Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/juVz6BrrZGxtBDi8-SM3MHgrsbk.roa
File: juVz6BrrZGxtBDi8-SM3MHgrsbk.roa (raw, json)
Hash identifier: k5SlIYNE7t0Dhuqf8nBTx3Zm3O9WL7ot+sWHi2+UzK8=
Subject key identifier: 8E:E5:73:E8:1A:EB:64:6C:6D:04:38:BC:F9:23:37:30:78:2B:B1:B9
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB7B6D7B9D8FB9F748528E32D516B
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/juVz6BrrZGxtBDi8-SM3MHgrsbk.roa
Signing time: Sun 01 Jan 2023 08:04:53 +0000
ROA not before: Sun 01 Jan 2023 08:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397227
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b7:b6:d7:b9:d8:fb:9f:74:85:28:e3:2d:51:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ee573e81aeb646c6d0438bcf9233730782bb1b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3d:c9:87:27:69:e7:c9:41:31:fd:f3:7a:fe:
a2:e9:42:31:59:dc:e7:cd:62:50:bf:5b:46:5e:29:
39:9d:89:6b:23:07:75:7b:e1:94:5f:d3:b7:2a:2f:
e7:3a:b5:1f:e3:56:1e:46:5e:c5:34:e6:cb:5d:e1:
78:91:19:ad:24:5a:e6:c6:82:ea:32:f4:22:16:fc:
4c:fd:31:01:22:8c:42:dd:20:b7:58:f3:67:87:da:
b8:86:78:2b:37:47:d9:2c:37:4f:61:65:16:e8:28:
d1:df:15:de:fc:c4:d9:11:ee:3f:c4:db:0c:02:7f:
de:1f:8f:91:60:9b:8a:ef:f3:1a:7a:1e:22:25:83:
a7:08:56:59:59:01:aa:f3:77:83:16:0e:7c:a7:59:
e0:27:b9:1b:dd:39:89:43:4d:dd:97:0e:44:0e:dc:
b3:47:56:0c:e1:2d:86:73:d0:3e:49:ee:44:46:5b:
2f:e4:d6:f2:8f:52:30:bc:b0:d9:dd:37:48:48:1b:
3f:eb:98:05:5d:54:67:5e:4b:fe:77:ab:14:9e:44:
e6:c8:b4:40:c3:52:47:12:e0:a9:68:20:a7:70:2f:
af:c6:56:35:3f:10:de:e3:74:04:d4:b3:cb:57:ca:
2b:d3:7a:16:17:1f:48:34:75:5f:5d:83:f2:5a:61:
ff:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E5:73:E8:1A:EB:64:6C:6D:04:38:BC:F9:23:37:30:78:2B:B1:B9
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/juVz6BrrZGxtBDi8-SM3MHgrsbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
02:5b:3b:66:21:76:3a:1f:05:33:77:70:35:49:e4:85:8e:4e:
d5:09:b7:d4:1d:6a:2c:7e:5a:01:97:f3:a3:e0:98:64:7e:48:
0b:d3:c1:5c:fd:02:da:77:53:4d:6b:cc:6b:93:95:5e:29:44:
d8:c1:fe:95:11:63:6c:20:1d:96:44:a0:9a:74:af:f7:4f:bf:
9a:46:87:d0:1d:1a:b2:18:f9:ad:83:72:fb:ce:ad:4d:40:e8:
15:50:11:68:6c:53:8c:5e:77:8c:5f:50:73:ab:9e:cf:0f:97:
2a:c4:19:8c:5b:f0:b2:ac:e9:e8:7b:b8:0d:4b:d2:35:cc:7d:
d1:42:41:13:fa:b6:85:e3:2d:8a:23:ab:aa:69:a0:28:b9:e8:
7f:8a:6b:ea:86:51:c0:e7:dc:75:31:41:69:c5:f4:ba:1e:41:
91:9e:9b:74:a0:0b:d5:01:84:bf:77:b5:ce:1b:f1:66:cc:d9:
24:d7:5c:38:bf:c6:86:9d:1a:1d:85:99:7d:be:20:16:e5:08:
2e:61:35:67:24:c1:fe:e3:4d:24:30:2c:ba:35:11:50:46:be:
4a:a7:b8:43:85:b6:9b:1c:fc:06:bc:54:b3:d9:f7:d2:8e:14:
c4:04:bd:74:3c:b9:c9:74:e9:b5:02:41:7a:97:44:93:2a:a8:
91:d1:9f:52
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLe217nY+590hSjjLVFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWU1NzNlODFhZWI2NDZjNmQwNDM4YmNmOTIzMzczMDc4MmJiMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj3Jhydp58lBMf3zev6i6UIxWdzn
zWJQv1tGXik5nYlrIwd1e+GUX9O3Ki/nOrUf41YeRl7FNObLXeF4kRmtJFrmxoLq
MvQiFvxM/TEBIoxC3SC3WPNnh9q4hngrN0fZLDdPYWUW6CjR3xXe/MTZEe4/xNsM
An/eH4+RYJuK7/Maeh4iJYOnCFZZWQGq83eDFg58p1ngJ7kb3TmJQ03dlw5EDtyz
R1YM4S2Gc9A+Se5ERlsv5Nbyj1IwvLDZ3TdISBs/65gFXVRnXkv+d6sUnkTmyLRA
w1JHEuCpaCCncC+vxlY1PxDe43QE1LPLV8or03oWFx9INHVfXYPyWmH/BQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI7lc+ga62RsbQQ4vPkjNzB4K7G5MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvanVWejZCcnJaR3h0QkRpOC1TTTNNSGdyc2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQACWztmIXY6HwUzd3A1
SeSFjk7VCbfUHWosfloBl/Oj4JhkfkgL08Fc/QLad1NNa8xrk5VeKUTYwf6VEWNs
IB2WRKCadK/3T7+aRofQHRqyGPmtg3L7zq1NQOgVUBFobFOMXneMX1Bzq57PD5cq
xBmMW/CyrOnoe7gNS9I1zH3RQkET+raF4y2KI6uqaaAoueh/imvqhlHA59x1MUFp
xfS6HkGRnpt0oAvVAYS/d7XOG/FmzNkk11w4v8aGnRodhZl9viAW5QguYTVnJMH+
400kMCy6NRFQRr5Kp7hDhbabHPwGvFSz2ffSjhTEBL10PLnJdOm1AkF6l0STKqiR
0Z9S
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org