Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/47h9OzMLGs22F5uHbdqE1tgIbcQ.roa
File: 47h9OzMLGs22F5uHbdqE1tgIbcQ.roa (raw, json)
Hash identifier: pgfWMBRM7g+gedUoJU/+SZml8QoDyYiMxvNYUSPtG1A=
Subject key identifier: E3:B8:7D:3B:33:0B:1A:CD:B6:17:9B:87:6D:DA:84:D6:D8:08:6D:C4
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CBB5AE47FEC44DC7BA6CCAD2616E7
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/47h9OzMLGs22F5uHbdqE1tgIbcQ.roa
Signing time: Sun 01 Jan 2023 08:04:54 +0000
ROA not before: Sun 01 Jan 2023 08:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397232
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:bb:5a:e4:7f:ec:44:dc:7b:a6:cc:ad:26:16:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3b87d3b330b1acdb6179b876dda84d6d8086dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3a:47:b2:ca:8b:8a:db:c8:81:61:cd:69:8d:
73:95:96:96:d1:c8:a6:1c:7c:c3:a8:26:ff:fa:a9:
6c:77:2f:87:99:e7:7e:49:4f:4f:93:22:d2:a6:93:
2a:29:60:db:57:bc:70:2d:64:60:d2:f5:77:9e:72:
ea:d9:94:d1:4c:37:a2:48:98:96:fe:1b:04:ac:fc:
d6:f9:e8:e9:3e:30:5c:b7:50:cb:15:58:ea:16:b8:
85:24:3d:a3:2e:96:3b:53:e7:50:eb:b7:ce:a3:cd:
36:4d:da:df:44:bf:91:ab:2c:87:74:42:0f:b7:04:
bd:24:f1:8f:9e:ca:13:e7:ba:dd:c8:88:0d:b4:6d:
38:f5:3c:c4:d0:a6:f1:ac:61:30:00:4a:8b:d6:0f:
f2:b5:2a:ee:4e:48:61:6a:f4:9a:52:6c:a8:22:94:
56:82:c9:2f:18:74:dc:02:e6:a7:46:8e:1b:0a:9c:
07:a9:f7:55:13:d7:72:32:57:ac:e6:1a:91:56:f5:
c0:7b:04:27:43:f7:2a:dd:ef:03:0e:c7:5d:34:75:
d3:21:c6:75:53:e1:8e:1b:7f:6d:75:cf:9e:23:a7:
f3:c0:77:c2:69:c4:92:e0:8a:c3:e5:4a:fb:ff:0e:
c9:4f:1b:8c:a4:35:32:02:f3:ad:d8:ab:e1:10:27:
a5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B8:7D:3B:33:0B:1A:CD:B6:17:9B:87:6D:DA:84:D6:D8:08:6D:C4
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/47h9OzMLGs22F5uHbdqE1tgIbcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:c7:50:11:2c:09:bd:50:92:df:b6:f9:0a:4e:b9:f5:39:df:
a3:82:7d:96:00:77:da:51:44:1a:b0:3a:ce:42:c6:4e:24:6d:
48:d4:f4:56:16:13:93:da:a5:a8:6a:aa:2c:46:19:8f:24:a8:
aa:a0:7a:50:c4:17:51:e2:a8:5c:6f:7c:c8:98:97:f4:e4:a3:
4e:4f:7f:62:aa:94:bc:4b:c4:de:9d:3a:89:59:e1:4e:1d:d7:
e6:7a:9d:29:9f:fd:3f:8a:e7:db:13:8d:67:8e:6d:da:30:49:
f1:7d:c4:a6:30:9c:44:55:6c:39:54:1d:8d:11:8f:dc:a5:d5:
9b:5f:a3:ca:0c:3c:ce:4f:d8:48:bb:04:22:3a:18:0f:02:a3:
01:09:ee:00:6c:d3:7e:67:74:86:60:de:7a:a3:44:86:4d:44:
d5:4b:9f:5a:5d:2a:55:c9:ed:64:3d:64:e5:aa:a7:28:43:11:
e2:bb:a8:70:77:aa:17:85:f3:1f:a4:3e:b8:1f:05:e2:e3:ad:
cd:ac:a9:34:39:fd:71:74:7d:12:a9:3e:72:06:f7:84:59:6f:
f3:a2:ef:90:36:8e:59:c0:dc:34:b4:0c:77:e5:a0:06:9c:ab:
a1:8c:fb:84:28:b8:42:06:44:45:ea:55:ee:06:82:a1:68:37:
e7:87:dd:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLta5H/sRNx7psytJhbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2I4N2QzYjMzMGIxYWNkYjYxNzliODc2ZGRhODRkNmQ4MDg2ZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjpHssqLitvIgWHNaY1zlZaW0cim
HHzDqCb/+qlsdy+Hmed+SU9PkyLSppMqKWDbV7xwLWRg0vV3nnLq2ZTRTDeiSJiW
/hsErPzW+ejpPjBct1DLFVjqFriFJD2jLpY7U+dQ67fOo802TdrfRL+RqyyHdEIP
twS9JPGPnsoT57rdyIgNtG049TzE0KbxrGEwAEqL1g/ytSruTkhhavSaUmyoIpRW
gskvGHTcAuanRo4bCpwHqfdVE9dyMles5hqRVvXAewQnQ/cq3e8DDsddNHXTIcZ1
U+GOG39tdc+eI6fzwHfCacSS4IrD5Ur7/w7JTxuMpDUyAvOt2KvhECelJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOO4fTszCxrNthebh23ahNbYCG3EMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvNDdoOU96TUxHczIyRjV1SGJkcUUxdGdJYmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBrx1ARLAm9UJLftvkK
Trn1Od+jgn2WAHfaUUQasDrOQsZOJG1I1PRWFhOT2qWoaqosRhmPJKiqoHpQxBdR
4qhcb3zImJf05KNOT39iqpS8S8TenTqJWeFOHdfmep0pn/0/iufbE41njm3aMEnx
fcSmMJxEVWw5VB2NEY/cpdWbX6PKDDzOT9hIuwQiOhgPAqMBCe4AbNN+Z3SGYN56
o0SGTUTVS59aXSpVye1kPWTlqqcoQxHiu6hwd6oXhfMfpD64HwXi463NrKk0Of1x
dH0SqT5yBveEWW/zou+QNo5ZwNw0tAx35aAGnKuhjPuEKLhCBkRF6lXuBoKhaDfn
h91+
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:06 2024 by rpki-client on console-fra.rpki-client.org