Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/dcZClXAyeHo0bKWA53H6b65o3r8.roa
File: dcZClXAyeHo0bKWA53H6b65o3r8.roa (raw, json)
Hash identifier: mGbv/tE7Ds216CjvhumDvqlhLbt5YIfEcxJd4+TOS3w=
Subject key identifier: 75:C6:42:95:70:32:78:7A:34:6C:A5:80:E7:71:FA:6F:AE:68:DE:BF
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB44FF74954F5EAE52285819282D1
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/dcZClXAyeHo0bKWA53H6b65o3r8.roa
Signing time: Sun 01 Jan 2023 08:04:52 +0000
ROA not before: Sun 01 Jan 2023 08:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397222
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b4:4f:f7:49:54:f5:ea:e5:22:85:81:92:82:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75c642957032787a346ca580e771fa6fae68debf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c6:a2:af:4d:b0:65:5d:0e:f1:f3:b2:79:21:
0b:a3:72:16:e5:3b:c2:a2:4d:b2:6f:9f:08:61:71:
90:19:5f:ab:11:c1:64:f7:1a:ab:28:8b:2a:9c:c5:
99:a6:78:9f:31:7a:c1:e0:95:40:9a:aa:3e:a7:28:
fb:b5:01:fd:9e:02:86:49:cd:b4:76:86:32:a3:e9:
92:e4:0b:4e:97:ff:5e:ff:28:71:86:0b:9d:2c:f1:
ce:e0:33:38:18:50:cb:29:ba:fd:3a:09:c7:41:6c:
41:66:51:14:6c:1e:67:1d:81:47:90:24:31:44:29:
24:06:fb:68:34:91:9a:74:4a:17:c0:75:a0:c5:cd:
04:51:a1:8d:10:c1:8e:cd:1f:9c:12:2e:c3:fc:e1:
21:33:2c:c2:ec:9e:25:97:b9:84:f1:20:ef:6b:89:
01:bf:b8:59:7a:8a:2c:db:e7:5c:e5:b4:d2:25:95:
56:0d:db:40:01:c8:ba:d8:d1:3d:b1:f5:fa:0e:68:
47:e1:53:1b:b4:f5:88:fa:fa:92:ad:34:b7:f1:2c:
86:9b:79:03:7a:e9:1b:4e:33:10:4e:25:58:34:55:
5f:53:b7:21:7e:a0:66:dd:00:92:11:ea:28:e2:63:
cd:2e:06:48:f7:4a:82:9c:83:70:8d:8c:8f:d8:c7:
64:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C6:42:95:70:32:78:7A:34:6C:A5:80:E7:71:FA:6F:AE:68:DE:BF
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/dcZClXAyeHo0bKWA53H6b65o3r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
38:5e:02:af:b5:4e:ce:ed:92:0a:97:ba:05:1f:eb:ff:43:7d:
71:6f:5f:a5:7a:e0:57:e1:cb:d9:78:cc:d9:02:b5:d6:fc:6a:
c9:bf:c7:e7:d1:b0:4e:01:f3:1b:d3:cf:d7:d9:fa:4c:44:25:
02:0a:4b:a0:7b:3e:7d:76:62:0a:64:d1:14:a6:bd:04:e0:d9:
13:cf:f9:23:db:d6:70:eb:52:1a:44:4b:19:45:47:9f:90:4b:
f4:eb:22:2f:e4:e3:13:05:6b:9e:db:80:c8:c4:66:d1:8b:b0:
de:3d:3e:da:d9:d8:4c:d5:e8:17:c3:71:10:9d:59:96:72:a2:
e5:eb:bc:f5:bb:ae:c2:a1:2d:e5:c8:02:d7:bc:b1:cd:4a:81:
7d:be:bb:f5:52:7d:b5:43:ff:34:84:55:b2:7f:21:87:d3:a4:
b2:cd:ba:a4:22:fc:46:70:c9:6d:9f:17:f5:78:98:18:40:2b:
88:cb:6a:39:3e:b1:4a:06:a1:8a:ed:49:5b:2d:08:54:10:5c:
a1:e9:02:e1:10:73:60:2f:7c:64:e5:81:de:05:f0:e4:7c:aa:
e8:8b:49:f4:3d:b7:34:5d:b2:18:66:e0:fe:ac:eb:6b:e3:1b:
86:4e:86:d7:58:e8:9a:00:06:1f:78:37:c4:93:ba:45:e0:a7:
09:2c:90:d1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLRP90lU9erlIoWBkoLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWM2NDI5NTcwMzI3ODdhMzQ2Y2E1ODBlNzcxZmE2ZmFlNjhkZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcair02wZV0O8fOyeSELo3IW5TvC
ok2yb58IYXGQGV+rEcFk9xqrKIsqnMWZpnifMXrB4JVAmqo+pyj7tQH9ngKGSc20
doYyo+mS5AtOl/9e/yhxhgudLPHO4DM4GFDLKbr9OgnHQWxBZlEUbB5nHYFHkCQx
RCkkBvtoNJGadEoXwHWgxc0EUaGNEMGOzR+cEi7D/OEhMyzC7J4ll7mE8SDva4kB
v7hZeoos2+dc5bTSJZVWDdtAAci62NE9sfX6DmhH4VMbtPWI+vqSrTS38SyGm3kD
eukbTjMQTiVYNFVfU7chfqBm3QCSEeoo4mPNLgZI90qCnINwjYyP2MdkPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHXGQpVwMnh6NGylgOdx+m+uaN6/MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvZGNaQ2xYQXllSG8wYktXQTUzSDZiNjVvM3I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQA4XgKvtU7O7ZIKl7oF
H+v/Q31xb1+leuBX4cvZeMzZArXW/GrJv8fn0bBOAfMb08/X2fpMRCUCCkugez59
dmIKZNEUpr0E4NkTz/kj29Zw61IaREsZRUefkEv06yIv5OMTBWue24DIxGbRi7De
PT7a2dhM1egXw3EQnVmWcqLl67z1u67CoS3lyALXvLHNSoF9vrv1Un21Q/80hFWy
fyGH06SyzbqkIvxGcMltnxf1eJgYQCuIy2o5PrFKBqGK7UlbLQhUEFyh6QLhEHNg
L3xk5YHeBfDkfKroi0n0Pbc0XbIYZuD+rOtr4xuGTobXWOiaAAYfeDfEk7pF4KcJ
LJDR
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org