Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e302e302f32312d3231203d3e2036383439.roa
File: 33372e35322e302e302f32312d3231203d3e2036383439.roa (raw, json)
Hash identifier: gfFTchHcksrVcxqxYD4ZvRqb/YbKH0c8fV0Z0zcOVPw=
Subject key identifier: 5C:D9:80:64:D5:0D:1F:89:FB:57:E3:BD:46:2B:7C:02:E3:AB:0E:78
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1A43E10D340573567C12A8EEE22FA1098EBDAC39
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e302e302f32312d3231203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:36:08 +0000
ROA not before: Tue 20 Feb 2024 14:31:08 +0000
ROA not after: Tue 18 Feb 2025 14:36:08 +0000
asID: 6849
IP address blocks: 37.52.0.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:43:e1:0d:34:05:73:56:7c:12:a8:ee:e2:2f:a1:09:8e:bd:ac:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:31:08 2024 GMT
Not After : Feb 18 14:36:08 2025 GMT
Subject: CN=5CD98064D50D1F89FB57E3BD462B7C02E3AB0E78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8c:f6:ef:81:1e:2e:89:2b:d2:7e:49:cd:de:
80:14:78:b6:62:0d:01:b3:05:44:a0:56:e0:c1:5b:
73:59:35:9f:1a:26:8b:4b:5e:3e:63:74:ae:c9:81:
89:36:4f:69:9a:d9:bb:a4:56:e8:4e:12:be:48:ca:
27:d6:0c:9e:8d:9b:6a:9e:70:f1:7a:26:a5:c1:ac:
92:65:8a:ef:e6:d2:78:c9:c7:00:92:17:0d:24:e5:
4f:5b:19:39:04:e1:71:8d:10:ee:a2:37:07:12:a7:
3d:98:8c:1b:a8:ed:4c:09:a7:9d:31:09:f4:c4:34:
86:e3:22:67:d1:6b:e2:8a:e1:aa:bc:ef:ee:37:e7:
3a:55:9c:2e:75:af:69:11:9f:8d:e7:65:53:aa:9a:
c7:4d:2e:ed:6a:16:d5:54:b5:87:69:f7:d5:53:ab:
4e:c3:8c:5e:78:9b:c7:cd:d1:b5:61:e3:33:88:79:
bb:1e:a6:c0:ae:0c:e7:aa:96:74:7b:20:51:c3:a6:
9e:4d:c8:4e:67:bf:14:08:1a:51:5b:fd:41:6c:40:
02:84:f3:64:b6:d2:8e:39:c5:c6:52:db:e9:bf:79:
a4:fe:c5:05:bf:23:d9:ad:88:a8:3e:c2:4e:ca:37:
d9:c2:23:de:98:28:c2:21:d6:37:6d:5b:0f:f1:34:
d7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D9:80:64:D5:0D:1F:89:FB:57:E3:BD:46:2B:7C:02:E3:AB:0E:78
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e302e302f32312d3231203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.0.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:cf:8b:2f:81:c8:e5:83:36:fc:4f:8b:2d:27:97:78:3d:6a:
07:b2:0c:b5:3a:ea:c0:c7:b6:76:e2:9b:e9:08:17:e9:34:17:
29:c5:6a:b8:37:e6:4d:ee:a2:52:3c:e3:48:9f:cd:37:63:29:
be:e7:70:6b:cf:31:74:6d:01:3a:a1:6c:96:99:9d:29:f4:53:
be:43:56:11:8b:2d:75:68:2e:4d:9e:c5:72:8d:cf:be:63:a6:
5d:32:4e:04:22:97:65:4c:94:26:f2:96:13:70:e2:63:f1:6c:
ec:c5:88:5d:83:eb:92:b8:81:50:66:e8:44:26:fb:18:bb:1f:
34:b1:a8:82:31:70:f1:15:fc:40:7a:06:5c:94:6e:24:b6:ed:
a5:4d:18:4a:38:94:6b:86:55:dd:7b:e4:fe:a2:b4:90:ca:0b:
a1:16:07:60:19:c3:e0:71:04:f8:a8:77:29:b9:79:55:4a:0d:
47:a0:94:ed:88:6c:7a:e5:4b:eb:8a:a0:8b:49:87:67:c8:fe:
ca:8d:9c:39:87:7f:5a:dd:4e:64:83:95:52:c0:a7:00:f9:fd:
d8:b0:a3:ec:01:f7:26:d0:a4:73:5c:1f:5f:a7:28:29:c8:1f:
a8:e7:21:1d:67:58:67:65:4d:88:08:72:67:73:1c:83:36:57:
c7:33:f6:12
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUGkPhDTQFc1Z8Eqju4i+hCY69rDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMxMDhaFw0yNTAyMTgxNDM2MDhaMDMxMTAvBgNV
BAMTKDVDRDk4MDY0RDUwRDFGODlGQjU3RTNCRDQ2MkI3QzAyRTNBQjBFNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQjPbvgR4uiSvSfknN3oAUeLZi
DQGzBUSgVuDBW3NZNZ8aJotLXj5jdK7JgYk2T2ma2bukVuhOEr5IyifWDJ6Nm2qe
cPF6JqXBrJJliu/m0njJxwCSFw0k5U9bGTkE4XGNEO6iNwcSpz2YjBuo7UwJp50x
CfTENIbjImfRa+KK4aq87+435zpVnC51r2kRn43nZVOqmsdNLu1qFtVUtYdp99VT
q07DjF54m8fN0bVh4zOIebsepsCuDOeqlnR7IFHDpp5NyE5nvxQIGlFb/UFsQAKE
82S20o45xcZS2+m/eaT+xQW/I9mtiKg+wk7KN9nCI96YKMIh1jdtWw/xNNdrAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUXNmAZNUNH4n7V+O9Rit8AuOrDngwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzAyZTMw
MmYzMjMxMmQzMjMxMjAzZDNlMjAzNjM4MzQzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAyU0ADANBgkq
hkiG9w0BAQsFAAOCAQEAC8+LL4HI5YM2/E+LLSeXeD1qB7IMtTrqwMe2duKb6QgX
6TQXKcVquDfmTe6iUjzjSJ/NN2Mpvudwa88xdG0BOqFslpmdKfRTvkNWEYstdWgu
TZ7Fco3PvmOmXTJOBCKXZUyUJvKWE3DiY/Fs7MWIXYPrkriBUGboRCb7GLsfNLGo
gjFw8RX8QHoGXJRuJLbtpU0YSjiUa4ZV3Xvk/qK0kMoLoRYHYBnD4HEE+Kh3Kbl5
VUoNR6CU7YhseuVL64qgi0mHZ8j+yo2cOYd/Wt1OZIOVUsCnAPn92LCj7AH3JtCk
c1wfX6coKcgfqOchHWdYZ2VNiAhyZ3McgzZXxzP2Eg==
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org