Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130382e302f32322d3232203d3e2036383439.roa
File: 33372e35322e3130382e302f32322d3232203d3e2036383439.roa (raw, json)
Hash identifier: ZLN4+Eh33xwRAximqRznkUkWu6lfIqz8768jzvXSyJE=
Subject key identifier: 4F:5C:FF:2D:6F:64:CE:AA:E4:0C:4D:92:A5:23:97:2A:25:AF:3B:0C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6A7D3B37B5DB1BA4AA43FB732F08813F6C8AFF10
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130382e302f32322d3232203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:33 +0000
ROA not before: Tue 20 Feb 2024 14:33:33 +0000
ROA not after: Tue 18 Feb 2025 14:38:33 +0000
asID: 6849
IP address blocks: 37.52.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:7d:3b:37:b5:db:1b:a4:aa:43:fb:73:2f:08:81:3f:6c:8a:ff:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:33 2024 GMT
Not After : Feb 18 14:38:33 2025 GMT
Subject: CN=4F5CFF2D6F64CEAAE40C4D92A523972A25AF3B0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:37:b3:2f:57:3f:15:e3:7a:60:d9:3c:65:b4:
75:b9:43:48:25:b7:44:4c:2a:48:0d:80:7b:dc:43:
74:e1:d9:94:89:fe:e8:b4:18:51:8c:44:93:c6:3e:
a8:47:93:d0:d8:97:50:17:39:68:6e:49:b0:f2:9d:
88:66:8d:0f:57:1e:31:66:ae:8b:f6:b4:e8:11:e0:
04:7b:e4:04:a1:a5:f3:ff:55:53:e1:f7:9a:f6:df:
30:86:a9:c4:a1:c4:f9:5c:e0:1c:be:16:54:49:f6:
4e:30:11:6f:79:38:73:67:89:d1:34:29:ee:de:41:
cb:e7:78:56:75:b4:92:f1:8d:a4:d9:30:c1:be:ed:
70:ac:00:ab:00:4c:b3:80:09:dd:77:97:73:7e:44:
ec:e9:fd:32:79:bc:c3:13:79:7c:35:f7:ee:a4:c4:
fe:69:3f:3a:5c:d1:ea:84:05:d6:90:f3:b3:c9:7a:
b4:c1:e0:e4:53:45:ad:c9:a9:37:20:c1:94:ba:0b:
23:3f:9f:15:97:20:9b:c1:ba:fd:88:aa:0f:62:b1:
76:7a:66:8e:06:49:4d:b2:24:8d:71:3f:78:b0:4a:
d3:de:e6:24:29:1a:4e:c3:c4:e8:53:ea:26:9b:94:
cc:73:04:e5:b9:b0:9a:da:75:4a:73:31:74:7c:33:
69:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:5C:FF:2D:6F:64:CE:AA:E4:0C:4D:92:A5:23:97:2A:25:AF:3B:0C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130382e302f32322d3232203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.108.0/22
Signature Algorithm: sha256WithRSAEncryption
39:a7:cf:91:b9:d1:57:45:11:f4:cc:2c:c9:70:7e:fe:96:9a:
3a:14:e3:3e:49:bd:ad:0d:ed:5f:de:78:d1:88:61:01:2c:d1:
5d:f8:32:dc:49:75:b7:60:a3:c9:4b:cc:30:41:f4:36:bf:73:
0a:f7:2f:5e:0b:75:a5:63:6e:ea:f2:6b:57:06:59:eb:9f:6d:
de:72:89:14:03:d0:18:30:bb:b5:c1:8c:b1:89:77:53:2f:22:
e2:52:1f:e9:fe:51:e7:af:05:b9:0f:55:f2:25:1c:69:3a:38:
e9:3a:40:23:c3:75:60:75:f5:c8:ac:34:45:46:17:32:48:67:
92:89:19:3d:4d:eb:a3:c0:b9:74:d9:7a:c3:e9:51:bf:58:fd:
ff:4a:28:f6:3d:01:67:45:c8:ea:e3:31:9b:b5:82:f8:94:39:
e6:10:63:c4:82:56:85:53:f7:44:2d:5e:05:fb:ec:0c:40:ac:
8b:29:5c:cb:78:18:c1:e8:01:11:1b:e8:a4:2d:d9:c4:b8:b0:
da:61:2d:80:d3:23:9e:f5:02:cb:aa:d1:ca:11:9b:5b:5e:5a:
1c:6a:84:f3:87:c4:88:ad:ea:97:67:0a:2c:aa:ea:62:2a:ef:
83:6e:d2:c2:bd:47:7a:93:d2:c0:9b:1f:c8:30:c9:76:c7:35:
54:b2:3c:71
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUan07N7XbG6SqQ/tzLwiBP2yK/xAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzMzNaFw0yNTAyMTgxNDM4MzNaMDMxMTAvBgNV
BAMTKDRGNUNGRjJENkY2NENFQUFFNDBDNEQ5MkE1MjM5NzJBMjVBRjNCMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuN7MvVz8V43pg2TxltHW5Q0gl
t0RMKkgNgHvcQ3Th2ZSJ/ui0GFGMRJPGPqhHk9DYl1AXOWhuSbDynYhmjQ9XHjFm
rov2tOgR4AR75AShpfP/VVPh95r23zCGqcShxPlc4By+FlRJ9k4wEW95OHNnidE0
Ke7eQcvneFZ1tJLxjaTZMMG+7XCsAKsATLOACd13l3N+ROzp/TJ5vMMTeXw19+6k
xP5pPzpc0eqEBdaQ87PJerTB4ORTRa3JqTcgwZS6CyM/nxWXIJvBuv2Iqg9isXZ6
Zo4GSU2yJI1xP3iwStPe5iQpGk7DxOhT6iablMxzBOW5sJradUpzMXR8M2nDAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUT1z/LW9kzqrkDE2SpSOXKiWvOwwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzMDM4
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzYzODM0Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIlNGww
DQYJKoZIhvcNAQELBQADggEBADmnz5G50VdFEfTMLMlwfv6WmjoU4z5Jva0N7V/e
eNGIYQEs0V34MtxJdbdgo8lLzDBB9Da/cwr3L14LdaVjburya1cGWeufbd5yiRQD
0Bgwu7XBjLGJd1MvIuJSH+n+UeevBbkPVfIlHGk6OOk6QCPDdWB19cisNEVGFzJI
Z5KJGT1N66PAuXTZesPpUb9Y/f9KKPY9AWdFyOrjMZu1gviUOeYQY8SCVoVT90Qt
XgX77AxArIspXMt4GMHoAREb6KQt2cS4sNphLYDTI571Asuq0coRm1teWhxqhPOH
xIit6pdnCiyq6mIq74Nu0sK9R3qT0sCbH8gwyXbHNVSyPHE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org