Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/mSaDAAZMUk5l8nR-xmbvE1XHN38.roa
File: mSaDAAZMUk5l8nR-xmbvE1XHN38.roa (raw, json)
Hash identifier: jr8VSLwuHvnmqO6e9OMmOCtmq5zW1K3BMfD/d0HNUS8=
Subject key identifier: 99:26:83:00:06:4C:52:4E:65:F2:74:7E:C6:66:EF:13:55:C7:37:7F
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CBF465862481FB624ED51DB1483F6
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/mSaDAAZMUk5l8nR-xmbvE1XHN38.roa
Signing time: Sun 01 Jan 2023 08:04:55 +0000
ROA not before: Sun 01 Jan 2023 08:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397240
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:bf:46:58:62:48:1f:b6:24:ed:51:db:14:83:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99268300064c524e65f2747ec666ef1355c7377f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f7:8f:e2:3b:2b:e1:81:50:ad:67:04:a8:ab:
38:d8:23:77:4b:18:b6:2e:63:54:e1:0e:d4:48:f6:
fd:c0:84:21:f6:51:62:29:62:aa:31:6f:6d:62:5f:
2d:c5:a0:43:72:cb:28:35:d2:8c:ff:49:5d:2c:c4:
e2:86:72:6a:64:75:21:9c:b4:10:20:59:70:8c:f1:
6b:8a:61:61:b4:8d:e6:3b:9f:c6:e2:5b:15:ba:56:
92:85:44:74:94:85:41:f4:a8:ec:5b:70:70:b6:74:
ac:3b:cd:ce:54:07:f1:63:90:27:e4:3b:8b:9c:07:
c6:0c:2d:60:51:69:63:9c:87:f2:ab:6e:a3:f5:61:
06:a3:81:91:a2:92:7a:a6:cc:cb:b1:05:d7:54:6a:
de:7c:5b:68:ee:3d:cd:41:43:89:d6:f1:66:2b:c8:
a3:4a:95:3d:2b:2f:77:fc:62:56:c3:e9:6c:dd:82:
57:29:29:01:9e:1b:ff:8b:0f:46:c0:75:a0:32:25:
1f:0f:ec:3f:de:57:dd:90:a8:9a:cb:f8:33:e6:a3:
26:21:57:49:a1:db:bf:68:e6:84:0c:15:60:ef:8b:
0e:e9:3a:fd:ec:93:80:8d:cd:4a:85:10:85:6f:7d:
93:be:25:a1:2f:1d:57:ae:9c:4f:29:f9:e5:c8:4f:
c9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:26:83:00:06:4C:52:4E:65:F2:74:7E:C6:66:EF:13:55:C7:37:7F
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/mSaDAAZMUk5l8nR-xmbvE1XHN38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
76:0c:24:42:ef:f5:64:aa:92:58:6e:5f:e9:ef:aa:a1:49:69:
88:ed:1c:32:a2:b3:9f:28:d7:fb:b5:2f:59:2a:06:66:7a:0c:
fc:f8:6a:0d:f1:6a:ac:48:02:5b:6d:75:26:7e:46:b7:9b:1c:
54:29:0b:7e:b4:1c:7b:e7:73:4c:cc:b1:a9:a8:4c:96:62:95:
1d:db:95:5c:69:f4:6e:6e:85:bd:66:f5:bd:ff:9a:e6:32:3e:
24:0a:b4:ab:2a:22:54:f4:12:0d:0a:9d:52:e8:75:4c:a8:ef:
3e:7c:44:f7:7b:63:64:5e:f0:a4:15:e0:74:40:a6:de:c0:f0:
3e:98:0e:9d:05:77:82:72:09:50:db:95:e9:ce:14:44:8d:2c:
80:89:41:9f:0f:af:2f:d4:64:17:40:d2:f8:5f:ba:65:14:e2:
d5:1b:02:f3:3d:9b:41:91:af:7c:19:55:78:ef:be:85:36:d8:
5e:cc:18:75:1a:69:9c:82:41:32:4e:68:b5:b3:01:80:c9:7a:
15:60:ff:11:64:a9:5d:8b:af:20:03:50:72:97:3a:05:1a:d8:
f9:b1:ee:4b:0f:e6:4a:dd:c4:9f:b8:77:92:01:71:56:a9:42:
5b:6c:be:7a:ad:94:d9:d6:e4:d4:20:67:d9:27:24:97:4b:d5:
0a:32:4f:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXL9GWGJIH7Yk7VHbFIP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTI2ODMwMDA2NGM1MjRlNjVmMjc0N2VjNjY2ZWYxMzU1YzczNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9PeP4jsr4YFQrWcEqKs42CN3Sxi2
LmNU4Q7USPb9wIQh9lFiKWKqMW9tYl8txaBDcssoNdKM/0ldLMTihnJqZHUhnLQQ
IFlwjPFrimFhtI3mO5/G4lsVulaShUR0lIVB9KjsW3BwtnSsO83OVAfxY5An5DuL
nAfGDC1gUWljnIfyq26j9WEGo4GRopJ6pszLsQXXVGrefFto7j3NQUOJ1vFmK8ij
SpU9Ky93/GJWw+ls3YJXKSkBnhv/iw9GwHWgMiUfD+w/3lfdkKiay/gz5qMmIVdJ
odu/aOaEDBVg74sO6Tr97JOAjc1KhRCFb32TviWhLx1XrpxPKfnlyE/JpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJkmgwAGTFJOZfJ0fsZm7xNVxzd/MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvbVNhREFBWk1VazVsOG5SLXhtYnZFMVhITjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQB2DCRC7/VkqpJYbl/p
76qhSWmI7RwyorOfKNf7tS9ZKgZmegz8+GoN8WqsSAJbbXUmfka3mxxUKQt+tBx7
53NMzLGpqEyWYpUd25VcafRuboW9ZvW9/5rmMj4kCrSrKiJU9BINCp1S6HVMqO8+
fET3e2NkXvCkFeB0QKbewPA+mA6dBXeCcglQ25XpzhREjSyAiUGfD68v1GQXQNL4
X7plFOLVGwLzPZtBka98GVV4776FNthezBh1GmmcgkEyTmi1swGAyXoVYP8RZKld
i68gA1BylzoFGtj5se5LD+ZK3cSfuHeSAXFWqUJbbL56rZTZ1uTUIGfZJySXS9UK
Mk/V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:24 2024 by rpki-client on console-fra.rpki-client.org