Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3131382e302f32332d3233203d3e2036383439.roa
File: 33372e35322e3131382e302f32332d3233203d3e2036383439.roa (raw, json)
Hash identifier: 7rmSVM0Vsp8MBYUQZEAzozOAu+xZd1OoTK8iOcyg79I=
Subject key identifier: AE:C8:C1:D7:B8:B4:65:7C:ED:93:8E:65:80:56:24:50:7B:D9:15:50
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6729B2B8402FB8BE21B43340595D1019E4036A79
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3131382e302f32332d3233203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:53 +0000
ROA not before: Tue 20 Feb 2024 14:33:53 +0000
ROA not after: Tue 18 Feb 2025 14:38:53 +0000
asID: 6849
IP address blocks: 37.52.118.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:29:b2:b8:40:2f:b8:be:21:b4:33:40:59:5d:10:19:e4:03:6a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:53 2024 GMT
Not After : Feb 18 14:38:53 2025 GMT
Subject: CN=AEC8C1D7B8B4657CED938E65805624507BD91550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c3:0d:bd:a3:e4:4d:6e:7b:48:ca:78:ba:f4:
f1:de:ca:92:e0:b9:da:e2:58:f8:d4:75:04:a1:d3:
b9:9e:02:51:38:b1:36:e3:fe:b1:57:df:79:25:f0:
83:fe:8f:f9:ab:d7:75:66:21:bb:6d:3c:7d:21:a8:
07:6b:30:a5:74:6f:63:56:21:a0:83:08:7d:71:13:
76:c4:04:a6:87:12:78:ab:8e:65:9a:45:51:59:47:
71:f1:33:7f:87:98:21:13:8a:c7:23:fb:44:5a:fa:
4a:eb:18:10:5e:71:8e:65:86:88:07:aa:1a:22:98:
ac:d9:ac:56:84:94:38:2f:f0:4d:ce:f0:c6:3d:d0:
c8:3a:fb:f2:bc:91:b0:7a:c3:95:03:2f:ca:b7:d6:
24:34:41:b5:61:7b:72:35:95:3f:98:64:f9:c6:31:
46:9f:77:3f:9b:de:04:cb:b6:82:2e:56:b7:87:dc:
b3:19:98:2f:2d:7c:4c:f7:45:8a:1a:a9:ef:a8:6c:
2b:80:21:17:6f:59:f1:d5:94:b0:24:1b:48:ea:19:
e4:55:0b:ce:fe:d9:72:bc:98:2a:bf:77:01:34:ac:
6a:4c:dc:49:b8:f1:5d:0f:29:90:33:b4:8b:f6:36:
54:8d:d4:fc:19:11:b8:b1:48:6d:d6:ff:24:d4:9c:
49:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C8:C1:D7:B8:B4:65:7C:ED:93:8E:65:80:56:24:50:7B:D9:15:50
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3131382e302f32332d3233203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.118.0/23
Signature Algorithm: sha256WithRSAEncryption
98:5e:97:e2:6b:3c:7b:a5:36:2c:0a:e5:b9:43:40:c8:0e:3d:
f8:1d:dc:a2:dc:48:2a:55:90:5f:2e:4d:4b:17:e0:29:bd:fb:
a2:37:ad:1d:e7:da:30:36:c4:bb:b1:0e:44:de:5e:c8:92:44:
63:9d:2b:56:f1:32:88:7f:41:2a:2c:9c:68:7c:7f:ed:3a:9b:
44:6e:e0:f3:6b:4a:f3:2e:35:d0:b5:fe:55:ba:4a:1b:fa:f1:
3e:3c:c6:56:ad:a8:73:99:e7:65:65:2d:af:2c:a8:6d:af:b4:
e1:d5:aa:bb:01:24:a5:ef:d3:a7:f2:17:5e:2a:f9:4e:f1:b3:
cc:35:0f:50:4a:d9:c5:6b:24:06:7b:69:d0:fc:1d:ab:cc:b4:
6d:51:d4:dd:73:36:97:4d:6a:d0:6e:6c:14:4d:44:e1:07:90:
ac:e1:1c:a8:ad:4d:48:e8:cb:b5:d3:af:f5:41:f3:74:42:d3:
ea:e3:15:fc:53:16:97:a1:13:f5:83:ae:51:00:7d:e4:55:b6:
8b:12:d4:b3:76:d9:81:c0:f3:65:6e:23:51:e6:ef:ef:c3:7e:
6e:94:c1:ac:88:4a:b5:ed:2e:7c:86:25:ff:ef:92:54:3c:6f:
2e:0d:94:bf:6f:bd:1a:cd:eb:c0:f9:90:35:33:2f:99:9f:3d:
30:49:43:5d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUZymyuEAvuL4htDNAWV0QGeQDankwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzNTNaFw0yNTAyMTgxNDM4NTNaMDMxMTAvBgNV
BAMTKEFFQzhDMUQ3QjhCNDY1N0NFRDkzOEU2NTgwNTYyNDUwN0JEOTE1NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAww29o+RNbntIyni69PHeypLg
udriWPjUdQSh07meAlE4sTbj/rFX33kl8IP+j/mr13VmIbttPH0hqAdrMKV0b2NW
IaCDCH1xE3bEBKaHEnirjmWaRVFZR3HxM3+HmCETiscj+0Ra+krrGBBecY5lhogH
qhoimKzZrFaElDgv8E3O8MY90Mg6+/K8kbB6w5UDL8q31iQ0QbVhe3I1lT+YZPnG
MUafdz+b3gTLtoIuVreH3LMZmC8tfEz3RYoaqe+obCuAIRdvWfHVlLAkG0jqGeRV
C87+2XK8mCq/dwE0rGpM3Em48V0PKZAztIv2NlSN1PwZEbixSG3W/yTUnElXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUrsjB17i0ZXztk45lgFYkUHvZFVAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzMTM4
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzYzODM0Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAElNHYw
DQYJKoZIhvcNAQELBQADggEBAJhel+JrPHulNiwK5blDQMgOPfgd3KLcSCpVkF8u
TUsX4Cm9+6I3rR3n2jA2xLuxDkTeXsiSRGOdK1bxMoh/QSosnGh8f+06m0Ru4PNr
SvMuNdC1/lW6Shv68T48xlatqHOZ52VlLa8sqG2vtOHVqrsBJKXv06fyF14q+U7x
s8w1D1BK2cVrJAZ7adD8HavMtG1R1N1zNpdNatBubBRNROEHkKzhHKitTUjoy7XT
r/VB83RC0+rjFfxTFpehE/WDrlEAfeRVtosS1LN22YHA82VuI1Hm7+/Dfm6UwayI
SrXtLnyGJf/vklQ8by4NlL9vvRrN68D5kDUzL5mfPTBJQ10=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:24:13 2025 by rpki-client