Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/zllqpg8Kh2S-TYLgyBkTvb8YhIY.roa
File: zllqpg8Kh2S-TYLgyBkTvb8YhIY.roa (raw, json)
Hash identifier: qDOLzRcsMsUTM+ANqviybyEg8+Z49cTLILSDoi5JBr8=
Subject key identifier: CE:59:6A:A6:0F:0A:87:64:BE:4D:82:E0:C8:19:13:BD:BF:18:84:86
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 01856C5CC0B9BF3580A54E50EBD4D967552F
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/zllqpg8Kh2S-TYLgyBkTvb8YhIY.roa
Signing time: Sun 01 Jan 2023 08:04:55 +0000
ROA not before: Sun 01 Jan 2023 08:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397243
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:c0:b9:bf:35:80:a5:4e:50:eb:d4:d9:67:55:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 08:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce596aa60f0a8764be4d82e0c81913bdbf188486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:eb:8d:63:2a:b9:47:09:a1:21:21:0a:4e:f6:
0e:49:91:8d:59:b6:42:af:41:91:e4:5e:9d:cc:de:
97:65:08:38:a1:6a:e9:0c:76:8c:ac:5a:0e:4f:17:
9b:d8:77:a3:f0:83:ff:00:9a:4e:1d:25:e9:9f:6f:
85:1a:c4:27:bf:a9:ef:b0:ff:d4:47:09:76:31:0f:
dd:0c:9a:ee:19:24:d1:a9:fc:47:c4:ba:56:50:9b:
39:fd:f2:eb:12:34:7d:4e:8c:b4:cc:85:68:da:8e:
22:8b:0c:09:17:01:33:24:be:18:e5:af:d0:61:3f:
04:6d:fb:3a:70:0d:00:a2:77:07:a9:ef:fc:b8:1e:
2b:3c:55:a4:ca:ee:35:72:80:e5:33:78:e4:40:78:
7d:b9:a0:fc:0d:a3:e2:00:f1:4a:0f:e4:84:eb:df:
b1:24:02:d0:c8:cf:df:77:46:b0:dc:f7:9d:c8:ce:
ab:1d:14:74:0f:f4:73:72:49:05:76:21:4e:87:7f:
d4:21:d9:16:54:18:45:bf:0c:f4:02:26:74:67:49:
80:73:18:10:be:58:b4:e1:36:96:8d:0e:fe:f6:f1:
2a:e2:cd:84:1d:27:7e:a8:0d:ca:c0:0c:5e:01:7b:
87:e9:a9:99:81:df:1d:81:ed:72:31:d5:e4:30:4d:
7b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:59:6A:A6:0F:0A:87:64:BE:4D:82:E0:C8:19:13:BD:BF:18:84:86
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/zllqpg8Kh2S-TYLgyBkTvb8YhIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:d3:64:1e:be:2a:e9:92:38:69:d6:2e:0f:52:77:5d:ce:60:
31:5f:a3:78:26:3d:a3:05:88:f6:a2:b6:2e:e1:57:94:d7:e2:
5c:44:8a:4e:2b:e9:31:9d:03:a0:a0:cb:77:c1:08:bb:18:16:
e6:2c:c0:9c:64:ea:67:59:0b:b2:b4:e1:49:c2:1e:9f:54:c3:
b5:72:7d:50:3c:2a:cb:8d:23:ed:b3:e6:ab:69:46:40:72:bf:
76:27:e2:7d:19:73:70:38:07:1b:c1:c9:a2:e5:1c:3a:82:82:
9b:31:d2:1f:38:60:09:cd:1d:c8:19:af:6f:c7:fb:6b:d2:97:
6d:53:5d:5a:75:1b:96:f2:24:f7:4d:6f:d6:41:84:f5:9a:89:
a1:ca:0a:05:56:fb:95:da:62:64:ff:00:0d:71:41:43:7f:63:
52:21:c2:4f:f5:54:3c:42:dc:79:91:7f:9f:bd:28:20:7a:4f:
12:90:70:6d:e0:b8:38:9d:3b:e5:f2:67:e7:1a:d7:b5:de:3c:
db:45:f7:c9:35:29:88:81:c5:93:78:62:fa:71:4c:a9:9e:2b:
b7:bd:09:8c:f8:da:74:1d:86:08:87:09:2f:78:c1:e0:80:c5:
a8:43:ea:96:31:41:1b:3d:43:65:cc:21:0c:f7:d3:f0:59:b5:
5f:57:a3:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsXMC5vzWApU5Q69TZZ1UvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjMwMTAxMDgwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTU5NmFhNjBmMGE4NzY0YmU0ZDgyZTBjODE5MTNiZGJmMTg4NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheuNYyq5RwmhISEKTvYOSZGNWbZC
r0GR5F6dzN6XZQg4oWrpDHaMrFoOTxeb2Hej8IP/AJpOHSXpn2+FGsQnv6nvsP/U
Rwl2MQ/dDJruGSTRqfxHxLpWUJs5/fLrEjR9Toy0zIVo2o4iiwwJFwEzJL4Y5a/Q
YT8Ebfs6cA0AoncHqe/8uB4rPFWkyu41coDlM3jkQHh9uaD8DaPiAPFKD+SE69+x
JALQyM/fd0aw3PedyM6rHRR0D/RzckkFdiFOh3/UIdkWVBhFvwz0AiZ0Z0mAcxgQ
vli04TaWjQ7+9vEq4s2EHSd+qA3KwAxeAXuH6amZgd8dge1yMdXkME17GwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM5ZaqYPCodkvk2C4MgZE72/GISGMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvemxscXBnOEtoMlMtVFlMZ3lCa1R2YjhZaElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQB602Qevirpkjhp1i4P
UnddzmAxX6N4Jj2jBYj2orYu4VeU1+JcRIpOK+kxnQOgoMt3wQi7GBbmLMCcZOpn
WQuytOFJwh6fVMO1cn1QPCrLjSPts+araUZAcr92J+J9GXNwOAcbwcmi5Rw6goKb
MdIfOGAJzR3IGa9vx/tr0pdtU11adRuW8iT3TW/WQYT1momhygoFVvuV2mJk/wAN
cUFDf2NSIcJP9VQ8Qtx5kX+fvSggek8SkHBt4Lg4nTvl8mfnGte13jzbRffJNSmI
gcWTeGL6cUypniu3vQmM+Np0HYYIhwkveMHggMWoQ+qWMUEbPUNlzCEM99PwWbVf
V6Mt
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:06 2024 by rpki-client on console-fra.rpki-client.org