Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130322e302f32342d3234203d3e2036383439.roa
File: 33372e35322e3130322e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: EgJ7kcCN4tQUhe4J2RQy1Axgj9eF6T3GtDtFx4v+oww=
Subject key identifier: 17:66:D6:78:8E:75:26:A6:4E:97:7B:6B:CA:00:E2:76:FB:0A:3F:4E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3B185B2D3E7A23F5A8870B57DB37FA2C1F9FE2D2
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130322e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:23 +0000
ROA not before: Tue 20 Feb 2024 14:33:23 +0000
ROA not after: Tue 18 Feb 2025 14:38:23 +0000
asID: 6849
IP address blocks: 37.52.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:18:5b:2d:3e:7a:23:f5:a8:87:0b:57:db:37:fa:2c:1f:9f:e2:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:23 2024 GMT
Not After : Feb 18 14:38:23 2025 GMT
Subject: CN=1766D6788E7526A64E977B6BCA00E276FB0A3F4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:61:d1:7d:09:71:26:1b:40:94:d7:a3:b8:a9:
c8:15:f5:81:35:59:d7:b3:a7:85:ae:df:64:9a:33:
85:f3:b0:9d:66:48:64:9e:76:5e:4f:c4:a8:32:f3:
42:46:a2:9c:84:37:82:49:9e:e9:56:ad:de:00:42:
a5:92:3f:6c:38:35:e0:0f:4a:30:41:60:5e:b7:aa:
16:f6:ab:1a:fd:07:6c:40:50:06:ba:01:ef:6c:a5:
95:f2:67:9c:a5:d6:1a:47:fe:b7:9a:44:79:0f:92:
33:89:9e:3f:b6:9c:26:1c:26:41:50:f3:dc:46:71:
b9:8d:4c:3f:76:32:bb:ab:66:03:ae:4d:a5:e5:91:
f2:32:cc:1f:9f:30:d5:3f:d8:fa:9b:0f:7b:4b:a6:
72:6c:c6:23:d2:97:77:14:08:d3:a2:eb:7b:21:df:
97:ce:65:d3:fb:25:e9:05:ce:c1:dd:26:af:50:0d:
21:e5:83:c6:bd:ba:49:bf:7a:02:44:40:a1:ab:b6:
9c:1b:78:be:fe:39:03:c5:37:58:3b:d9:75:63:b4:
e8:c4:61:19:09:29:0c:c7:fb:5e:e8:b3:b5:3a:bb:
96:ea:8c:2b:d7:9c:e1:93:e3:ee:32:e9:53:6a:e8:
5d:97:b2:95:33:8d:25:a8:de:42:61:7f:e6:25:d2:
2b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:66:D6:78:8E:75:26:A6:4E:97:7B:6B:CA:00:E2:76:FB:0A:3F:4E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130322e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.102.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:f7:3f:56:54:0d:58:da:8a:57:fd:3d:c5:4c:5e:7b:d1:3b:
47:5f:62:f5:8e:14:0a:c4:e1:db:7a:c0:b5:5e:b0:ac:d9:b2:
98:b5:41:b2:1c:dd:76:67:1c:0d:6c:44:bb:4a:08:43:1d:47:
df:a2:c4:a4:67:1c:14:4a:7d:8c:bf:e2:25:98:9f:58:e3:74:
99:43:33:bb:e3:d0:ea:6b:53:ba:92:38:bc:34:48:42:47:07:
1e:40:a2:44:8a:fd:a2:54:d3:d3:d6:45:bc:20:0f:f5:ec:ca:
d8:6d:53:56:8f:62:f9:f7:79:3e:37:42:c4:09:49:b1:34:3b:
bd:ba:3e:f6:8c:f9:61:cb:1e:cc:43:09:55:1e:62:42:e3:aa:
de:92:4d:09:4e:c1:89:98:bd:3c:e6:55:be:a9:37:2e:8a:8c:
58:c4:a7:0b:93:6d:07:d1:f1:b9:e4:4d:d1:4d:b0:73:e2:40:
d1:38:9a:ff:ab:97:3f:de:5c:7d:dd:aa:9d:ef:15:00:63:fb:
10:56:d5:62:b0:1d:44:bb:54:18:b1:2c:4f:cb:14:3a:0e:c2:
fa:54:16:a6:56:88:f0:7e:19:a0:03:31:b5:68:e9:0d:1c:df:
8f:73:14:1c:10:7a:8e:95:1e:c9:7d:bf:6d:7e:cd:e2:e9:9e:
04:95:e2:ba
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUOxhbLT56I/WohwtX2zf6LB+f4tIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzMjNaFw0yNTAyMTgxNDM4MjNaMDMxMTAvBgNV
BAMTKDE3NjZENjc4OEU3NTI2QTY0RTk3N0I2QkNBMDBFMjc2RkIwQTNGNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhYdF9CXEmG0CU16O4qcgV9YE1
Wdezp4Wu32SaM4XzsJ1mSGSedl5PxKgy80JGopyEN4JJnulWrd4AQqWSP2w4NeAP
SjBBYF63qhb2qxr9B2xAUAa6Ae9spZXyZ5yl1hpH/reaRHkPkjOJnj+2nCYcJkFQ
89xGcbmNTD92MrurZgOuTaXlkfIyzB+fMNU/2PqbD3tLpnJsxiPSl3cUCNOi63sh
35fOZdP7JekFzsHdJq9QDSHlg8a9ukm/egJEQKGrtpwbeL7+OQPFN1g72XVjtOjE
YRkJKQzH+17os7U6u5bqjCvXnOGT4+4y6VNq6F2XspUzjSWo3kJhf+Yl0ivhAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUF2bWeI51JqZOl3trygDidvsKP04wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzMDMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzODM0Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAlNGYw
DQYJKoZIhvcNAQELBQADggEBAH/3P1ZUDVjailf9PcVMXnvRO0dfYvWOFArE4dt6
wLVesKzZspi1QbIc3XZnHA1sRLtKCEMdR9+ixKRnHBRKfYy/4iWYn1jjdJlDM7vj
0OprU7qSOLw0SEJHBx5AokSK/aJU09PWRbwgD/XsythtU1aPYvn3eT43QsQJSbE0
O726PvaM+WHLHsxDCVUeYkLjqt6STQlOwYmYvTzmVb6pNy6KjFjEpwuTbQfR8bnk
TdFNsHPiQNE4mv+rlz/eXH3dqp3vFQBj+xBW1WKwHUS7VBixLE/LFDoOwvpUFqZW
iPB+GaADMbVo6Q0c349zFBwQeo6VHsl9v21+zeLpngSV4ro=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org