Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/aOXLUYMAw1oOG3UWZMENXt-Oygw.roa
File: aOXLUYMAw1oOG3UWZMENXt-Oygw.roa (raw, json)
Hash identifier: /wdqYB/cZCg9iUuJpDmtqDqQ4s6Ev0Uw5wMU3kSFHVs=
Subject key identifier: 68:E5:CB:51:83:00:C3:5A:0E:1B:75:16:64:C1:0D:5E:DF:8E:CA:0C
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CBCF9C53F6D93D8FE243387BAD995
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/aOXLUYMAw1oOG3UWZMENXt-Oygw.roa
Signing time: Sun 01 Jan 2023 08:04:55 +0000
ROA not before: Sun 01 Jan 2023 08:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397235
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:bc:f9:c5:3f:6d:93:d8:fe:24:33:87:ba:d9:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68e5cb518300c35a0e1b751664c10d5edf8eca0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a3:b1:26:5c:a3:e0:eb:a9:29:d4:cc:5c:f2:
17:07:a2:83:71:60:11:1e:b8:39:18:10:1f:45:a5:
f8:b3:ad:d4:40:91:cc:aa:b5:14:2b:2f:5e:5c:78:
c2:3c:ec:85:25:3f:6f:0c:8a:75:31:31:8a:67:77:
1d:52:0a:24:02:7a:62:f4:b1:e7:12:ff:64:b5:b8:
ec:6b:75:41:b5:e1:eb:54:b6:d0:6f:2b:69:1a:25:
7b:92:bd:d4:c3:7d:dc:3f:1f:2e:02:10:37:30:95:
14:ae:6b:52:0a:48:0f:d6:bc:5b:c7:e5:8e:b2:a8:
37:64:38:59:01:b3:a9:52:ae:8f:31:e9:fe:35:4e:
06:fe:70:d2:6e:14:7e:c6:6e:2a:9a:1a:a7:73:69:
e3:c4:3f:2a:f0:ed:3a:c6:f9:4d:10:9c:bf:69:35:
29:66:bf:5c:f5:38:fe:65:30:82:80:77:c2:3a:78:
b8:84:93:9c:f5:cc:13:61:a0:84:b8:6c:d3:b6:05:
c6:83:9a:a7:8a:b0:0b:1a:c3:1b:7a:51:88:c2:83:
33:4a:20:5d:4d:4c:95:29:7c:ec:25:83:d8:e9:9a:
15:2e:73:ab:bc:8c:88:3a:58:50:5b:6e:77:91:10:
20:2f:14:6a:0b:ea:3b:23:7b:75:54:ed:c4:b7:5a:
2f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E5:CB:51:83:00:C3:5A:0E:1B:75:16:64:C1:0D:5E:DF:8E:CA:0C
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/aOXLUYMAw1oOG3UWZMENXt-Oygw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:79:75:1d:fe:f6:40:64:7e:05:24:2b:59:8b:2e:c0:e0:c4:
20:70:36:ea:a6:10:9f:1d:08:2a:27:29:94:57:b9:17:d1:07:
89:c3:dc:c7:66:1c:01:a3:96:96:69:12:c4:e4:f3:58:2a:26:
2f:d0:24:c8:4e:f2:03:ac:93:ea:6a:f8:11:ca:bc:69:a7:c4:
ab:ab:a7:f2:35:41:cd:17:64:5a:11:4a:44:09:42:51:96:13:
68:bd:6e:b2:64:9d:69:b1:f8:df:35:d1:be:8f:78:84:0e:0f:
f7:eb:88:e4:f5:c8:54:27:35:61:38:4f:61:42:2f:64:7f:37:
1a:9a:cf:bd:22:83:48:e1:11:ed:30:50:5c:02:84:cc:83:c3:
a0:83:68:d2:87:c1:21:ae:8f:fe:e3:35:ab:91:44:df:c4:85:
95:0a:94:53:3a:11:f1:58:d0:fc:c0:aa:a2:37:e3:36:80:04:
aa:d9:da:42:a5:bf:26:4d:ff:b8:a0:7d:36:91:e9:1d:d8:02:
c0:47:1e:fe:f2:94:25:35:1a:ba:18:07:0a:88:9b:f9:44:47:
ec:12:df:c7:f3:66:ae:2f:e2:55:b8:fe:b5:d5:ad:47:28:4d:
bc:19:51:2c:23:93:b0:a1:3e:db:2d:59:23:e7:ab:7b:f0:6b:
6a:cc:e7:0a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLz5xT9tk9j+JDOHutmVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGU1Y2I1MTgzMDBjMzVhMGUxYjc1MTY2NGMxMGQ1ZWRmOGVjYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKOxJlyj4OupKdTMXPIXB6KDcWAR
Hrg5GBAfRaX4s63UQJHMqrUUKy9eXHjCPOyFJT9vDIp1MTGKZ3cdUgokAnpi9LHn
Ev9ktbjsa3VBteHrVLbQbytpGiV7kr3Uw33cPx8uAhA3MJUUrmtSCkgP1rxbx+WO
sqg3ZDhZAbOpUq6PMen+NU4G/nDSbhR+xm4qmhqnc2njxD8q8O06xvlNEJy/aTUp
Zr9c9Tj+ZTCCgHfCOni4hJOc9cwTYaCEuGzTtgXGg5qnirALGsMbelGIwoMzSiBd
TUyVKXzsJYPY6ZoVLnOrvIyIOlhQW253kRAgLxRqC+o7I3t1VO3Et1ovVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGjly1GDAMNaDht1FmTBDV7fjsoMMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvYU9YTFVZTUF3MW9PRzNVV1pNRU5YdC1PeWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQB8eXUd/vZAZH4FJCtZ
iy7A4MQgcDbqphCfHQgqJymUV7kX0QeJw9zHZhwBo5aWaRLE5PNYKiYv0CTITvID
rJPqavgRyrxpp8Srq6fyNUHNF2RaEUpECUJRlhNovW6yZJ1psfjfNdG+j3iEDg/3
64jk9chUJzVhOE9hQi9kfzcams+9IoNI4RHtMFBcAoTMg8Ogg2jSh8Ehro/+4zWr
kUTfxIWVCpRTOhHxWND8wKqiN+M2gASq2dpCpb8mTf+4oH02kekd2ALARx7+8pQl
NRq6GAcKiJv5REfsEt/H82auL+JVuP611a1HKE28GVEsI5OwoT7bLVkj56t78Gtq
zOcK
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org