Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130302e302f32342d3234203d3e2036383439.roa
File: 33372e35322e3130302e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: lLoCznEJUa/QgTgh7nM9oxrLNAqAi3bSBYjYxPM5ivk=
Subject key identifier: 86:21:07:CE:1D:BD:0E:5C:0E:49:D0:71:95:18:8D:07:21:07:83:BC
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 50D987101167A5916EFDF72A5B2A7B9E3E5257B5
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130302e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:17 +0000
ROA not before: Tue 20 Feb 2024 14:33:17 +0000
ROA not after: Tue 18 Feb 2025 14:38:17 +0000
asID: 6849
IP address blocks: 37.52.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:d9:87:10:11:67:a5:91:6e:fd:f7:2a:5b:2a:7b:9e:3e:52:57:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:17 2024 GMT
Not After : Feb 18 14:38:17 2025 GMT
Subject: CN=862107CE1DBD0E5C0E49D07195188D07210783BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ee:aa:6e:df:f8:c9:8e:4f:58:7c:2b:c6:fa:
dc:10:86:7a:a7:05:25:2a:d6:b3:4b:b0:1a:82:ed:
95:52:82:88:f5:8e:2f:86:d0:80:3c:e2:d3:55:03:
c7:7e:15:e9:c6:98:8e:02:a9:47:ff:cd:b2:4a:0f:
f3:73:05:af:2f:30:cd:67:37:49:1a:e4:2c:7b:f8:
b0:09:75:f9:e9:63:cb:c4:bb:44:a4:9f:d3:62:07:
b4:7e:5f:03:f3:8c:1d:c5:79:93:72:dc:6d:bf:4d:
45:86:8e:d2:2a:35:0f:47:14:5d:6c:6b:9f:2c:dd:
c0:f9:94:d3:d8:a3:6f:4a:db:99:8d:a8:b7:77:5d:
1f:9f:2d:7b:ec:6a:d2:08:0a:8f:19:07:99:93:24:
6b:56:a2:91:4f:1e:fb:2f:db:1f:bc:31:95:c3:47:
07:77:e5:5d:05:ca:ff:1c:f4:9b:7d:52:2b:65:9f:
a4:44:e0:ec:d4:6a:91:7e:b5:21:0b:0e:6f:b5:6f:
95:bc:6a:fa:50:10:99:aa:60:04:35:95:20:d6:eb:
97:2f:8d:1e:12:73:a3:6b:a5:6b:22:8e:d3:74:2e:
33:3a:8a:2e:d8:4b:1c:b3:63:0a:9d:10:d5:bc:77:
12:1e:1a:d5:02:74:33:78:ac:99:54:50:10:33:f8:
ed:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:21:07:CE:1D:BD:0E:5C:0E:49:D0:71:95:18:8D:07:21:07:83:BC
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130302e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.100.0/24
Signature Algorithm: sha256WithRSAEncryption
20:e7:b6:b8:14:9a:e7:18:61:b7:c3:67:5d:75:03:17:ba:c7:
0d:cd:d7:71:ea:b7:b4:40:71:c0:6a:c4:c5:e5:b4:16:40:6b:
fb:1f:18:10:d0:ed:e4:22:e9:87:8a:cd:1e:a5:af:91:48:8f:
99:2a:53:2f:1f:7b:af:48:2b:ab:c6:c4:57:14:38:6d:f0:b2:
ba:df:6e:46:a6:5f:da:2c:ef:85:a4:ad:9c:b0:6f:0a:da:18:
a1:e2:51:17:cf:18:e9:10:00:78:8a:09:50:67:51:2e:8d:bc:
97:9d:34:71:8d:f6:73:52:cc:95:29:c0:a3:06:e3:58:5c:67:
15:85:33:fd:22:8c:e3:f3:8b:ba:7e:8e:eb:05:26:59:39:c5:
87:65:49:08:0b:8a:92:4b:3c:c4:63:8b:be:0b:56:09:62:75:
88:3a:40:5a:35:81:e9:28:d6:29:07:e6:9f:2f:36:e5:5f:21:
18:3a:00:78:ae:c9:c5:97:a6:06:59:72:95:53:84:67:f5:16:
4b:f8:b8:2d:87:b6:62:0f:7d:6b:56:55:24:9f:56:57:0d:ed:
ee:30:ec:b1:10:64:43:40:3d:86:97:bb:12:9f:d9:89:98:e6:
d6:96:97:d6:1e:59:c1:63:60:14:2a:dd:9c:3b:25:c9:dd:4b:
54:e0:d3:05
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUUNmHEBFnpZFu/fcqWyp7nj5SV7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzMTdaFw0yNTAyMTgxNDM4MTdaMDMxMTAvBgNV
BAMTKDg2MjEwN0NFMURCRDBFNUMwRTQ5RDA3MTk1MTg4RDA3MjEwNzgzQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb7qpu3/jJjk9YfCvG+twQhnqn
BSUq1rNLsBqC7ZVSgoj1ji+G0IA84tNVA8d+FenGmI4CqUf/zbJKD/NzBa8vMM1n
N0ka5Cx7+LAJdfnpY8vEu0Skn9NiB7R+XwPzjB3FeZNy3G2/TUWGjtIqNQ9HFF1s
a58s3cD5lNPYo29K25mNqLd3XR+fLXvsatIICo8ZB5mTJGtWopFPHvsv2x+8MZXD
Rwd35V0Fyv8c9Jt9Uitln6RE4OzUapF+tSELDm+1b5W8avpQEJmqYAQ1lSDW65cv
jR4Sc6NrpWsijtN0LjM6ii7YSxyzYwqdENW8dxIeGtUCdDN4rJlUUBAz+O2PAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUhiEHzh29DlwOSdBxlRiNByEHg7wwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzMDMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzODM0Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAlNGQw
DQYJKoZIhvcNAQELBQADggEBACDntrgUmucYYbfDZ111Axe6xw3N13Hqt7RAccBq
xMXltBZAa/sfGBDQ7eQi6YeKzR6lr5FIj5kqUy8fe69IK6vGxFcUOG3wsrrfbkam
X9os74WkrZywbwraGKHiURfPGOkQAHiKCVBnUS6NvJedNHGN9nNSzJUpwKMG41hc
ZxWFM/0ijOPzi7p+jusFJlk5xYdlSQgLipJLPMRji74LVglidYg6QFo1geko1ikH
5p8vNuVfIRg6AHiuycWXpgZZcpVThGf1Fkv4uC2HtmIPfWtWVSSfVlcN7e4w7LEQ
ZENAPYaXuxKf2YmY5taWl9YeWcFjYBQq3Zw7JcndS1Tg0wU=
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org