Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/EkH4cyO0mAu1Qam4fMBshdiDr1o.roa
File: EkH4cyO0mAu1Qam4fMBshdiDr1o.roa (raw, json)
Hash identifier: AGez6gY0iCpbg+lxDXD8g0wO8immEnUqVcwduEmubOc=
Subject key identifier: 12:41:F8:73:23:B4:98:0B:B5:41:A9:B8:7C:C0:6C:85:D8:83:AF:5A
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB590803ED0F4027892A53E48F317
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/EkH4cyO0mAu1Qam4fMBshdiDr1o.roa
Signing time: Sun 01 Jan 2023 08:04:52 +0000
ROA not before: Sun 01 Jan 2023 08:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397223
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b5:90:80:3e:d0:f4:02:78:92:a5:3e:48:f3:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1241f87323b4980bb541a9b87cc06c85d883af5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7c:11:12:56:8d:2c:8a:cf:d9:a3:4f:97:e7:
d3:e0:4d:d6:49:d4:35:d7:00:a4:1d:76:d2:36:8a:
2d:e7:01:d1:3f:d5:39:0a:4a:39:df:ee:bb:ab:3f:
89:9c:75:bc:b6:86:b1:18:05:73:a0:4a:cd:f8:ce:
89:60:cf:cb:0f:0c:62:e2:2d:4e:cc:8b:c8:e7:c9:
14:f1:1f:f2:32:ad:a8:b4:f0:9d:db:bf:98:59:b3:
c4:72:25:fb:c4:7d:a1:ce:4e:b7:8a:80:33:03:da:
cc:c0:13:81:ef:7c:89:ee:dd:aa:8c:79:79:e8:0c:
32:a5:a6:9a:dc:04:c3:df:6e:94:b7:42:ef:38:f1:
8c:d4:b5:47:42:6b:63:23:49:8f:24:d7:ab:40:e5:
4e:1e:2b:4a:d9:92:9e:6e:82:bf:ca:b6:96:0b:d1:
ff:14:fb:29:24:11:12:7b:0a:cb:c7:45:f2:21:a5:
d9:36:bb:c5:6f:59:4a:4b:df:0c:92:ae:a2:a1:1b:
2b:b8:ad:0c:40:ac:bc:64:c4:0f:81:34:cf:f2:d9:
32:02:75:38:03:c7:86:67:fe:bb:57:e8:34:cc:11:
be:0c:9b:9e:47:e4:b0:49:0f:69:9e:e9:72:a1:68:
bf:a2:bd:11:d2:4e:2e:43:f4:93:f2:98:82:31:eb:
34:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:41:F8:73:23:B4:98:0B:B5:41:A9:B8:7C:C0:6C:85:D8:83:AF:5A
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/EkH4cyO0mAu1Qam4fMBshdiDr1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
24:89:bd:32:ea:8a:cf:be:8d:f1:8e:9e:48:d1:1c:2b:0e:7b:
58:1a:da:01:0b:1f:72:47:16:3a:3c:f1:74:f0:cc:cb:2e:7c:
4c:84:80:4c:ee:b3:ed:2f:f4:b1:73:5d:e3:54:64:1f:19:f3:
bd:be:3f:f1:07:75:80:7c:a2:03:4d:d1:8f:63:12:7f:95:b5:
eb:6a:7c:ea:8e:3d:1f:fa:d1:07:2b:9d:cd:2e:70:57:02:7b:
b6:d7:cf:57:0b:3c:69:a7:90:23:14:a6:1b:b2:b0:7e:3f:40:
56:03:23:fb:7e:b7:4d:39:bd:a4:0c:aa:99:77:e0:6e:fa:4d:
43:f4:cb:14:4b:d9:27:79:66:d6:9c:be:86:b4:66:f4:65:f7:
46:68:93:eb:7e:77:f8:5a:5e:18:9c:46:22:65:34:8b:0d:b0:
05:bf:3c:45:30:85:61:b1:bd:32:24:84:7d:60:0d:22:fb:fe:
88:33:c2:a3:dd:cf:a9:32:73:a4:bc:f4:1a:83:25:8c:d9:b1:
4f:75:10:d2:7d:b7:89:18:f0:ee:19:c2:d3:1f:95:c6:5e:e7:
2d:93:45:8c:2d:9c:8b:a8:05:42:6f:64:e4:21:47:b4:94:8c:
08:12:7d:14:dd:5d:07:5a:74:03:aa:f7:ed:1e:ac:39:29:e8:
ea:85:b8:48
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLWQgD7Q9AJ4kqU+SPMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjQxZjg3MzIzYjQ5ODBiYjU0MWE5Yjg3Y2MwNmM4NWQ4ODNhZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHwRElaNLIrP2aNPl+fT4E3WSdQ1
1wCkHXbSNoot5wHRP9U5Cko53+67qz+JnHW8toaxGAVzoErN+M6JYM/LDwxi4i1O
zIvI58kU8R/yMq2otPCd27+YWbPEciX7xH2hzk63ioAzA9rMwBOB73yJ7t2qjHl5
6Awypaaa3ATD326Ut0LvOPGM1LVHQmtjI0mPJNerQOVOHitK2ZKeboK/yraWC9H/
FPspJBESewrLx0XyIaXZNrvFb1lKS98Mkq6ioRsruK0MQKy8ZMQPgTTP8tkyAnU4
A8eGZ/67V+g0zBG+DJueR+SwSQ9pnulyoWi/or0R0k4uQ/ST8piCMes0rQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBJB+HMjtJgLtUGpuHzAbIXYg69aMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvRWtINGN5TzBtQXUxUWFtNGZNQnNoZGlEcjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAkib0y6orPvo3xjp5I
0RwrDntYGtoBCx9yRxY6PPF08MzLLnxMhIBM7rPtL/Sxc13jVGQfGfO9vj/xB3WA
fKIDTdGPYxJ/lbXranzqjj0f+tEHK53NLnBXAnu2189XCzxpp5AjFKYbsrB+P0BW
AyP7frdNOb2kDKqZd+Bu+k1D9MsUS9kneWbWnL6GtGb0ZfdGaJPrfnf4Wl4YnEYi
ZTSLDbAFvzxFMIVhsb0yJIR9YA0i+/6IM8Kj3c+pMnOkvPQagyWM2bFPdRDSfbeJ
GPDuGcLTH5XGXuctk0WMLZyLqAVCb2TkIUe0lIwIEn0U3V0HWnQDqvftHqw5Kejq
hbhI
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org