Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130392e302f32342d3234203d3e2036383439.roa
File: 33372e35322e3130392e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: qNgVTaG4+UNfmACVwkNtReT+Uf8eG2gC1dlWoCTdPcQ=
Subject key identifier: E6:13:D9:45:96:DC:C1:8D:77:D2:20:D8:20:F4:AA:40:0C:32:BD:33
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 501D44FBB2B7F581DAC809C447FC51A892D894E0
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130392e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:39 +0000
ROA not before: Tue 20 Feb 2024 14:33:39 +0000
ROA not after: Tue 18 Feb 2025 14:38:39 +0000
asID: 6849
IP address blocks: 37.52.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:1d:44:fb:b2:b7:f5:81:da:c8:09:c4:47:fc:51:a8:92:d8:94:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:39 2024 GMT
Not After : Feb 18 14:38:39 2025 GMT
Subject: CN=E613D94596DCC18D77D220D820F4AA400C32BD33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bf:28:31:fc:60:a6:51:ab:10:d7:68:54:04:
49:5b:12:ab:77:f5:f6:32:64:1c:16:6e:e9:84:e8:
0b:1c:e3:87:3d:68:b5:76:79:b8:b3:48:ee:bf:46:
0a:03:c4:ab:5b:e0:0f:99:46:c2:22:1b:95:d9:08:
5d:6b:b2:25:de:29:86:72:2a:44:a9:65:35:16:84:
56:8f:62:06:1f:59:20:30:c0:d1:bd:cd:06:92:32:
b2:9c:46:ee:58:64:3c:84:52:d3:43:13:cf:6b:ba:
1b:1f:2a:07:11:02:69:2b:1e:e1:0a:9f:b0:ed:78:
14:38:3f:a9:31:6f:90:54:91:ff:bb:50:1a:cf:68:
29:3d:e5:1d:d5:f2:49:47:ba:24:fd:f1:7d:dd:32:
97:e7:8d:b4:6d:f0:99:06:e6:2d:5a:40:68:59:f4:
45:bb:ee:81:2d:d7:e7:ff:15:b9:39:70:56:2a:8e:
bb:6a:a7:88:0c:b3:8f:a4:b8:0f:ab:6f:a5:23:d4:
dd:20:3b:64:69:02:1a:1d:73:37:74:ff:a9:f3:4b:
a8:ee:4d:ef:46:a8:db:47:af:0d:46:2a:c0:9a:0f:
d9:82:31:7c:61:1e:f2:07:27:78:9d:79:48:84:ae:
f7:35:82:4a:cb:c8:65:5e:d7:ce:79:4d:ab:a7:7d:
87:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:13:D9:45:96:DC:C1:8D:77:D2:20:D8:20:F4:AA:40:0C:32:BD:33
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3130392e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.109.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:cf:b0:bd:5e:fe:6c:6e:19:5e:7d:d6:0c:fb:dc:ad:b2:bb:
85:af:4b:2a:cf:e0:96:27:82:5e:6d:56:35:74:8f:76:ec:9b:
88:95:ed:5a:da:20:88:2d:ef:cd:69:c1:8d:da:da:c3:e5:f0:
f6:d7:97:de:29:a4:74:6e:5e:3e:e2:4b:28:b2:36:e2:b1:e5:
da:d8:c3:bf:d6:ff:70:4d:60:4d:3f:40:5e:21:9b:d8:67:40:
2f:c3:07:1f:5d:10:5e:e9:f7:fd:93:e9:34:cd:1e:22:f7:88:
bd:53:db:18:66:d1:f0:0d:3c:fa:1e:81:94:97:d6:35:80:2e:
d0:5d:02:c9:fa:4c:6b:b0:3e:2e:58:df:f8:0d:73:58:19:b0:
42:18:2a:17:06:f1:19:fa:69:cf:9f:e4:5a:9f:95:2d:65:93:
e8:3b:f8:cf:a3:51:e9:bc:1b:c6:a2:77:1d:f7:8a:48:cc:50:
af:b0:58:2b:7d:ad:13:c0:c5:0f:a4:df:60:88:fe:06:03:21:
d4:72:2b:3b:f3:2a:df:2f:4e:61:9a:08:ec:39:d3:ec:d3:e3:
6a:a5:89:16:a8:bd:0f:aa:9e:45:4c:53:7b:bd:3a:ab:e3:ac:
31:6c:ee:99:66:ab:3c:bb:37:ab:c3:82:71:59:97:6c:40:64:
21:2b:3d:d8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUUB1E+7K39YHayAnER/xRqJLYlOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzMzlaFw0yNTAyMTgxNDM4MzlaMDMxMTAvBgNV
BAMTKEU2MTNEOTQ1OTZEQ0MxOEQ3N0QyMjBEODIwRjRBQTQwMEMzMkJEMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcvygx/GCmUasQ12hUBElbEqt3
9fYyZBwWbumE6Asc44c9aLV2ebizSO6/RgoDxKtb4A+ZRsIiG5XZCF1rsiXeKYZy
KkSpZTUWhFaPYgYfWSAwwNG9zQaSMrKcRu5YZDyEUtNDE89ruhsfKgcRAmkrHuEK
n7DteBQ4P6kxb5BUkf+7UBrPaCk95R3V8klHuiT98X3dMpfnjbRt8JkG5i1aQGhZ
9EW77oEt1+f/Fbk5cFYqjrtqp4gMs4+kuA+rb6Uj1N0gO2RpAhodczd0/6nzS6ju
Te9GqNtHrw1GKsCaD9mCMXxhHvIHJ3ideUiErvc1gkrLyGVe1855TaunfYejAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU5hPZRZbcwY130iDYIPSqQAwyvTMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzMDM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzODM0Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAlNG0w
DQYJKoZIhvcNAQELBQADggEBAEvPsL1e/mxuGV591gz73K2yu4WvSyrP4JYngl5t
VjV0j3bsm4iV7VraIIgt781pwY3a2sPl8PbXl94ppHRuXj7iSyiyNuKx5drYw7/W
/3BNYE0/QF4hm9hnQC/DBx9dEF7p9/2T6TTNHiL3iL1T2xhm0fANPPoegZSX1jWA
LtBdAsn6TGuwPi5Y3/gNc1gZsEIYKhcG8Rn6ac+f5FqflS1lk+g7+M+jUem8G8ai
dx33ikjMUK+wWCt9rRPAxQ+k32CI/gYDIdRyKzvzKt8vTmGaCOw50+zT42qliRao
vQ+qnkVMU3u9OqvjrDFs7plmqzy7N6vDgnFZl2xAZCErPdg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:12:06 2025 by rpki-client