Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ciC8u1v507pZflZD3Jk6nYcAxMU.roa
File: ciC8u1v507pZflZD3Jk6nYcAxMU.roa (raw, json)
Hash identifier: hlPgWy09SH4xgO58wHv2cJWBLkxoX0vyB3eAvqAD4CY=
Subject key identifier: 72:20:BC:BB:5B:F9:D3:BA:59:7E:56:43:DC:99:3A:9D:87:00:C4:C5
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CAF5711327E7CC4EEFA35A3AE48E8
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ciC8u1v507pZflZD3Jk6nYcAxMU.roa
Signing time: Sun 01 Jan 2023 08:04:51 +0000
ROA not before: Sun 01 Jan 2023 08:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:af:57:11:32:7e:7c:c4:ee:fa:35:a3:ae:48:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7220bcbb5bf9d3ba597e5643dc993a9d8700c4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c5:7a:87:a5:86:52:d8:70:db:64:78:e4:0c:
4c:f9:5b:40:db:e3:10:4e:50:47:b3:b8:2a:fe:66:
bf:c8:5f:fe:8b:06:bd:a4:a0:57:11:f7:18:c4:c1:
13:f7:b9:ea:35:16:db:f1:8e:65:60:3f:8e:19:d0:
03:77:82:22:01:ca:f0:f4:b4:d5:ba:8f:ea:16:51:
2e:6b:25:75:d0:8b:2c:20:ed:72:81:fc:6c:b8:80:
a3:8c:d2:52:f6:ef:20:a3:91:de:04:2e:15:ff:6a:
b1:ad:fa:17:f0:26:ed:0b:77:10:92:ff:04:f4:86:
c8:7a:91:14:f0:27:72:dd:83:cc:f6:51:2e:b1:e8:
ce:4f:83:7c:f7:96:f0:a9:6b:6c:60:75:4e:44:36:
f1:44:d3:bb:76:c2:77:5b:c6:80:77:88:03:16:65:
38:cf:ad:12:a9:d4:06:c2:6e:f8:16:52:17:51:27:
2a:fe:aa:fd:ed:8e:f2:e0:42:2a:08:13:c3:39:99:
b5:44:05:eb:93:3e:43:80:c4:9e:72:08:b4:84:5e:
5f:3f:c2:3b:a5:06:89:56:70:60:4f:da:31:cb:05:
83:e9:4d:69:98:5f:ce:a0:b2:eb:29:78:ab:d3:70:
6b:14:bd:43:28:6f:1e:69:fe:7c:f5:80:39:fa:a6:
83:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:20:BC:BB:5B:F9:D3:BA:59:7E:56:43:DC:99:3A:9D:87:00:C4:C5
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/ciC8u1v507pZflZD3Jk6nYcAxMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
23:3a:a9:01:28:57:ad:9a:e9:81:18:55:f5:31:e4:e7:75:8d:
55:7c:dd:6c:91:f9:66:e4:fc:b4:e1:3a:9d:e3:bb:56:9a:5b:
f0:6e:b1:fe:e2:df:4e:7c:d1:4a:43:ba:c4:49:33:50:ac:65:
62:ee:76:be:6e:15:8e:5e:19:39:0c:37:fe:3a:de:d2:5c:21:
69:73:b6:d2:d3:fd:8b:91:8c:f3:f9:34:7b:14:eb:0c:25:12:
53:55:2e:c1:dd:b5:c5:d3:8f:1e:b4:e1:dd:7d:a0:c4:4d:a4:
14:e8:04:49:25:1d:0b:e7:94:c9:47:7a:e5:f4:c7:23:46:a7:
9c:c1:68:e2:78:09:cb:45:26:cf:c0:98:80:70:72:77:55:75:
dd:1f:f4:49:44:e9:64:2b:59:cd:23:fa:b5:52:ba:73:59:e6:
3e:27:d7:6f:77:a1:ec:09:33:65:a2:c6:c1:98:e3:f5:9b:e5:
aa:45:67:55:02:4f:36:ed:4b:f2:dd:65:59:e9:89:b6:ad:b3:
56:29:0a:5c:2e:fa:72:8d:0f:75:60:d6:33:71:91:4d:5f:6c:
3e:2e:3d:8b:97:38:3a:b9:5b:4e:f6:df:e6:5b:71:58:b2:29:
5b:4e:2a:77:4d:7e:95:79:b4:ad:9f:0d:8e:37:7f:90:66:e8:
a4:61:17:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXK9XETJ+fMTu+jWjrkjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjIwYmNiYjViZjlkM2JhNTk3ZTU2NDNkYzk5M2E5ZDg3MDBjNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncV6h6WGUthw22R45AxM+VtA2+MQ
TlBHs7gq/ma/yF/+iwa9pKBXEfcYxMET97nqNRbb8Y5lYD+OGdADd4IiAcrw9LTV
uo/qFlEuayV10IssIO1ygfxsuICjjNJS9u8go5HeBC4V/2qxrfoX8CbtC3cQkv8E
9IbIepEU8Cdy3YPM9lEusejOT4N895bwqWtsYHVORDbxRNO7dsJ3W8aAd4gDFmU4
z60SqdQGwm74FlIXUScq/qr97Y7y4EIqCBPDOZm1RAXrkz5DgMSecgi0hF5fP8I7
pQaJVnBgT9oxywWD6U1pmF/OoLLrKXir03BrFL1DKG8eaf589YA5+qaDsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHIgvLtb+dO6WX5WQ9yZOp2HAMTFMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvY2lDOHUxdjUwN3BaZmxaRDNKazZuWWNBeE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAjOqkBKFetmumBGFX1
MeTndY1VfN1skflm5Py04Tqd47tWmlvwbrH+4t9OfNFKQ7rESTNQrGVi7na+bhWO
Xhk5DDf+Ot7SXCFpc7bS0/2LkYzz+TR7FOsMJRJTVS7B3bXF048etOHdfaDETaQU
6ARJJR0L55TJR3rl9McjRqecwWjieAnLRSbPwJiAcHJ3VXXdH/RJROlkK1nNI/q1
UrpzWeY+J9dvd6HsCTNlosbBmOP1m+WqRWdVAk827Uvy3WVZ6Ym2rbNWKQpcLvpy
jQ91YNYzcZFNX2w+Lj2Llzg6uVtO9t/mW3FYsilbTip3TX6VebStnw2ON3+QZuik
YRfy
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org