Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/758CGo6GnbcXSGRHL2gd6dkE2AU.roa
File: 758CGo6GnbcXSGRHL2gd6dkE2AU.roa (raw, json)
Hash identifier: je27cpGo0wMPgT+jJp5XCkPJIgaMd61jcWho1c/RBRs=
Subject key identifier: EF:9F:02:1A:8E:86:9D:B7:17:48:64:47:2F:68:1D:E9:D9:04:D8:05
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB200B1C3CD2D513C11777FE42479
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/758CGo6GnbcXSGRHL2gd6dkE2AU.roa
Signing time: Sun 01 Jan 2023 08:04:52 +0000
ROA not before: Sun 01 Jan 2023 08:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397219
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b2:00:b1:c3:cd:2d:51:3c:11:77:7f:e4:24:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef9f021a8e869db7174864472f681de9d904d805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:20:4c:1f:bb:34:b6:0e:93:7c:94:42:f1:3d:
48:d1:b2:ec:76:ee:99:3a:bc:4e:f1:5f:60:6a:43:
8d:07:3a:e5:24:57:9b:16:b5:3b:24:0d:66:15:ba:
15:8a:9a:5b:3c:ea:53:26:01:26:46:19:e2:99:b3:
42:3b:17:45:57:90:7e:f5:29:d1:c3:3c:77:fa:df:
19:84:01:70:12:da:90:10:68:19:a2:fd:e5:29:17:
41:74:4c:2a:8c:49:2e:41:3c:34:38:9e:60:b6:57:
bc:28:d3:9e:02:ea:91:99:ef:d8:ff:3d:7b:70:29:
8c:cd:46:91:86:f9:d4:72:ff:f6:4b:cd:db:3b:00:
2a:83:3f:75:23:ce:5a:20:e2:dd:5b:8d:89:41:b0:
29:54:7c:08:19:ec:57:f4:59:ed:a5:b4:d7:3d:b3:
1b:54:38:ac:39:a2:66:b7:14:c2:5f:d2:9c:a7:39:
ee:10:e5:5d:fa:27:4e:a5:ad:53:00:0d:fb:fd:ce:
43:c3:6d:f5:cd:ea:48:a1:f9:71:6f:65:5b:55:55:
f9:56:73:d6:b1:af:27:f3:db:44:32:73:ef:db:fc:
84:a3:ba:f3:34:99:71:df:a1:54:b8:c4:c5:b3:98:
cd:b2:a4:08:1b:80:b3:b6:7d:ca:1c:33:b3:df:db:
a7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9F:02:1A:8E:86:9D:B7:17:48:64:47:2F:68:1D:E9:D9:04:D8:05
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/758CGo6GnbcXSGRHL2gd6dkE2AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:ff:9a:71:63:1a:fe:6c:aa:88:19:41:fa:ae:3d:f7:bb:8d:
10:e5:c1:1a:e5:fe:6c:58:59:2b:3a:2d:49:c5:b3:4e:2d:be:
e5:c4:a2:f2:89:9e:e2:c2:aa:97:03:0c:7e:0c:a8:6b:70:94:
8c:32:59:90:9b:d3:42:f0:43:c2:94:92:2e:81:d9:e9:46:98:
39:e8:33:ce:37:b6:9a:75:41:bf:33:ec:76:40:73:30:5a:2a:
73:fb:f5:18:a3:2f:9e:ef:e7:ce:0a:b7:5c:23:a8:5c:de:46:
59:c5:83:12:a2:3f:6a:ad:d3:71:ce:00:c1:c1:fd:9c:88:75:
84:80:e4:84:d7:35:7b:0f:77:22:06:31:ac:29:3b:46:3b:65:
93:ec:7d:ce:1a:cc:e8:14:75:40:7a:7a:02:77:19:5d:43:61:
07:e0:28:ad:18:9b:5f:e4:c7:24:5e:1f:62:3e:ca:89:04:fa:
fa:66:18:df:8f:16:d0:12:93:9c:e2:60:82:fe:a5:81:86:00:
4d:d2:43:68:73:79:f7:65:17:56:c8:2a:df:4f:33:e0:ff:f9:
79:fa:e7:59:6f:34:37:dc:e7:1c:2c:43:34:12:02:74:fd:a6:
f8:65:99:1b:12:07:d1:71:e5:c1:eb:54:69:2b:01:8d:32:86:
02:b4:6e:6d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLIAscPNLVE8EXd/5CR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjlmMDIxYThlODY5ZGI3MTc0ODY0NDcyZjY4MWRlOWQ5MDRkODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyBMH7s0tg6TfJRC8T1I0bLsdu6Z
OrxO8V9gakONBzrlJFebFrU7JA1mFboVippbPOpTJgEmRhnimbNCOxdFV5B+9SnR
wzx3+t8ZhAFwEtqQEGgZov3lKRdBdEwqjEkuQTw0OJ5gtle8KNOeAuqRme/Y/z17
cCmMzUaRhvnUcv/2S83bOwAqgz91I85aIOLdW42JQbApVHwIGexX9FntpbTXPbMb
VDisOaJmtxTCX9KcpznuEOVd+idOpa1TAA37/c5Dw231zepIoflxb2VbVVX5VnPW
sa8n89tEMnPv2/yEo7rzNJlx36FUuMTFs5jNsqQIG4Cztn3KHDOz39unaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO+fAhqOhp23F0hkRy9oHenZBNgFMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvNzU4Q0dvNkduYmNYU0dSSEwyZ2Q2ZGtFMkFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQB//5pxYxr+bKqIGUH6
rj33u40Q5cEa5f5sWFkrOi1JxbNOLb7lxKLyiZ7iwqqXAwx+DKhrcJSMMlmQm9NC
8EPClJIugdnpRpg56DPON7aadUG/M+x2QHMwWipz+/UYoy+e7+fOCrdcI6hc3kZZ
xYMSoj9qrdNxzgDBwf2ciHWEgOSE1zV7D3ciBjGsKTtGO2WT7H3OGszoFHVAenoC
dxldQ2EH4CitGJtf5MckXh9iPsqJBPr6ZhjfjxbQEpOc4mCC/qWBhgBN0kNoc3n3
ZRdWyCrfTzPg//l5+udZbzQ33OccLEM0EgJ0/ab4ZZkbEgfRceXB61RpKwGNMoYC
tG5t
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:06 2024 by rpki-client on console-fra.rpki-client.org