Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3134342e302f32312d3231203d3e2036383439.roa
File: 33372e35322e3134342e302f32312d3231203d3e2036383439.roa (raw, json)
Hash identifier: GzfV6twABKBrQHnMoX7EYmtDSk3XBuj9X6e3dYrssBE=
Subject key identifier: EA:98:7A:85:27:FE:9F:8D:ED:65:0D:51:EF:92:04:48:BD:F2:F3:D3
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0CC8D3B0B6776BC815332A12C2A01CB0BD9FD664
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3134342e302f32312d3231203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:39:07 +0000
ROA not before: Tue 20 Feb 2024 14:34:07 +0000
ROA not after: Tue 18 Feb 2025 14:39:07 +0000
asID: 6849
IP address blocks: 37.52.144.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:c8:d3:b0:b6:77:6b:c8:15:33:2a:12:c2:a0:1c:b0:bd:9f:d6:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:34:07 2024 GMT
Not After : Feb 18 14:39:07 2025 GMT
Subject: CN=EA987A8527FE9F8DED650D51EF920448BDF2F3D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ae:6c:2a:3b:f9:30:82:db:9f:42:3f:5b:06:
20:24:d8:ff:f7:ce:1f:18:9f:96:35:53:67:3b:97:
6e:77:2d:8b:2e:1d:65:35:52:df:8f:30:3b:e9:8d:
62:ad:2a:20:88:ae:0d:be:cf:f4:a5:6c:4d:b9:db:
fb:48:72:e1:54:9e:9b:a3:c3:41:69:71:6e:3a:a1:
c0:ef:19:43:b6:c6:3d:7b:79:99:cd:17:04:22:f6:
33:48:e0:7c:48:9b:6c:a7:6e:1e:26:d9:18:d4:6a:
d1:53:6a:39:82:f9:5a:54:b5:c8:3a:d9:bd:25:fd:
43:03:f2:f9:5a:d4:55:f3:06:0d:f5:59:53:2e:03:
0c:1d:9c:36:e4:8a:5b:62:4d:f9:26:40:33:95:53:
78:50:a6:ec:21:08:b6:94:c9:bc:a1:27:ec:ac:76:
fa:68:67:9b:31:6c:eb:1b:09:da:39:ba:8c:5e:51:
14:87:84:73:ad:8f:92:21:d9:de:38:4c:18:69:73:
76:a2:53:34:ec:c1:37:dc:d1:ef:f4:24:fb:cb:ba:
8a:dd:b5:3e:9a:e4:1e:6c:c8:95:8d:2a:fe:23:db:
83:0d:2c:cf:c3:69:43:34:b9:ef:75:80:e9:d2:27:
fc:61:c8:f2:b0:f1:25:19:68:61:8a:be:26:27:9d:
30:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:98:7A:85:27:FE:9F:8D:ED:65:0D:51:EF:92:04:48:BD:F2:F3:D3
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3134342e302f32312d3231203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.144.0/21
Signature Algorithm: sha256WithRSAEncryption
55:ac:c3:9f:cb:b0:dd:43:89:3b:3f:99:24:69:e1:41:73:5a:
29:c1:4e:18:f0:c5:06:73:03:bf:8c:a5:92:24:2f:04:3c:6f:
d2:53:5c:58:ca:07:5b:b5:2e:4e:91:05:51:2e:4d:e0:60:8a:
af:08:2e:3f:47:81:1f:12:ad:00:5d:4d:6d:a4:0e:cb:b6:be:
01:79:c9:e1:c2:96:c3:af:05:37:05:50:58:b5:33:3b:81:ed:
3b:be:eb:9f:da:d4:c7:18:ec:f3:d2:7b:3a:73:cb:8e:69:86:
15:b3:eb:85:a7:05:bc:4a:d2:79:2c:c2:04:9c:ff:b0:af:4d:
c1:89:9e:3a:dc:f6:7b:16:9e:45:1c:ca:e8:54:6b:06:9a:fc:
2d:d8:53:e9:6b:bd:62:38:6f:9c:e4:41:cb:62:27:6a:54:c6:
70:e9:ee:e7:82:8f:02:cf:47:7c:33:8f:ad:ff:b1:d6:5b:15:
88:fc:a4:a3:37:ba:fe:ff:c5:a6:9b:2b:b7:de:9d:82:c2:8e:
f3:23:05:9c:93:3f:1e:0c:06:46:ca:da:5a:8a:c0:71:f6:52:
48:6d:a3:71:34:3b:eb:c0:7f:f8:25:a2:6b:18:e9:91:19:5c:
0a:fa:1b:e8:04:f1:c5:a7:fa:4e:da:3a:f1:b0:ff:09:e8:66:
56:5f:e2:ed
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDMjTsLZ3a8gVMyoSwqAcsL2f1mQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDM0MDdaFw0yNTAyMTgxNDM5MDdaMDMxMTAvBgNV
BAMTKEVBOTg3QTg1MjdGRTlGOERFRDY1MEQ1MUVGOTIwNDQ4QkRGMkYzRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCrmwqO/kwgtufQj9bBiAk2P/3
zh8Yn5Y1U2c7l253LYsuHWU1Ut+PMDvpjWKtKiCIrg2+z/SlbE252/tIcuFUnpuj
w0FpcW46ocDvGUO2xj17eZnNFwQi9jNI4HxIm2ynbh4m2RjUatFTajmC+VpUtcg6
2b0l/UMD8vla1FXzBg31WVMuAwwdnDbkiltiTfkmQDOVU3hQpuwhCLaUybyhJ+ys
dvpoZ5sxbOsbCdo5uoxeURSHhHOtj5Ih2d44TBhpc3aiUzTswTfc0e/0JPvLuord
tT6a5B5syJWNKv4j24MNLM/DaUM0ue91gOnSJ/xhyPKw8SUZaGGKviYnnTAjAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU6ph6hSf+n43tZQ1R75IESL3y89MwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzNDM0
MmUzMDJmMzIzMTJkMzIzMTIwM2QzZTIwMzYzODM0Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMlNJAw
DQYJKoZIhvcNAQELBQADggEBAFWsw5/LsN1DiTs/mSRp4UFzWinBThjwxQZzA7+M
pZIkLwQ8b9JTXFjKB1u1Lk6RBVEuTeBgiq8ILj9HgR8SrQBdTW2kDsu2vgF5yeHC
lsOvBTcFUFi1MzuB7Tu+65/a1McY7PPSezpzy45phhWz64WnBbxK0nkswgSc/7Cv
TcGJnjrc9nsWnkUcyuhUawaa/C3YU+lrvWI4b5zkQctiJ2pUxnDp7ueCjwLPR3wz
j63/sdZbFYj8pKM3uv7/xaabK7fenYLCjvMjBZyTPx4MBkbK2lqKwHH2Ukhto3E0
O+vAf/glomsY6ZEZXAr6G+gE8cWn+k7aOvGw/wnoZlZf4u0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org