Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/RzLduC3McKu_Ep2S_2sVEt4l3gg.roa
File: RzLduC3McKu_Ep2S_2sVEt4l3gg.roa (raw, json)
Hash identifier: Zf1zdHLuVuRpFqcDb5YxUV48Na/fvuYaYfEIw9cpROM=
Subject key identifier: 47:32:DD:B8:2D:CC:70:AB:BF:12:9D:92:FF:6B:15:12:DE:25:DE:08
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB07ECA8BCF03A94A2F1E071572C9
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/RzLduC3McKu_Ep2S_2sVEt4l3gg.roa
Signing time: Sun 01 Jan 2023 08:04:51 +0000
ROA not before: Sun 01 Jan 2023 08:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397216
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b0:7e:ca:8b:cf:03:a9:4a:2f:1e:07:15:72:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4732ddb82dcc70abbf129d92ff6b1512de25de08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ce:22:a2:26:57:32:03:d7:8e:14:e5:78:b3:
3d:66:57:66:93:87:cc:35:0b:ca:6c:4e:43:43:75:
79:02:e9:44:41:45:04:90:36:44:ec:22:65:06:83:
ed:82:40:27:92:c2:9e:8b:de:08:74:bb:93:85:aa:
19:08:fc:87:47:7a:09:e9:64:bd:8d:aa:de:20:9c:
10:cb:0b:e7:4e:c0:8a:b2:b2:14:15:e2:2b:5b:02:
34:d9:6d:f8:81:32:6b:56:06:4e:dd:41:4a:53:42:
f7:c0:a8:d3:c4:c1:02:c9:d1:ee:d7:6a:49:58:c4:
91:ab:f9:34:2d:a9:ef:20:66:d8:a7:7c:0d:d6:84:
b1:fe:cd:d6:a6:b4:f2:d4:53:e1:f3:7b:26:4e:18:
07:79:17:61:fa:d4:e9:3b:9a:99:14:4d:f4:2e:64:
be:85:41:7b:89:3d:a9:c0:02:8b:f4:4e:e1:fb:6b:
34:57:10:c0:91:3e:4a:47:a5:eb:51:73:b5:72:69:
26:6e:18:f3:53:a2:a2:73:8b:a4:bf:27:7d:2e:82:
0b:f4:66:44:06:fa:e9:fa:87:78:9a:be:ed:bb:e1:
8c:c7:22:4a:e1:71:92:31:bc:14:06:aa:1d:56:14:
7a:3b:22:fb:2d:51:81:c8:bd:33:90:9c:17:bd:70:
3f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:32:DD:B8:2D:CC:70:AB:BF:12:9D:92:FF:6B:15:12:DE:25:DE:08
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/RzLduC3McKu_Ep2S_2sVEt4l3gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
21:5f:cd:5a:5f:7b:13:99:61:af:00:87:7a:d8:03:0d:eb:ea:
1e:fc:51:c2:e3:ac:7d:e5:7a:37:91:a2:e6:61:c7:4c:a9:78:
56:28:4a:f6:e8:57:0c:e6:12:a4:d2:55:b7:89:00:63:a0:f8:
e2:7f:57:2d:f3:68:e6:a1:e8:f4:0d:84:22:87:44:df:43:80:
50:61:3e:70:13:72:99:40:d9:a3:13:74:14:0d:b1:ae:fb:54:
fb:3b:6b:54:ef:4d:f4:99:9e:a0:cf:e0:6e:db:26:7a:b0:5b:
1c:3d:6a:91:a2:e4:4d:82:6a:8b:7f:2a:81:98:92:c8:02:b4:
7a:59:ec:b3:c2:a1:9a:f1:83:0e:c9:11:04:84:42:f9:86:45:
75:09:d8:67:19:7f:87:e6:ac:00:3a:e4:35:3a:98:a6:b9:27:
32:7e:d9:39:90:27:09:db:85:fb:64:a6:c4:57:59:00:16:d8:
74:13:49:ad:e2:5f:ab:be:8d:c9:47:36:d4:7f:14:d8:fc:00:
40:8b:87:0b:f9:2e:87:b9:67:9d:a4:30:9a:70:7c:11:8d:55:
a7:33:97:a1:85:38:6e:04:64:71:58:04:7b:2f:b5:a6:13:f8:
4b:f9:40:70:02:07:ab:f4:1f:d8:11:0d:55:91:ee:d2:1a:36:
80:f0:47:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLB+yovPA6lKLx4HFXLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzMyZGRiODJkY2M3MGFiYmYxMjlkOTJmZjZiMTUxMmRlMjVkZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM4ioiZXMgPXjhTleLM9Zldmk4fM
NQvKbE5DQ3V5AulEQUUEkDZE7CJlBoPtgkAnksKei94IdLuThaoZCPyHR3oJ6WS9
jareIJwQywvnTsCKsrIUFeIrWwI02W34gTJrVgZO3UFKU0L3wKjTxMECydHu12pJ
WMSRq/k0LanvIGbYp3wN1oSx/s3WprTy1FPh83smThgHeRdh+tTpO5qZFE30LmS+
hUF7iT2pwAKL9E7h+2s0VxDAkT5KR6XrUXO1cmkmbhjzU6Kic4ukvyd9LoIL9GZE
Bvrp+od4mr7tu+GMxyJK4XGSMbwUBqodVhR6OyL7LVGByL0zkJwXvXA/3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEcy3bgtzHCrvxKdkv9rFRLeJd4IMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvUnpMZHVDM01jS3VfRXAyU18yc1ZFdDRsM2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAhX81aX3sTmWGvAId6
2AMN6+oe/FHC46x95Xo3kaLmYcdMqXhWKEr26FcM5hKk0lW3iQBjoPjif1ct82jm
oej0DYQih0TfQ4BQYT5wE3KZQNmjE3QUDbGu+1T7O2tU7030mZ6gz+Bu2yZ6sFsc
PWqRouRNgmqLfyqBmJLIArR6WeyzwqGa8YMOyREEhEL5hkV1CdhnGX+H5qwAOuQ1
OpimuScyftk5kCcJ24X7ZKbEV1kAFth0E0mt4l+rvo3JRzbUfxTY/ABAi4cL+S6H
uWedpDCacHwRjVWnM5ehhThuBGRxWAR7L7WmE/hL+UBwAger9B/YEQ1Vke7SGjaA
8Ed8
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:06 2024 by rpki-client on console-fra.rpki-client.org