Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pPEKzJOVCOmZmyvjyLTwIi1Cwfs.roa
File: pPEKzJOVCOmZmyvjyLTwIi1Cwfs.roa (raw, json)
Hash identifier: dHXtgq7QuNy7qO61LGtarQk4VxZPFag2cTyguhOzrWA=
Subject key identifier: A4:F1:0A:CC:93:95:08:E9:99:9B:2B:E3:C8:B4:F0:22:2D:42:C1:FB
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CB281F8DFC8E6BFC8078D7C571E89
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pPEKzJOVCOmZmyvjyLTwIi1Cwfs.roa
Signing time: Sun 01 Jan 2023 08:04:52 +0000
ROA not before: Sun 01 Jan 2023 08:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397220
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b2:81:f8:df:c8:e6:bf:c8:07:8d:7c:57:1e:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4f10acc939508e9999b2be3c8b4f0222d42c1fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7a:bf:c1:4b:4d:25:e0:6f:82:db:55:25:25:
b8:5e:fa:42:ce:a3:fe:a3:aa:74:a3:a1:0c:fc:f2:
54:84:72:e6:d0:fd:c7:d4:33:f4:9f:37:88:6f:4f:
66:7c:c9:50:3f:3f:58:66:06:2b:e0:b7:9d:e5:40:
b2:77:4e:6b:e5:5e:99:d5:ff:1e:b1:4b:8e:f6:f9:
26:b2:b5:50:89:b3:ca:0f:4c:1b:e5:44:7c:b8:8f:
70:a7:fd:16:53:da:c2:dd:bb:b3:49:e3:65:13:a3:
6e:90:45:24:1e:6d:72:56:37:ef:cd:a4:58:99:38:
47:54:21:1f:be:8f:63:a0:03:3f:2b:fa:0d:44:03:
80:66:a4:f1:db:05:03:ac:e5:65:a4:2d:e8:f3:d5:
be:60:8a:37:cf:66:ea:50:c8:82:cc:9c:70:85:18:
71:ce:cf:af:6c:8f:fe:5c:f3:d8:5d:5f:3b:6f:96:
1c:7d:62:60:34:94:f2:35:18:96:25:a2:7e:7f:05:
60:61:17:f3:5e:c3:3e:88:4e:b0:be:ae:42:1d:c2:
24:ad:d8:4e:c3:14:d4:a3:76:e1:c8:d7:d4:6f:2a:
e3:5d:d2:bd:bf:11:af:7f:69:0e:10:4f:0e:8f:ab:
1c:e2:85:08:51:44:07:79:ee:f1:74:35:dd:48:03:
3c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F1:0A:CC:93:95:08:E9:99:9B:2B:E3:C8:B4:F0:22:2D:42:C1:FB
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pPEKzJOVCOmZmyvjyLTwIi1Cwfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
32:49:26:27:ce:7d:f7:bb:fd:4e:bc:a2:10:b3:c3:d1:ae:99:
21:bb:42:b6:0e:05:03:4a:92:f6:37:b7:1d:f2:75:ac:e1:14:
a3:cc:98:fc:f7:7f:d5:07:eb:29:3f:a2:6e:9f:c4:cb:68:eb:
fc:5d:03:6f:a0:b4:9d:8f:f2:25:32:43:a6:17:79:f2:09:84:
22:76:a9:87:eb:77:18:20:3d:ec:ed:75:89:69:1c:d9:e2:99:
bf:e2:23:48:b3:37:3c:3f:91:30:a9:2e:44:d3:3c:93:fb:de:
72:20:01:c2:ae:26:a4:87:1f:9e:11:7b:13:fd:bc:a5:86:ef:
9e:4d:9e:4e:78:b9:d2:0b:e2:9b:c2:4c:a0:fc:04:e0:96:7a:
8d:27:ba:38:aa:a4:5f:c6:6b:fc:80:d9:11:6e:e7:6b:e5:89:
74:1b:8e:c9:b7:92:52:d8:00:9c:73:d6:bb:e7:74:df:ae:2a:
4f:59:77:86:fb:0f:83:fb:65:48:08:bb:21:03:78:53:57:6c:
ae:99:1e:69:7d:45:2a:9b:c5:96:e9:ee:f7:78:49:75:9b:dc:
37:43:36:6e:4c:0d:cf:84:4a:95:83:9f:cd:98:f7:af:fa:9d:
8a:21:e8:b6:77:70:84:77:75:3e:68:68:cd:52:44:f6:59:56:
77:57:0f:11
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXLKB+N/I5r/IB418Vx6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGYxMGFjYzkzOTUwOGU5OTk5YjJiZTNjOGI0ZjAyMjJkNDJjMWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXq/wUtNJeBvgttVJSW4XvpCzqP+
o6p0o6EM/PJUhHLm0P3H1DP0nzeIb09mfMlQPz9YZgYr4Led5UCyd05r5V6Z1f8e
sUuO9vkmsrVQibPKD0wb5UR8uI9wp/0WU9rC3buzSeNlE6NukEUkHm1yVjfvzaRY
mThHVCEfvo9joAM/K/oNRAOAZqTx2wUDrOVlpC3o89W+YIo3z2bqUMiCzJxwhRhx
zs+vbI/+XPPYXV87b5YcfWJgNJTyNRiWJaJ+fwVgYRfzXsM+iE6wvq5CHcIkrdhO
wxTUo3bhyNfUbyrjXdK9vxGvf2kOEE8Oj6sc4oUIUUQHee7xdDXdSAM8kwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKTxCsyTlQjpmZsr48i08CItQsH7MB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvcFBFS3pKT1ZDT21abXl2anlMVHdJaTFDd2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAySSYnzn33u/1OvKIQ
s8PRrpkhu0K2DgUDSpL2N7cd8nWs4RSjzJj893/VB+spP6Jun8TLaOv8XQNvoLSd
j/IlMkOmF3nyCYQidqmH63cYID3s7XWJaRzZ4pm/4iNIszc8P5EwqS5E0zyT+95y
IAHCriakhx+eEXsT/bylhu+eTZ5OeLnSC+Kbwkyg/ATglnqNJ7o4qqRfxmv8gNkR
budr5Yl0G47Jt5JS2ACcc9a753TfripPWXeG+w+D+2VICLshA3hTV2yumR5pfUUq
m8WW6e73eEl1m9w3QzZuTA3PhEqVg5/NmPev+p2KIei2d3CEd3U+aGjNUkT2WVZ3
Vw8R
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org