Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/w90AycZGnzoe25WqUXXHr1MvCQI.roa
File: w90AycZGnzoe25WqUXXHr1MvCQI.roa (raw, json)
Hash identifier: YRe8gtCuQAd3NI4xM8H7mepB3zaYL0Cge4Tg2/70q14=
Subject key identifier: C3:DD:00:C9:C6:46:9F:3A:1E:DB:95:AA:51:75:C7:AF:53:2F:09:02
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CBE08535AAB4BEC410492AD8C5399
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/w90AycZGnzoe25WqUXXHr1MvCQI.roa
Signing time: Sun 01 Jan 2023 08:04:55 +0000
ROA not before: Sun 01 Jan 2023 08:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397236
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:be:08:53:5a:ab:4b:ec:41:04:92:ad:8c:53:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3dd00c9c6469f3a1edb95aa5175c7af532f0902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:87:26:e8:f2:ab:eb:9d:15:1d:98:57:ed:a2:
1a:be:91:2b:b5:92:0b:2d:40:52:d7:d2:31:aa:35:
74:3b:86:dd:57:98:57:9f:43:6d:be:38:4a:02:a1:
7c:9d:57:b7:1f:20:56:73:45:c0:a6:a4:94:9a:51:
84:0c:4c:bb:14:89:cc:98:5d:8f:be:30:f0:e3:13:
c1:c3:cb:60:2a:0c:98:10:f6:fe:09:21:83:b1:84:
eb:2f:3b:3e:e9:7a:d7:86:dd:d3:a5:57:e0:5c:d8:
d8:7f:25:3a:59:c6:ca:78:e0:ae:18:ff:10:1a:8f:
98:cc:07:a6:1f:9d:a2:5a:e9:c4:04:28:5b:02:f2:
59:70:f3:19:8a:c3:79:a6:fc:9c:66:ce:de:13:d5:
93:da:12:4d:cf:0b:7d:f4:6a:88:2f:3b:e7:b4:07:
0b:99:2b:83:82:a3:6c:2b:67:84:5f:3e:c3:ac:04:
bd:2a:05:94:a7:d3:53:25:3a:b1:d2:12:37:c0:ee:
00:b7:10:4b:8d:64:00:f9:48:41:9d:3c:26:1e:97:
a3:58:a2:91:89:6a:62:42:e7:30:24:b1:4a:ba:f0:
0b:70:43:38:7d:77:e1:0a:d0:30:6b:d3:e4:17:35:
93:93:aa:4c:7f:5d:7d:cd:d5:7f:b0:66:94:e8:11:
51:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:DD:00:C9:C6:46:9F:3A:1E:DB:95:AA:51:75:C7:AF:53:2F:09:02
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/w90AycZGnzoe25WqUXXHr1MvCQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:83:13:9f:d3:15:62:0e:9c:95:06:91:b9:f0:89:4a:8c:39:
b4:ab:ea:3f:f0:2c:d7:80:bb:a6:c2:d1:3d:cc:4a:41:58:c6:
42:95:3c:b7:bc:18:40:6f:52:dc:88:42:e5:9c:ad:b6:94:48:
fc:9e:54:77:6d:fb:fb:55:14:25:9f:f0:94:f2:d3:7e:2d:6c:
5f:09:de:68:c2:52:e2:c9:c7:3b:1c:55:e2:a9:85:a6:61:30:
5e:22:7a:be:5a:7a:e5:52:93:3c:ab:d7:fa:f7:48:82:26:b9:
d3:64:3f:3f:a1:35:25:9b:e8:06:bb:7f:46:cf:49:cf:e2:88:
7f:5b:39:3d:1b:98:fd:34:13:39:c1:40:6b:cd:fa:e7:54:6f:
e0:0a:b6:38:8f:f1:20:fb:f5:4d:6d:86:23:f6:06:03:7c:8c:
1c:bc:3f:ed:cb:14:03:6e:f5:a8:43:67:99:d3:19:86:02:89:
99:ce:2d:47:07:76:f5:41:7b:c1:2b:66:c0:d1:aa:2a:21:a3:
1c:ef:d9:2a:a8:b8:90:7c:19:fb:4b:7e:1b:a2:47:fe:fd:ff:
89:52:09:ec:6e:ad:84:22:39:41:ce:94:e4:ab:44:ae:2d:92:
ed:30:b4:7b:2a:2e:9e:68:e3:fd:5f:36:b1:3e:34:fe:47:a4:
7e:3a:d5:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXL4IU1qrS+xBBJKtjFOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2RkMDBjOWM2NDY5ZjNhMWVkYjk1YWE1MTc1YzdhZjUzMmYwOTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhocm6PKr650VHZhX7aIavpErtZIL
LUBS19IxqjV0O4bdV5hXn0NtvjhKAqF8nVe3HyBWc0XApqSUmlGEDEy7FInMmF2P
vjDw4xPBw8tgKgyYEPb+CSGDsYTrLzs+6XrXht3TpVfgXNjYfyU6WcbKeOCuGP8Q
Go+YzAemH52iWunEBChbAvJZcPMZisN5pvycZs7eE9WT2hJNzwt99GqILzvntAcL
mSuDgqNsK2eEXz7DrAS9KgWUp9NTJTqx0hI3wO4AtxBLjWQA+UhBnTwmHpejWKKR
iWpiQucwJLFKuvALcEM4fXfhCtAwa9PkFzWTk6pMf119zdV/sGaU6BFRRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMPdAMnGRp86HtuVqlF1x69TLwkCMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvdzkwQXljWkduem9lMjVXcVVYWEhyMU12Q1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAagxOf0xViDpyVBpG5
8IlKjDm0q+o/8CzXgLumwtE9zEpBWMZClTy3vBhAb1LciELlnK22lEj8nlR3bfv7
VRQln/CU8tN+LWxfCd5owlLiycc7HFXiqYWmYTBeInq+WnrlUpM8q9f690iCJrnT
ZD8/oTUlm+gGu39Gz0nP4oh/Wzk9G5j9NBM5wUBrzfrnVG/gCrY4j/Eg+/VNbYYj
9gYDfIwcvD/tyxQDbvWoQ2eZ0xmGAomZzi1HB3b1QXvBK2bA0aoqIaMc79kqqLiQ
fBn7S34bokf+/f+JUgnsbq2EIjlBzpTkq0SuLZLtMLR7Ki6eaOP9XzaxPjT+R6R+
OtUq
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:08 2024 by rpki-client on console-ams.rpki-client.org