Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Pe1lDIyNUXB7AnqetX8yOxXC3bY.roa
File: Pe1lDIyNUXB7AnqetX8yOxXC3bY.roa (raw, json)
Hash identifier: CYZfNbBrCVtb0gE6ICjvMmNnuEcO26aPwlO4KbS23HA=
Subject key identifier: 3D:ED:65:0C:8C:8D:51:70:7B:02:7A:9E:B5:7F:32:3B:15:C2:DD:B6
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CBBE2096986D4646C9CC799780007
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Pe1lDIyNUXB7AnqetX8yOxXC3bY.roa
Signing time: Sun 01 Jan 2023 08:04:54 +0000
ROA not before: Sun 01 Jan 2023 08:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397233
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:bb:e2:09:69:86:d4:64:6c:9c:c7:99:78:00:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ded650c8c8d51707b027a9eb57f323b15c2ddb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cc:a4:09:6d:bb:4d:0b:8f:37:ac:55:8c:da:
2e:f4:75:cc:6c:f3:4e:1f:57:82:d2:c6:0e:7c:f8:
6b:9b:b6:f4:b1:6b:ea:e0:7b:a5:b5:39:d7:0c:8d:
61:a9:86:6c:b7:a0:18:23:17:b4:e7:bf:c5:52:ca:
cb:de:b3:cb:39:75:79:40:0e:47:cc:ff:ac:c1:74:
11:8b:ae:32:17:49:6e:65:10:43:76:cf:6b:50:a9:
c5:68:27:f1:3c:83:f9:b5:0d:5d:25:17:07:a4:7f:
ed:fb:74:9e:69:64:8a:36:d9:6d:45:57:ad:bd:92:
a5:99:83:9a:73:1c:90:1a:24:9b:fc:69:94:63:12:
8e:7e:2c:83:1e:cc:b0:54:9f:4d:96:68:ec:da:81:
8a:3b:20:fc:6c:75:7d:6d:68:bf:67:ff:1f:d3:d3:
a3:93:18:33:37:fa:53:79:07:17:a5:fd:cc:64:1d:
de:bc:d2:14:f5:3c:68:76:49:b5:79:5a:35:2f:9d:
69:95:b7:9d:d2:27:b7:17:b1:97:89:64:b2:6e:75:
50:2b:69:d3:59:d3:bf:f6:23:0b:5d:7d:df:66:21:
6e:c8:57:2e:39:23:10:36:0c:01:f9:6e:31:33:8c:
cb:9e:f6:30:7e:a2:33:88:56:92:b5:0f:62:28:8c:
af:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:ED:65:0C:8C:8D:51:70:7B:02:7A:9E:B5:7F:32:3B:15:C2:DD:B6
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Pe1lDIyNUXB7AnqetX8yOxXC3bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:15:a8:c2:bb:ab:21:b3:26:93:ae:10:2f:f6:28:cf:ff:83:
f7:35:6c:f1:76:78:54:9f:53:90:2d:a8:0c:89:d5:2f:d8:62:
66:29:88:d4:01:cd:bc:38:e6:e7:78:2a:0f:b6:a8:85:59:a1:
47:bf:84:a4:cc:5c:db:c1:82:74:8f:e6:35:bd:18:4f:d6:59:
6b:1d:34:f7:4b:48:fc:cb:63:b9:21:7b:67:ec:dd:69:a1:2c:
37:f9:da:1e:63:14:6c:24:11:37:e5:29:d9:26:bf:1a:a3:73:
7d:7f:6f:52:61:a8:9f:69:0e:73:21:b8:d9:70:30:21:00:4f:
bf:43:84:1b:2b:c8:eb:f0:9c:a6:cb:73:c0:b5:9b:bf:07:03:
97:1b:36:d9:7e:90:8f:2d:2e:a2:5c:70:8e:7c:0b:b5:a8:51:
b0:10:43:ce:2c:23:d2:db:11:49:d9:3c:8d:f7:a5:b2:1a:14:
ea:e6:03:5e:b2:da:2c:80:ff:e2:02:81:6e:c5:be:69:78:a9:
a0:95:ef:70:61:9b:33:bf:49:43:13:69:e3:47:5f:ef:b2:b7:
04:ae:b3:22:cd:cc:8d:28:fb:09:91:56:6e:3d:f1:dc:df:1b:
57:2a:bc:5a:d4:4a:db:ac:b7:d3:29:c5:28:b5:d8:db:58:ae:
78:74:62:3e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLviCWmG1GRsnMeZeAAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGVkNjUwYzhjOGQ1MTcwN2IwMjdhOWViNTdmMzIzYjE1YzJkZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncykCW27TQuPN6xVjNou9HXMbPNO
H1eC0sYOfPhrm7b0sWvq4HultTnXDI1hqYZst6AYIxe057/FUsrL3rPLOXV5QA5H
zP+swXQRi64yF0luZRBDds9rUKnFaCfxPIP5tQ1dJRcHpH/t+3SeaWSKNtltRVet
vZKlmYOacxyQGiSb/GmUYxKOfiyDHsywVJ9Nlmjs2oGKOyD8bHV9bWi/Z/8f09Oj
kxgzN/pTeQcXpf3MZB3evNIU9Txodkm1eVo1L51plbed0ie3F7GXiWSybnVQK2nT
WdO/9iMLXX3fZiFuyFcuOSMQNgwB+W4xM4zLnvYwfqIziFaStQ9iKIyvcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD3tZQyMjVFwewJ6nrV/MjsVwt22MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvUGUxbERJeU5VWEI3QW5xZXRYOHlPeFhDM2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAOFajCu6shsyaTrhAv
9ijP/4P3NWzxdnhUn1OQLagMidUv2GJmKYjUAc28OObneCoPtqiFWaFHv4SkzFzb
wYJ0j+Y1vRhP1llrHTT3S0j8y2O5IXtn7N1poSw3+doeYxRsJBE35SnZJr8ao3N9
f29SYaifaQ5zIbjZcDAhAE+/Q4QbK8jr8Jymy3PAtZu/BwOXGzbZfpCPLS6iXHCO
fAu1qFGwEEPOLCPS2xFJ2TyN96WyGhTq5gNestosgP/iAoFuxb5peKmgle9wYZsz
v0lDE2njR1/vsrcErrMizcyNKPsJkVZuPfHc3xtXKrxa1ErbrLfTKcUotdjbWK54
dGI+
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org