Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3131322e302f32322d3232203d3e2036383439.roa
File: 33372e35322e3131322e302f32322d3232203d3e2036383439.roa (raw, json)
Hash identifier: RcoXKQIYEWrA5Wu4qVfw43h6pamhgWAXIamlQcvK7RQ=
Subject key identifier: 55:75:FF:05:47:B1:5A:FE:27:91:9E:AE:DF:ED:1C:B7:07:2C:C4:BF
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 19AC16041267C884E2DED262DF37AC9831F7DA7E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3131322e302f32322d3232203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:48 +0000
ROA not before: Tue 20 Feb 2024 14:33:48 +0000
ROA not after: Tue 18 Feb 2025 14:38:48 +0000
asID: 6849
IP address blocks: 37.52.112.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:ac:16:04:12:67:c8:84:e2:de:d2:62:df:37:ac:98:31:f7:da:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:48 2024 GMT
Not After : Feb 18 14:38:48 2025 GMT
Subject: CN=5575FF0547B15AFE27919EAEDFED1CB7072CC4BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d6:5f:09:25:a9:75:96:cf:2d:67:d2:11:bb:
65:96:0a:51:c0:b7:f2:ca:e9:4c:58:96:83:43:5a:
fe:94:c6:16:18:6e:fe:da:ab:cb:6e:f7:41:73:cb:
e7:5b:cb:de:10:b4:e6:39:79:c4:db:2b:bd:7a:30:
e5:56:51:48:57:e1:db:4c:5a:44:81:f6:b5:15:ee:
ef:be:c0:34:de:cc:7b:20:c9:0d:ac:a9:69:f5:8a:
de:1f:0b:23:a0:65:04:2c:57:15:e5:81:11:1a:ad:
f4:fb:78:48:35:a2:6d:57:f9:f7:13:9d:92:2c:87:
49:31:af:62:b7:21:e8:1a:7f:52:9e:32:f2:fc:8a:
9d:b3:b5:fe:3c:3f:b8:08:32:48:50:3d:7e:f5:2c:
70:0c:76:b7:29:39:72:11:41:54:98:01:b2:66:45:
fd:94:df:8a:1f:1a:84:4a:51:31:35:94:41:0e:de:
fc:48:05:79:6e:57:01:66:19:ea:49:cf:4d:a6:81:
38:f2:c5:0f:1a:1e:04:c0:3b:1b:2b:88:97:c1:9d:
5c:04:6f:b4:f6:7e:f2:cc:63:93:c7:73:ed:e1:ee:
a0:55:0e:d8:76:ed:ae:d4:5d:4b:df:79:d1:4e:cb:
a2:37:7a:9e:44:3a:66:a7:4a:90:a1:b4:cc:5d:00:
e3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:75:FF:05:47:B1:5A:FE:27:91:9E:AE:DF:ED:1C:B7:07:2C:C4:BF
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3131322e302f32322d3232203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.112.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:5b:31:eb:76:7b:2c:b1:82:9d:d3:0e:07:e0:f6:fa:95:be:
10:2b:17:04:09:24:0e:25:94:7f:9d:52:5a:d7:0c:92:c6:ee:
6d:6c:02:6c:1a:1e:08:45:3c:79:4c:bf:be:df:61:cc:6f:b2:
07:54:b6:74:6b:5e:8f:71:00:28:eb:36:6d:16:df:ad:a9:86:
05:72:0c:2c:19:6a:51:6e:06:6d:84:db:93:5e:94:44:f9:c4:
a1:2c:54:f0:25:11:69:62:bf:18:c0:44:69:30:38:65:4c:c3:
10:4b:7a:fd:29:90:d1:54:09:86:96:bc:4c:65:73:17:44:83:
11:b7:b2:a8:f0:90:b0:e0:b4:77:c9:4b:9f:66:e3:99:91:fe:
6f:b6:4a:c0:c3:bd:24:da:1b:13:2e:c8:aa:89:7f:2b:ce:4a:
4a:cd:cf:63:cc:29:15:51:55:35:4a:38:ef:ba:87:b5:cf:82:
2f:b9:9e:34:11:fe:e9:0a:33:60:b8:5a:c4:96:a5:94:ad:5d:
fb:44:44:11:53:c6:3c:1f:c8:1f:04:93:ff:08:08:35:50:48:
1c:17:14:01:88:93:e2:3b:8e:7e:53:da:60:cf:f7:c7:70:9c:
37:8e:f6:44:8e:8a:dd:5b:87:f5:a0:e2:01:be:53:52:17:f1:
e1:f8:d0:98
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUGawWBBJnyITi3tJi3zesmDH32n4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzNDhaFw0yNTAyMTgxNDM4NDhaMDMxMTAvBgNV
BAMTKDU1NzVGRjA1NDdCMTVBRkUyNzkxOUVBRURGRUQxQ0I3MDcyQ0M0QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ1l8JJal1ls8tZ9IRu2WWClHA
t/LK6UxYloNDWv6UxhYYbv7aq8tu90Fzy+dby94QtOY5ecTbK716MOVWUUhX4dtM
WkSB9rUV7u++wDTezHsgyQ2sqWn1it4fCyOgZQQsVxXlgREarfT7eEg1om1X+fcT
nZIsh0kxr2K3Iegaf1KeMvL8ip2ztf48P7gIMkhQPX71LHAMdrcpOXIRQVSYAbJm
Rf2U34ofGoRKUTE1lEEO3vxIBXluVwFmGepJz02mgTjyxQ8aHgTAOxsriJfBnVwE
b7T2fvLMY5PHc+3h7qBVDth27a7UXUvfedFOy6I3ep5EOmanSpChtMxdAOM3AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUVXX/BUexWv4nkZ6u3+0ctwcsxL8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzMTMy
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzYzODM0Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIlNHAw
DQYJKoZIhvcNAQELBQADggEBAF1bMet2eyyxgp3TDgfg9vqVvhArFwQJJA4llH+d
UlrXDJLG7m1sAmwaHghFPHlMv77fYcxvsgdUtnRrXo9xACjrNm0W362phgVyDCwZ
alFuBm2E25NelET5xKEsVPAlEWlivxjARGkwOGVMwxBLev0pkNFUCYaWvExlcxdE
gxG3sqjwkLDgtHfJS59m45mR/m+2SsDDvSTaGxMuyKqJfyvOSkrNz2PMKRVRVTVK
OO+6h7XPgi+5njQR/ukKM2C4WsSWpZStXftERBFTxjwfyB8Ek/8ICDVQSBwXFAGI
k+I7jn5T2mDP98dwnDeO9kSOit1bh/Wg4gG+U1IX8eH40Jg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:22:41 2025 by rpki-client