Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/iaZUix75o3z4D6I8ZBYDAIGRTOY.roa
File: iaZUix75o3z4D6I8ZBYDAIGRTOY.roa (raw, json)
Hash identifier: VesWOJXU96sx6ihJ1mEubrFB1kGJU1bJU4HJGt7tekg=
Subject key identifier: 89:A6:54:8B:1E:F9:A3:7C:F8:0F:A2:3C:64:16:03:00:81:91:4C:E6
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB12140CEA5C91CB62157EA41F12F
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/iaZUix75o3z4D6I8ZBYDAIGRTOY.roa
Signing time: Sun 01 Jan 2023 08:04:52 +0000
ROA not before: Sun 01 Jan 2023 08:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397218
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b1:21:40:ce:a5:c9:1c:b6:21:57:ea:41:f1:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89a6548b1ef9a37cf80fa23c6416030081914ce6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:04:e9:44:78:b5:8d:c7:db:0d:8a:3a:73:dd:
e9:fa:82:20:f3:06:3c:df:5d:3a:c8:9b:af:d3:7b:
12:60:51:d6:0d:45:3d:f3:11:61:00:ca:e1:55:b2:
93:cd:46:a5:d3:20:f1:7d:42:74:c3:a5:23:bc:15:
12:74:6f:47:d5:77:46:5a:8d:5d:3d:96:9f:d6:e7:
4b:98:bf:0a:a8:82:0e:59:a5:df:5c:6f:1c:05:d9:
93:ab:3b:bd:8b:b7:16:2f:c5:a8:e5:9a:7f:a2:46:
03:98:dc:93:39:a8:7f:c1:49:6d:d2:c1:5b:24:e2:
da:b3:c0:40:03:c7:cf:c3:4c:d3:5e:d8:50:66:95:
96:6d:12:58:77:d0:ec:05:4e:fb:7d:39:d6:02:92:
54:b2:7f:d0:0c:0c:2a:7a:29:4b:5c:bc:fc:be:62:
c7:2f:2b:17:e1:5f:7e:92:e1:33:88:97:04:a5:35:
93:c8:ee:9f:16:68:82:c6:7f:17:96:90:7c:7d:c0:
d0:2e:58:b2:a4:8c:bf:56:48:e4:3c:77:de:72:ff:
3d:b6:a8:4d:22:64:80:46:6d:ab:ab:35:e1:1e:23:
1b:80:a5:3e:09:96:1e:65:d2:bc:29:d2:a2:3d:e5:
8a:92:79:28:e9:df:83:e9:2d:bd:bc:71:b8:73:1c:
3f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A6:54:8B:1E:F9:A3:7C:F8:0F:A2:3C:64:16:03:00:81:91:4C:E6
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/iaZUix75o3z4D6I8ZBYDAIGRTOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:75:02:5d:2c:60:7a:fe:b1:a5:be:1d:a2:16:5e:6d:6e:c9:
11:41:c4:66:4d:b5:1e:58:5d:6b:be:ed:a7:d8:ce:5a:fc:2c:
d0:96:cf:b6:52:d0:fa:b1:d0:d4:f0:78:7f:97:15:06:f1:83:
de:19:d5:55:1f:9e:10:51:e4:5d:d4:9c:5d:f8:9c:c8:ec:55:
83:e1:55:0d:50:00:a1:33:8e:8c:12:8c:b9:9f:86:a8:e2:b7:
44:94:5a:f6:41:0f:3e:fc:9c:07:e7:b4:6b:9d:e5:d5:3c:6b:
21:02:59:8f:dd:d6:69:9f:11:4c:2e:d4:ee:85:e2:14:87:fe:
81:ec:11:c0:0b:b1:a7:60:e7:ba:8a:60:06:73:79:32:7d:27:
a2:37:dc:89:78:0f:f4:ca:91:94:89:49:8f:1f:a0:b0:b3:f0:
a8:56:52:74:63:67:5a:b9:dc:5a:d3:8c:36:1a:70:4f:d2:05:
26:ce:a2:f4:7c:1b:11:f8:f4:56:ce:e5:2d:55:71:c0:03:99:
09:e2:7a:e2:30:32:f6:bc:00:00:f5:51:ce:f7:66:bb:9c:07:
d4:e1:db:f3:30:b0:14:3f:03:45:21:b0:8f:23:6d:87:c5:07:
96:d5:57:47:0a:aa:64:65:fa:0f:ad:4c:4e:68:73:70:12:15:
7e:ab:88:bb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLEhQM6lyRy2IVfqQfEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE2NTQ4YjFlZjlhMzdjZjgwZmEyM2M2NDE2MDMwMDgxOTE0Y2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wTpRHi1jcfbDYo6c93p+oIg8wY8
3106yJuv03sSYFHWDUU98xFhAMrhVbKTzUal0yDxfUJ0w6UjvBUSdG9H1XdGWo1d
PZaf1udLmL8KqIIOWaXfXG8cBdmTqzu9i7cWL8Wo5Zp/okYDmNyTOah/wUlt0sFb
JOLas8BAA8fPw0zTXthQZpWWbRJYd9DsBU77fTnWApJUsn/QDAwqeilLXLz8vmLH
LysX4V9+kuEziJcEpTWTyO6fFmiCxn8XlpB8fcDQLliypIy/VkjkPHfecv89tqhN
ImSARm2rqzXhHiMbgKU+CZYeZdK8KdKiPeWKknko6d+D6S29vHG4cxw/0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFImmVIse+aN8+A+iPGQWAwCBkUzmMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvaWFaVWl4NzVvM3o0RDZJOFpCWURBSUdSVE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAtdQJdLGB6/rGlvh2i
Fl5tbskRQcRmTbUeWF1rvu2n2M5a/CzQls+2UtD6sdDU8Hh/lxUG8YPeGdVVH54Q
UeRd1Jxd+JzI7FWD4VUNUAChM46MEoy5n4ao4rdElFr2QQ8+/JwH57RrneXVPGsh
AlmP3dZpnxFMLtTuheIUh/6B7BHAC7GnYOe6imAGc3kyfSeiN9yJeA/0ypGUiUmP
H6Cws/CoVlJ0Y2daudxa04w2GnBP0gUmzqL0fBsR+PRWzuUtVXHAA5kJ4nriMDL2
vAAA9VHO92a7nAfU4dvzMLAUPwNFIbCPI22HxQeW1VdHCqpkZfoPrUxOaHNwEhV+
q4i7
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:06 2024 by rpki-client on console-fra.rpki-client.org