Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/H1F7kc0IgJFCpl9DsZV4SvghbuA.roa
File: H1F7kc0IgJFCpl9DsZV4SvghbuA.roa (raw, json)
Hash identifier: lVERywJKURxSk8OB8r7fkJ7+E9JCX141MNajiASli+Y=
Subject key identifier: 1F:51:7B:91:CD:08:80:91:42:A6:5F:43:B1:95:78:4A:F8:21:6E:E0
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CBEB14BEB5F5E16DE4EBE73369B61
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/H1F7kc0IgJFCpl9DsZV4SvghbuA.roa
Signing time: Sun 01 Jan 2023 08:04:55 +0000
ROA not before: Sun 01 Jan 2023 08:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397238
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:be:b1:4b:eb:5f:5e:16:de:4e:be:73:36:9b:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f517b91cd08809142a65f43b195784af8216ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a7:ef:dd:75:bd:f6:cb:9e:f3:bf:56:69:25:
81:69:ad:7b:f5:3f:77:e8:db:9d:49:62:a7:88:6d:
82:e3:03:6b:38:13:81:b7:83:03:30:f4:f5:4e:59:
19:7a:fe:37:76:ba:bf:69:00:9f:69:fe:c7:7a:c1:
3f:eb:58:66:4c:db:05:2f:4d:b1:89:fb:55:48:86:
e6:e3:cf:e1:a9:45:ef:90:80:e9:75:e1:a0:30:96:
98:10:be:cf:db:a6:13:49:60:89:36:8b:7a:b8:95:
60:2e:e8:23:f6:6c:bd:3b:c0:e0:b7:a6:5c:69:c2:
28:85:3a:7f:47:4b:ff:78:12:55:f1:8b:cc:97:04:
26:93:1f:d3:bf:1a:d4:8f:57:5a:fa:5e:be:c6:89:
48:9e:f8:5b:08:22:f9:cd:2c:af:6e:01:35:91:43:
17:d2:6e:96:a9:7a:6a:a8:81:49:ad:fd:b1:8a:15:
9f:63:a1:ff:24:40:04:79:e5:ee:33:1a:00:f9:40:
19:f3:b9:21:d1:89:16:ad:b2:6b:2f:99:87:70:04:
9e:ea:bb:49:f8:a4:81:9d:c3:38:b2:dc:0e:20:37:
1a:7a:6d:62:fd:f9:21:98:f1:a7:1b:ef:e8:ed:93:
74:49:4a:95:c6:24:56:64:69:48:77:15:bc:78:20:
15:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:51:7B:91:CD:08:80:91:42:A6:5F:43:B1:95:78:4A:F8:21:6E:E0
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/H1F7kc0IgJFCpl9DsZV4SvghbuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:1b:38:ef:2b:d9:31:bb:b3:da:b8:df:86:08:35:d5:b7:96:
1a:cb:2f:d1:8c:14:e1:0a:35:0c:62:79:e1:51:4b:a0:3b:fe:
16:a3:c4:35:d8:58:8c:e0:64:ed:79:80:72:88:70:e5:61:51:
0d:52:53:bf:9a:1d:b4:09:6a:e7:93:f6:db:f8:30:29:1d:61:
23:35:74:29:35:cb:74:6b:37:d2:59:f0:6a:14:cb:e6:e7:ab:
db:25:a0:a5:44:6c:ea:bf:fd:78:09:f6:4c:23:fc:ec:a0:26:
d7:d0:4c:bf:a2:9e:7f:c6:ee:39:1b:fe:5b:da:8f:d1:7e:38:
62:fb:39:b3:04:f0:1b:73:0d:d3:49:e6:59:68:3e:7d:5d:51:
5f:c6:1c:0b:77:5d:80:b2:b6:a5:3d:1f:d3:ec:51:ab:85:cd:
df:0d:cb:d4:31:e8:ed:a2:73:57:70:61:4c:1f:02:3e:c3:c4:
09:6d:b9:59:8c:0c:25:55:38:4f:c9:7b:4b:19:82:ad:21:dc:
6a:57:b8:67:7d:bf:0a:56:80:83:5e:bc:12:d0:35:83:f1:70:
74:17:d1:3f:6c:84:21:26:cc:76:22:0a:5d:81:a4:50:10:5a:
a1:75:19:28:50:5a:b6:fa:37:e5:5e:16:da:a0:c1:88:53:ed:
47:1e:ac:ae
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXL6xS+tfXhbeTr5zNpthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjUxN2I5MWNkMDg4MDkxNDJhNjVmNDNiMTk1Nzg0YWY4MjE2ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qfv3XW99sue879WaSWBaa179T93
6NudSWKniG2C4wNrOBOBt4MDMPT1TlkZev43drq/aQCfaf7HesE/61hmTNsFL02x
iftVSIbm48/hqUXvkIDpdeGgMJaYEL7P26YTSWCJNot6uJVgLugj9my9O8Dgt6Zc
acIohTp/R0v/eBJV8YvMlwQmkx/TvxrUj1da+l6+xolInvhbCCL5zSyvbgE1kUMX
0m6WqXpqqIFJrf2xihWfY6H/JEAEeeXuMxoA+UAZ87kh0YkWrbJrL5mHcASe6rtJ
+KSBncM4stwOIDcaem1i/fkhmPGnG+/o7ZN0SUqVxiRWZGlIdxW8eCAVAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB9Re5HNCICRQqZfQ7GVeEr4IW7gMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvSDFGN2tjMElnSkZDcGw5RHNaVjRTdmdoYnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBcGzjvK9kxu7PauN+G
CDXVt5Yayy/RjBThCjUMYnnhUUugO/4Wo8Q12FiM4GTteYByiHDlYVENUlO/mh20
CWrnk/bb+DApHWEjNXQpNct0azfSWfBqFMvm56vbJaClRGzqv/14CfZMI/zsoCbX
0Ey/op5/xu45G/5b2o/Rfjhi+zmzBPAbcw3TSeZZaD59XVFfxhwLd12AsralPR/T
7FGrhc3fDcvUMejtonNXcGFMHwI+w8QJbblZjAwlVThPyXtLGYKtIdxqV7hnfb8K
VoCDXrwS0DWD8XB0F9E/bIQhJsx2IgpdgaRQEFqhdRkoUFq2+jflXhbaoMGIU+1H
Hqyu
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:06 2024 by rpki-client on console-fra.rpki-client.org