Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/K4dxPvFaS9Dy1OUV8AVg9WUQ0WM.roa
File: K4dxPvFaS9Dy1OUV8AVg9WUQ0WM.roa (raw, json)
Hash identifier: 81zmUzl6VyXHNdIlbqRQgZS90unrW2GJgecQ1PgT01c=
Subject key identifier: 2B:87:71:3E:F1:5A:4B:D0:F2:D4:E5:15:F0:05:60:F5:65:10:D1:63
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB987D0D932E50F1303DDE8BD0C7B
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/K4dxPvFaS9Dy1OUV8AVg9WUQ0WM.roa
Signing time: Sun 01 Jan 2023 08:04:54 +0000
ROA not before: Sun 01 Jan 2023 08:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397230
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b9:87:d0:d9:32:e5:0f:13:03:dd:e8:bd:0c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b87713ef15a4bd0f2d4e515f00560f56510d163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7b:91:44:e4:77:11:86:54:24:5c:e1:2c:f0:
bb:18:53:1f:05:5c:bd:3f:de:36:37:1d:36:2d:62:
a2:41:ea:6a:7a:c9:f0:df:87:3f:b5:7c:72:f5:a9:
68:55:8e:df:03:3e:e6:3d:8d:f1:35:64:e8:28:4e:
f7:c7:87:0f:69:2f:07:43:61:71:43:00:38:46:92:
1e:cf:44:8a:4d:b8:bf:5b:b8:ce:ab:d5:4f:82:a4:
96:8c:01:c6:e6:21:0c:71:eb:17:c3:a9:55:d9:da:
22:e0:05:be:a4:53:9e:cd:27:c7:af:ac:65:ee:4e:
1f:ce:44:dc:d1:ab:de:cf:22:f2:aa:84:e6:f5:1a:
44:62:e6:63:b0:f4:ad:b1:ba:27:e7:64:21:29:df:
c0:da:55:dc:63:1c:fb:6e:e7:a0:5b:a2:cd:3f:28:
45:f0:e1:a3:ab:0b:a7:69:61:d4:17:d3:8a:0e:39:
f2:0c:83:5a:7a:84:b0:df:52:2f:77:00:d2:29:14:
45:8b:45:5a:2c:a5:c6:85:a4:4f:e7:1c:7e:7c:10:
4c:3d:37:b8:05:c6:27:bf:87:e3:8f:4a:da:d8:81:
a9:0e:e9:b0:1d:01:14:ab:a6:44:c0:88:a9:65:52:
c4:a1:37:e6:67:fa:27:e8:01:f2:fc:e6:a2:0a:e2:
c0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:87:71:3E:F1:5A:4B:D0:F2:D4:E5:15:F0:05:60:F5:65:10:D1:63
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/K4dxPvFaS9Dy1OUV8AVg9WUQ0WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:53:a3:7e:47:8d:f2:d9:28:22:ef:ab:d4:0b:7c:b4:5b:12:
df:9a:a5:3a:94:2e:7c:74:c0:26:53:aa:7c:27:99:c9:62:5f:
73:70:16:ba:dd:bd:c4:37:4f:8c:55:3c:54:a9:bd:8b:da:c0:
c0:41:45:c5:f2:d6:63:2a:15:e8:38:90:50:26:fa:d1:45:42:
3b:0e:66:52:8c:b1:a5:d0:2a:27:c0:93:b3:c1:c6:8d:57:eb:
74:fa:06:99:cb:28:48:49:01:b5:cc:6a:4f:b5:3d:94:d3:fa:
26:c0:ff:e6:5e:47:4a:8a:d1:f9:f3:7b:1b:3c:e4:3a:62:c5:
65:5a:60:b0:53:86:71:ab:de:bd:78:ef:cf:82:bb:f8:62:21:
da:3e:5f:e3:59:96:34:79:39:5c:c9:08:59:e7:e0:46:92:92:
1d:88:8e:53:fa:ae:6a:76:a1:33:9b:57:e4:23:7b:1e:f0:49:
9d:72:2f:84:8e:52:9b:31:1f:c2:0d:cf:0d:23:af:88:e7:31:
98:2c:2f:60:71:d8:59:46:38:fd:32:a4:ff:87:51:e8:a3:2b:
2c:24:c1:22:d3:66:30:3c:47:4a:a7:5e:0a:c4:20:ef:ca:1e:
e3:32:60:49:f9:53:c1:77:51:b6:cf:02:14:01:f3:99:73:74:
7e:99:a5:e5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLmH0Nky5Q8TA93ovQx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjg3NzEzZWYxNWE0YmQwZjJkNGU1MTVmMDA1NjBmNTY1MTBkMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHuRROR3EYZUJFzhLPC7GFMfBVy9
P942Nx02LWKiQepqesnw34c/tXxy9aloVY7fAz7mPY3xNWToKE73x4cPaS8HQ2Fx
QwA4RpIez0SKTbi/W7jOq9VPgqSWjAHG5iEMcesXw6lV2doi4AW+pFOezSfHr6xl
7k4fzkTc0avezyLyqoTm9RpEYuZjsPStsbon52QhKd/A2lXcYxz7buegW6LNPyhF
8OGjqwunaWHUF9OKDjnyDINaeoSw31IvdwDSKRRFi0VaLKXGhaRP5xx+fBBMPTe4
BcYnv4fjj0ra2IGpDumwHQEUq6ZEwIipZVLEoTfmZ/on6AHy/OaiCuLAdQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCuHcT7xWkvQ8tTlFfAFYPVlENFjMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvSzRkeFB2RmFTOUR5MU9VVjhBVmc5V1VRMFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBfU6N+R43y2Sgi76vU
C3y0WxLfmqU6lC58dMAmU6p8J5nJYl9zcBa63b3EN0+MVTxUqb2L2sDAQUXF8tZj
KhXoOJBQJvrRRUI7DmZSjLGl0ConwJOzwcaNV+t0+gaZyyhISQG1zGpPtT2U0/om
wP/mXkdKitH583sbPOQ6YsVlWmCwU4Zxq969eO/Pgrv4YiHaPl/jWZY0eTlcyQhZ
5+BGkpIdiI5T+q5qdqEzm1fkI3se8Emdci+EjlKbMR/CDc8NI6+I5zGYLC9gcdhZ
Rjj9MqT/h1HooyssJMEi02YwPEdKp14KxCDvyh7jMmBJ+VPBd1G2zwIUAfOZc3R+
maXl
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org