Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/EDDemjdiKvLyZUHK_pyGpnNwXCY.roa
File: EDDemjdiKvLyZUHK_pyGpnNwXCY.roa (raw, json)
Hash identifier: QuQvURYolSdf8QmD0o4adZCJXiKnht3iO2MINVHQpVY=
Subject key identifier: 10:30:DE:9A:37:62:2A:F2:F2:65:41:CA:FE:9C:86:A6:73:70:5C:26
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CBAEBFCF534C1A82C1FD58AEE5EBD
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/EDDemjdiKvLyZUHK_pyGpnNwXCY.roa
Signing time: Sun 01 Jan 2023 08:04:54 +0000
ROA not before: Sun 01 Jan 2023 08:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397231
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:ba:eb:fc:f5:34:c1:a8:2c:1f:d5:8a:ee:5e:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1030de9a37622af2f26541cafe9c86a673705c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c3:df:56:7e:2e:03:59:c1:c3:bc:79:1a:45:
27:5a:36:c4:cf:cb:b3:5e:82:35:36:ad:b1:f2:7b:
40:0e:e5:bf:e8:fa:54:4d:58:fd:42:b3:fa:36:c4:
a3:31:28:98:7a:66:10:00:fd:54:93:e0:b4:e7:02:
54:61:ce:52:3f:e9:73:5c:bf:83:55:67:21:e6:8f:
51:3c:cf:2a:12:c9:7a:b7:a1:4c:29:0f:3f:df:ae:
e9:74:86:78:ef:a2:5a:9a:2d:a4:bb:84:d3:e6:d9:
dc:0e:ac:33:61:b0:58:0b:3e:18:97:59:fd:c8:5b:
f4:a1:6e:8a:32:3c:09:23:f6:7d:fe:35:31:46:77:
67:a7:b3:1b:7f:34:4f:a8:3c:62:c8:c7:88:8d:a4:
b1:39:13:70:0f:0d:10:84:b8:2e:c5:26:a9:82:d1:
51:ec:1f:3b:19:b5:80:d6:a2:2e:03:e8:d0:0e:26:
f2:e6:3f:7a:2d:d0:ca:1c:63:d1:7c:b1:4e:56:e9:
d3:87:75:2a:8d:21:ff:66:e1:c9:00:10:ef:75:ef:
02:b1:85:4e:58:e4:9c:99:b3:a2:30:10:89:31:39:
0e:09:78:83:03:fa:de:cf:99:f0:5b:3e:a2:4a:54:
0a:45:0b:dc:cc:de:8b:61:66:1b:14:05:dc:a6:b9:
72:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:30:DE:9A:37:62:2A:F2:F2:65:41:CA:FE:9C:86:A6:73:70:5C:26
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/EDDemjdiKvLyZUHK_pyGpnNwXCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
60:68:18:7c:db:5f:51:59:30:a0:64:6b:08:ab:a5:fd:79:69:
07:98:16:eb:06:9c:0e:7b:6f:77:17:88:2b:60:9f:10:ac:bf:
58:cd:85:fc:b9:d9:84:a5:54:c2:8f:ba:5f:f4:49:7c:94:c6:
df:cf:18:dc:79:ab:f4:f4:f6:d2:4e:ec:53:64:50:46:91:f9:
a1:82:22:12:ae:67:66:82:5c:a4:30:10:b3:c2:f1:2a:88:8a:
c1:83:90:81:60:68:3a:77:db:41:a4:d0:2a:87:90:b8:c2:67:
41:d8:e4:64:27:92:08:ad:3b:0a:e3:cf:f7:0f:3a:88:72:1f:
8a:4b:98:05:2b:8d:79:93:29:00:7a:72:59:1b:06:67:f5:a8:
77:c3:8a:10:cb:be:20:bb:4e:85:df:74:2c:49:b0:a5:80:d6:
78:97:87:b3:9d:38:d7:0c:3e:ec:ee:7c:e2:5a:15:39:4d:6c:
c8:9c:7e:ad:82:20:46:c6:08:bb:b8:5f:d2:19:4f:2d:30:f9:
89:6a:69:58:6c:87:21:2c:b8:30:28:7e:d7:b3:c9:4f:55:23:
aa:42:fb:9c:5d:c7:fd:be:39:7c:11:6c:32:c8:d2:4a:55:e7:
26:55:8f:5a:27:e9:a3:ad:af:0c:1b:fa:90:dc:c8:0d:a8:5c:
60:5d:c1:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLrr/PU0wagsH9WK7l69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDMwZGU5YTM3NjIyYWYyZjI2NTQxY2FmZTljODZhNjczNzA1YzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMPfVn4uA1nBw7x5GkUnWjbEz8uz
XoI1Nq2x8ntADuW/6PpUTVj9QrP6NsSjMSiYemYQAP1Uk+C05wJUYc5SP+lzXL+D
VWch5o9RPM8qEsl6t6FMKQ8/367pdIZ476Jami2ku4TT5tncDqwzYbBYCz4Yl1n9
yFv0oW6KMjwJI/Z9/jUxRndnp7MbfzRPqDxiyMeIjaSxORNwDw0QhLguxSapgtFR
7B87GbWA1qIuA+jQDiby5j96LdDKHGPRfLFOVunTh3UqjSH/ZuHJABDvde8CsYVO
WOScmbOiMBCJMTkOCXiDA/rez5nwWz6iSlQKRQvczN6LYWYbFAXcprlywQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBAw3po3Yiry8mVByv6chqZzcFwmMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvRUREZW1qZGlLdkx5WlVIS19weUdwbk53WENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBgaBh8219RWTCgZGsI
q6X9eWkHmBbrBpwOe293F4grYJ8QrL9YzYX8udmEpVTCj7pf9El8lMbfzxjceav0
9PbSTuxTZFBGkfmhgiISrmdmglykMBCzwvEqiIrBg5CBYGg6d9tBpNAqh5C4wmdB
2ORkJ5IIrTsK48/3DzqIch+KS5gFK415kykAenJZGwZn9ah3w4oQy74gu06F33Qs
SbClgNZ4l4eznTjXDD7s7nziWhU5TWzInH6tgiBGxgi7uF/SGU8tMPmJamlYbIch
LLgwKH7Xs8lPVSOqQvucXcf9vjl8EWwyyNJKVecmVY9aJ+mjra8MG/qQ3MgNqFxg
XcHN
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org