Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3132382e302f32312d3231203d3e2036383439.roa
File: 33372e35322e3132382e302f32312d3231203d3e2036383439.roa (raw, json)
Hash identifier: KoJzMhM4GLR/8jK63dT/cOWtVJv2AUArVLqQ7OrkueA=
Subject key identifier: 5B:76:FC:94:B7:04:E7:9C:94:3E:B4:F8:F6:0D:7F:EB:57:E6:7D:2C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6EFF3D8A81BDC012725E22749C12EDC4205BBB77
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3132382e302f32312d3231203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:55 +0000
ROA not before: Tue 20 Feb 2024 14:33:55 +0000
ROA not after: Tue 18 Feb 2025 14:38:55 +0000
asID: 6849
IP address blocks: 37.52.128.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:ff:3d:8a:81:bd:c0:12:72:5e:22:74:9c:12:ed:c4:20:5b:bb:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:55 2024 GMT
Not After : Feb 18 14:38:55 2025 GMT
Subject: CN=5B76FC94B704E79C943EB4F8F60D7FEB57E67D2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bc:6a:37:d7:3e:75:5c:5c:ba:50:d6:cf:ca:
12:8a:b4:ec:b6:35:ea:f7:dd:10:57:c5:01:ff:04:
12:6a:da:df:e8:c7:5c:a7:b8:45:e5:e8:3a:d3:ed:
68:6d:ff:c5:6a:c7:15:ac:f4:59:2c:1c:a0:d5:31:
7e:6b:3d:7a:ee:e9:19:a4:60:03:fc:8a:13:f1:81:
d9:c3:ac:53:ad:1b:72:35:3b:ed:0a:aa:25:d8:35:
52:c9:11:45:f2:1c:e6:83:df:31:92:11:f3:71:42:
50:aa:2e:db:d2:65:f5:61:4e:cd:25:9e:d5:30:5e:
42:e0:91:b7:3c:61:75:94:a4:f8:c5:f2:71:a6:cb:
00:81:59:18:de:fd:aa:91:9f:9f:2e:b1:bd:ec:f0:
c3:60:2b:0d:36:61:78:5d:fe:5a:f9:a8:e9:b9:a5:
1b:92:a4:2b:24:41:5f:db:31:b6:74:81:5e:bb:5d:
aa:ad:ec:dc:65:e1:4b:2b:04:86:74:a6:5c:cc:e5:
1a:c1:cd:6a:0a:cc:98:0d:50:d3:d0:d4:45:ac:88:
11:ec:90:ca:92:58:11:d6:5a:d1:e7:bb:66:9a:66:
f1:20:81:51:6f:73:9b:c7:d8:24:0a:4e:0c:de:4e:
a9:5d:84:6a:0a:39:b2:f1:b4:e9:f3:71:d6:fb:55:
7b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:76:FC:94:B7:04:E7:9C:94:3E:B4:F8:F6:0D:7F:EB:57:E6:7D:2C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3132382e302f32312d3231203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.128.0/21
Signature Algorithm: sha256WithRSAEncryption
95:81:4d:af:6c:2d:f9:86:6d:16:19:e0:97:d9:2a:0a:4f:a7:
a8:36:cd:36:4e:95:6f:bc:c1:21:02:5f:df:4a:07:3d:7b:cc:
ac:d4:57:82:9c:65:61:73:16:87:70:0f:28:46:49:5c:09:b1:
65:42:62:eb:d7:12:ae:14:61:2b:a2:21:58:fe:8e:76:1e:4c:
1d:f2:62:5f:b0:d9:1a:85:49:b2:d1:b9:d5:0e:cb:87:65:13:
d9:6d:15:fa:0f:d1:77:21:3b:14:64:cb:52:48:8b:bf:04:42:
17:1f:f6:2f:7a:f9:3e:69:ab:6b:3b:cb:68:67:de:4f:b6:14:
8f:ef:3a:45:4b:31:d8:74:fb:53:72:5e:b9:95:de:d8:53:13:
4b:d4:31:1d:6a:4f:23:6b:a4:21:18:c7:1a:da:c8:0f:3f:4b:
9b:bf:c0:d2:62:34:a1:a0:0a:4a:a3:68:a7:89:ff:85:31:fa:
5b:32:9f:2f:70:86:3b:94:e8:07:01:d8:eb:ef:e3:29:cc:0b:
5e:d8:b1:d9:88:1d:3b:cf:5d:8a:18:dc:ba:72:9e:4b:34:5d:
23:de:54:ed:af:88:3b:7d:73:85:fa:bd:6a:a4:03:6d:e9:5d:
d1:0c:31:23:56:10:a7:35:85:0e:18:c1:b5:f0:ef:59:8f:59:
55:9b:54:07
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUbv89ioG9wBJyXiJ0nBLtxCBbu3cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzNTVaFw0yNTAyMTgxNDM4NTVaMDMxMTAvBgNV
BAMTKDVCNzZGQzk0QjcwNEU3OUM5NDNFQjRGOEY2MEQ3RkVCNTdFNjdEMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+vGo31z51XFy6UNbPyhKKtOy2
Ner33RBXxQH/BBJq2t/ox1ynuEXl6DrT7Wht/8VqxxWs9FksHKDVMX5rPXru6Rmk
YAP8ihPxgdnDrFOtG3I1O+0KqiXYNVLJEUXyHOaD3zGSEfNxQlCqLtvSZfVhTs0l
ntUwXkLgkbc8YXWUpPjF8nGmywCBWRje/aqRn58usb3s8MNgKw02YXhd/lr5qOm5
pRuSpCskQV/bMbZ0gV67Xaqt7Nxl4UsrBIZ0plzM5RrBzWoKzJgNUNPQ1EWsiBHs
kMqSWBHWWtHnu2aaZvEggVFvc5vH2CQKTgzeTqldhGoKObLxtOnzcdb7VXvzAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUW3b8lLcE55yUPrT49g1/61fmfSwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzMjM4
MmUzMDJmMzIzMTJkMzIzMTIwM2QzZTIwMzYzODM0Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMlNIAw
DQYJKoZIhvcNAQELBQADggEBAJWBTa9sLfmGbRYZ4JfZKgpPp6g2zTZOlW+8wSEC
X99KBz17zKzUV4KcZWFzFodwDyhGSVwJsWVCYuvXEq4UYSuiIVj+jnYeTB3yYl+w
2RqFSbLRudUOy4dlE9ltFfoP0XchOxRky1JIi78EQhcf9i96+T5pq2s7y2hn3k+2
FI/vOkVLMdh0+1NyXrmV3thTE0vUMR1qTyNrpCEYxxrayA8/S5u/wNJiNKGgCkqj
aKeJ/4Ux+lsyny9whjuU6AcB2Ovv4ynMC17YsdmIHTvPXYoY3Lpynks0XSPeVO2v
iDt9c4X6vWqkA23pXdEMMSNWEKc1hQ4YwbXw71mPWVWbVAc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:29:37 2025 by rpki-client