c:60:8b:
37:0b:53:ca:6c:5f:d9:89:4f:09:91:b5:08:d0:76:62:11:2f:
61:8a:56:67:e2:3b:4a:45:fa:54:73:fe:f0:cf:7a:96:fb:19:
b1:46:67:08:62:71:94:67:72:3b:b2:81:d4:5c:0d:76:0a:9b:
91:52:66:e9:c7:3f:c0:3a:42:8c:15:46:ba:cc:c8:38:8a:ee:
18:cc:b4:bb:9c:6d:2b:e2:3a:c0:6b:ad:15:ad:12:f1:44:98:
f8:21:e8:fc:f0:6b:45:8f:e5:9c:c8:cc:33:42:00:0d:e7:96:
47:cf:aa:9f:83:97:df:00:a2:44:57:6b:d0:1e:1e:af:74:50:
49:40:4b:b6:d9:d4:06:81:96:92:6d:c5:a7:fc:fe:c0:af:e1:
13:85:9f:64:af:0f:1a:27:d1:d1:17:c5:a9:73:2d:22:40:06:
f3:8b:d1:56:12:d6:59:16:e2:2d:03:fb:b1:18:a9:a5:4a:28:
c6:85:6d:e9:4a:ed:5b:bb:cc:61:5e:79:b9:0a:aa:10:96:a9:
ac:c9:74:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLYQgteRvKrtk4z6SRGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTU1OTJhYzBkMzM1OTlkZjQ0MDM2YmFiYWMxOGUzNzZmOTRjYzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAle4jr9yMNIJQimggfjC2ox/8Hesu
lWT30k7gHC0lP2pra0lnTzyYv1RTQhd7OAQoXF4GFnM3TwI0zlXoU8n0z1EzQNFY
OLR72pknj9feDxwsWzpdfAg6KiP/6q0O+JCH3G1uZ9tlqQnj1oOtZljUG3pdHwMa
5xe/1AGD+jP554oe86nDdMRQEFbz9dKofYdCDg0zdLVR8YFDoIV+j4OyYLFl0FWm
/79Ey6TeKpg0M7tibgCf7DRnGbdl7qE1qob5HcQeXtRMlZhxcmBVGhWJPr6ZpKNp
jtv9AltiS0FmZo73TKADC0nZoZvTnLRRarPlqs9RMmLjESkHYwLQez4swQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNpVkqwNM1md9EA2urrBjjdvlMwIMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvMmxXU3JBMHpXWjMwUURhNnVzR09OMi1VekFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQB4VTo9/EMU2w/PO3af
Ud4iTjLReN6/BxmqePeBXOg8ABaUaosgjpfrj9E95R11HEOpxcVsYIs3C1PKbF/Z
iU8JkbUI0HZiES9hilZn4jtKRfpUc/7wz3qW+xmxRmcIYnGUZ3I7soHUXA12CpuR
Umbpxz/AOkKMFUa6zMg4iu4YzLS7nG0r4jrAa60VrRLxRJj4Iej88GtFj+WcyMwz
QgAN55ZHz6qfg5ffAKJEV2vQHh6vdFBJQEu22dQGgZaSbcWn/P7Ar+EThZ9krw8a
J9HRF8Wpcy0iQAbzi9FWEtZZFuItA/uxGKmlSijGhW3pSu1bu8xhXnm5CqoQlqms
yXTC
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org