Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/dq9Dv3vdiN0hN-xixt4qRBpA07g.roa
File: dq9Dv3vdiN0hN-xixt4qRBpA07g.roa (raw, json)
Hash identifier: umfa7SGH3CgYDmDlcP0sp6LMIMAPgYqalwBUfs/iDus=
Subject key identifier: 76:AF:43:BF:7B:DD:88:DD:21:37:EC:62:C6:DE:2A:44:1A:40:D3:B8
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB86E8161564754DF16EB14FE6942
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/dq9Dv3vdiN0hN-xixt4qRBpA07g.roa
Signing time: Sun 01 Jan 2023 08:04:53 +0000
ROA not before: Sun 01 Jan 2023 08:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397228
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b8:6e:81:61:56:47:54:df:16:eb:14:fe:69:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76af43bf7bdd88dd2137ec62c6de2a441a40d3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:58:28:8f:52:23:7a:d4:04:8d:c2:11:8b:ac:
6d:3a:e7:a9:26:f7:17:5d:fd:a8:00:b3:64:d3:5e:
6f:f2:53:a6:96:05:6b:b2:9a:4b:5b:8c:ac:8a:9a:
31:85:4b:82:97:0a:b1:71:58:89:9b:15:eb:fc:ab:
cb:3b:fc:fc:38:4e:dc:fc:86:b7:88:a9:9d:6e:7e:
3c:59:ba:61:8e:22:46:ec:73:2d:33:6d:2a:b4:f7:
5d:59:19:69:81:6f:c7:4c:4b:0f:ef:e1:d6:65:61:
b9:b5:25:14:89:1f:04:22:69:2b:26:4b:26:a0:75:
2e:72:a1:72:e6:b7:67:32:0c:d8:72:9c:82:03:ad:
f1:c5:3f:55:f1:3d:af:f4:e1:de:2d:2f:cf:04:47:
41:34:fd:2d:29:e8:d9:dd:49:0b:a2:f9:44:20:cf:
86:16:93:b9:6c:41:6d:71:ba:16:6e:fb:f3:ab:06:
44:9c:0a:d1:a8:bb:a9:56:9c:71:e5:ea:7f:47:63:
9e:16:42:bd:2d:14:d5:c2:f1:eb:03:27:71:e5:28:
1d:83:a5:b8:88:e1:7c:2c:f2:e3:2f:55:12:c8:93:
68:79:17:00:91:a0:e6:74:d6:fb:7b:00:38:ad:9c:
d0:31:23:f4:04:6f:a4:6d:ca:95:13:a5:50:76:39:
13:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:AF:43:BF:7B:DD:88:DD:21:37:EC:62:C6:DE:2A:44:1A:40:D3:B8
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/dq9Dv3vdiN0hN-xixt4qRBpA07g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:e3:c9:f5:de:06:67:97:27:c6:e2:8b:52:ee:0d:60:09:b9:
66:30:a2:44:25:e8:13:56:29:6d:b2:f3:53:9c:fe:db:02:64:
c7:7e:28:98:45:da:14:67:08:61:b7:45:c8:77:82:56:9d:ab:
3e:25:eb:01:16:51:e0:ac:3d:e8:8a:9a:fb:4b:85:2f:8f:60:
d4:1a:db:5e:b5:0f:80:6a:58:f3:c8:f5:16:fe:bc:3d:f9:7a:
e2:04:89:9a:22:c1:96:67:dd:fd:12:70:38:b2:87:90:ef:34:
6c:c3:41:ea:3c:18:48:ad:25:1c:c6:69:47:22:b3:54:95:5f:
af:13:cc:81:7a:f9:23:89:7f:3b:49:de:65:a6:ac:75:68:f6:
f3:d3:74:22:e1:ec:49:28:3f:a9:9a:22:a5:57:dd:e3:76:55:
6b:77:dd:81:e5:2f:64:ec:1a:db:a3:cd:fd:a7:bc:3d:9a:7f:
4d:d4:49:9f:11:b3:f7:3d:e4:5d:c5:ef:df:23:f7:31:0b:10:
5b:3d:18:04:87:17:a0:08:1e:2e:e1:f7:c3:f1:e1:77:ee:16:
24:89:c0:a1:df:3e:08:34:37:67:32:65:be:1d:b8:9c:f3:3f:
be:2a:08:2d:a3:e9:53:ae:e9:9f:0f:a1:e0:01:f6:51:d9:1e:
83:bb:13:e7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLhugWFWR1TfFusU/mlCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmFmNDNiZjdiZGQ4OGRkMjEzN2VjNjJjNmRlMmE0NDFhNDBkM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplgoj1IjetQEjcIRi6xtOuepJvcX
Xf2oALNk015v8lOmlgVrsppLW4ysipoxhUuClwqxcViJmxXr/KvLO/z8OE7c/Ia3
iKmdbn48WbphjiJG7HMtM20qtPddWRlpgW/HTEsP7+HWZWG5tSUUiR8EImkrJksm
oHUucqFy5rdnMgzYcpyCA63xxT9V8T2v9OHeLS/PBEdBNP0tKejZ3UkLovlEIM+G
FpO5bEFtcboWbvvzqwZEnArRqLupVpxx5ep/R2OeFkK9LRTVwvHrAydx5Sgdg6W4
iOF8LPLjL1USyJNoeRcAkaDmdNb7ewA4rZzQMSP0BG+kbcqVE6VQdjkT7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHavQ7973YjdITfsYsbeKkQaQNO4MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvZHE5RHYzdmRpTjBoTi14aXh0NHFSQnBBMDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBf48n13gZnlyfG4otS
7g1gCblmMKJEJegTViltsvNTnP7bAmTHfiiYRdoUZwhht0XId4JWnas+JesBFlHg
rD3oipr7S4Uvj2DUGttetQ+AaljzyPUW/rw9+XriBImaIsGWZ939EnA4soeQ7zRs
w0HqPBhIrSUcxmlHIrNUlV+vE8yBevkjiX87Sd5lpqx1aPbz03Qi4exJKD+pmiKl
V93jdlVrd92B5S9k7Brbo839p7w9mn9N1EmfEbP3PeRdxe/fI/cxCxBbPRgEhxeg
CB4u4ffD8eF37hYkicCh3z4INDdnMmW+Hbic8z++Kggto+lTrumfD6HgAfZR2R6D
uxPn
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:06 2024 by rpki-client on console-fra.rpki-client.org