Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/iNVTRiQt4huQ4IhoMol2wFgA0dA.roa
File: iNVTRiQt4huQ4IhoMol2wFgA0dA.roa (raw, json)
Hash identifier: ecd1GeVex489ty0VXpFk5gRum4ZlEHO9pEIoVq7hjq8=
Subject key identifier: 88:D5:53:46:24:2D:E2:1B:90:E0:88:68:32:89:76:C0:58:00:D1:D0
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB6F174CBDBFFC465FBBD6FB9DAF9
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/iNVTRiQt4huQ4IhoMol2wFgA0dA.roa
Signing time: Sun 01 Jan 2023 08:04:53 +0000
ROA not before: Sun 01 Jan 2023 08:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397225
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b6:f1:74:cb:db:ff:c4:65:fb:bd:6f:b9:da:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88d55346242de21b90e08868328976c05800d1d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d3:73:41:f9:57:51:fc:d5:27:3f:12:58:1a:
7c:a8:d9:d3:dd:3f:87:7f:4c:df:bb:9a:35:4d:c6:
b4:2b:e2:94:6d:bf:7e:df:b4:24:9c:7b:08:39:95:
d2:fc:f9:b6:31:ff:53:6c:ae:66:64:c1:2a:11:6c:
ab:6a:7f:48:0c:16:3c:f9:c1:dc:da:97:8e:22:2f:
be:bd:98:d1:24:c3:a1:6b:15:29:12:93:7f:99:ff:
c0:1e:12:03:ee:bf:85:41:69:35:3d:0d:b8:b6:32:
85:5f:49:6a:1b:07:dc:5a:69:2e:a3:cc:70:30:3f:
84:76:cf:5e:be:e2:b9:ae:30:f6:0f:bf:4b:5f:4c:
de:52:ae:7c:1b:c5:e8:91:c5:6f:0b:d1:f7:7a:53:
a1:ca:e7:dd:c5:35:7f:9a:f9:36:34:6c:3e:84:61:
66:91:b6:87:69:d3:c6:c2:98:88:e2:d2:47:58:2b:
6b:ce:89:4c:91:46:67:09:71:3a:6b:40:9c:b8:c1:
88:05:d2:93:d2:1c:1b:76:21:22:2a:c0:a3:23:ad:
4c:b0:0e:0f:5e:e7:77:dc:73:3c:51:63:e9:1f:45:
56:b4:6a:5c:e1:41:f2:1c:fa:ef:c0:61:c6:fb:20:
7f:b2:6d:99:28:ae:b7:3d:58:65:0c:36:94:20:b4:
70:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D5:53:46:24:2D:E2:1B:90:E0:88:68:32:89:76:C0:58:00:D1:D0
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/iNVTRiQt4huQ4IhoMol2wFgA0dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:43:85:3d:ee:a5:57:a6:4f:48:53:1f:96:ea:2f:00:72:d3:
2d:e1:99:1d:8f:07:90:47:e8:f0:dc:48:38:74:49:0e:a8:7d:
7b:93:90:9d:b1:ae:b8:ad:c2:1a:11:53:89:ec:85:d3:a5:2e:
f8:77:10:19:ef:78:f8:a8:7b:31:1e:33:0b:84:62:a9:ab:92:
5c:64:5d:09:bf:c9:bb:0f:df:f0:52:ea:83:6d:ef:8a:3f:3d:
e1:02:68:64:b7:9c:f8:55:2d:0c:03:c2:88:b1:8d:3a:b1:57:
1b:30:a9:98:0d:e0:14:a4:87:02:69:bc:2a:9b:23:5f:6c:73:
ef:be:c1:d6:c7:41:47:f4:ee:68:95:ba:fd:b0:12:05:29:1d:
88:6c:f1:29:f6:e2:39:b1:b3:df:03:ee:7f:15:93:ec:49:52:
f4:00:28:dd:73:6b:18:fc:42:f8:2b:3f:82:fd:14:db:66:3f:
74:64:03:38:53:57:3e:a4:bf:51:ab:67:00:42:e7:9c:34:95:
29:42:41:f5:a7:98:43:e0:6d:7b:fd:eb:b1:9f:b2:c4:32:db:
6d:aa:ec:58:d2:ab:eb:d1:54:bf:74:ef:4c:cc:83:51:21:3d:
09:c9:2e:6d:b6:90:46:ea:72:2d:1f:0a:b0:ea:23:51:98:2b:
c4:6f:ed:67
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLbxdMvb/8Rl+71vudr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQ1NTM0NjI0MmRlMjFiOTBlMDg4NjgzMjg5NzZjMDU4MDBkMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9NzQflXUfzVJz8SWBp8qNnT3T+H
f0zfu5o1Tca0K+KUbb9+37QknHsIOZXS/Pm2Mf9TbK5mZMEqEWyran9IDBY8+cHc
2peOIi++vZjRJMOhaxUpEpN/mf/AHhID7r+FQWk1PQ24tjKFX0lqGwfcWmkuo8xw
MD+Eds9evuK5rjD2D79LX0zeUq58G8XokcVvC9H3elOhyufdxTV/mvk2NGw+hGFm
kbaHadPGwpiI4tJHWCtrzolMkUZnCXE6a0CcuMGIBdKT0hwbdiEiKsCjI61MsA4P
Xud33HM8UWPpH0VWtGpc4UHyHPrvwGHG+yB/sm2ZKK63PVhlDDaUILRwUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIjVU0YkLeIbkOCIaDKJdsBYANHQMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvaU5WVFJpUXQ0aHVRNElob01vbDJ3RmdBMGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAcQ4U97qVXpk9IUx+W
6i8ActMt4ZkdjweQR+jw3Eg4dEkOqH17k5Cdsa64rcIaEVOJ7IXTpS74dxAZ73j4
qHsxHjMLhGKpq5JcZF0Jv8m7D9/wUuqDbe+KPz3hAmhkt5z4VS0MA8KIsY06sVcb
MKmYDeAUpIcCabwqmyNfbHPvvsHWx0FH9O5olbr9sBIFKR2IbPEp9uI5sbPfA+5/
FZPsSVL0ACjdc2sY/EL4Kz+C/RTbZj90ZAM4U1c+pL9Rq2cAQuecNJUpQkH1p5hD
4G17/euxn7LEMtttquxY0qvr0VS/dO9MzINRIT0JyS5ttpBG6nItHwqw6iNRmCvE
b+1n
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:06 2024 by rpki-client on console-fra.rpki-client.org