Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e332e302f32342d3234203d3e2036383439.roa
File: 33372e35322e332e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: 10kDaxYeiABDMdsX2080EGvg8KHKTPN8o/nNuxrqrzQ=
Subject key identifier: F3:D9:82:C4:AF:96:0D:43:0D:07:9A:C3:9F:E9:F8:D5:A1:B9:5A:F2
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0634D9E2E9E469CBCD019CACA6946ECAF7C95E99
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e332e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:36:18 +0000
ROA not before: Tue 20 Feb 2024 14:31:18 +0000
ROA not after: Tue 18 Feb 2025 14:36:18 +0000
asID: 6849
IP address blocks: 37.52.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:34:d9:e2:e9:e4:69:cb:cd:01:9c:ac:a6:94:6e:ca:f7:c9:5e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:31:18 2024 GMT
Not After : Feb 18 14:36:18 2025 GMT
Subject: CN=F3D982C4AF960D430D079AC39FE9F8D5A1B95AF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3a:95:18:fd:fb:46:8f:99:00:f2:c2:23:a3:
1d:33:d3:ae:49:fb:51:61:a1:be:50:46:e1:02:86:
c9:39:cb:d4:40:e4:2f:b7:b9:00:7a:6b:cc:65:16:
01:e6:87:27:35:de:3e:fd:ff:bb:49:9c:68:17:e2:
4a:6c:7e:55:d6:3e:33:2c:f0:c3:80:46:20:40:d1:
7e:3e:93:0b:52:be:06:bc:0b:03:d2:a5:5c:a7:ed:
e1:8c:10:3d:eb:82:d6:90:33:60:77:bf:d4:90:0e:
f5:0d:c7:c8:31:a1:f8:1d:ff:71:d0:0b:8c:7a:fc:
d1:15:4e:89:32:af:1d:ba:43:ed:7d:d1:32:e6:8c:
49:ec:18:80:47:04:0c:d9:12:4e:03:dc:b6:6d:d5:
60:db:ad:72:02:28:39:00:87:a6:11:ed:fb:fc:ed:
a5:8f:b7:6f:bf:06:7e:53:3c:5a:3e:69:54:38:f2:
19:fe:b1:c0:41:1b:d6:47:4c:1c:de:f6:cc:39:d5:
bd:8b:d3:6c:aa:70:da:86:3a:bb:2b:cc:b9:e2:a7:
10:7e:85:03:40:e3:b9:36:23:5c:4a:a4:73:f2:6e:
b6:fe:b9:1a:13:34:34:22:bc:85:94:39:a5:c0:ea:
f7:8d:b8:cb:14:2c:d7:20:0f:df:81:fa:fb:c2:89:
3b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D9:82:C4:AF:96:0D:43:0D:07:9A:C3:9F:E9:F8:D5:A1:B9:5A:F2
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e332e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.3.0/24
Signature Algorithm: sha256WithRSAEncryption
43:3d:35:81:98:17:9c:35:3e:a6:8e:3f:f3:1f:68:15:f5:f5:
55:b0:ef:4a:db:41:23:3b:21:1d:25:e0:b5:f7:31:43:84:b1:
00:fe:18:4d:df:9d:50:c5:24:73:c4:d1:49:30:df:78:d4:6e:
bc:1c:a9:14:b6:0a:8f:3c:a1:5a:67:6b:1f:49:a0:fa:0d:ad:
47:a8:a9:78:c3:31:04:ad:0b:27:4f:bd:83:fd:4d:c5:a2:60:
94:4b:1c:52:ac:ae:97:9d:43:78:d0:58:d6:4e:ac:d5:a3:43:
7f:6a:7d:53:ce:da:68:ea:cc:aa:61:33:f8:11:09:07:00:f5:
5f:5c:97:34:b3:fe:0f:65:f4:3d:e5:7e:f7:90:48:9d:e2:6c:
85:28:23:dd:c8:8b:1c:8b:51:f2:b1:07:57:94:c6:4b:c9:ed:
d4:93:42:7a:21:10:ab:90:1c:24:1f:ae:d0:1d:1f:87:a5:52:
b0:14:84:9b:2e:5f:83:7e:62:f9:1c:aa:a5:f8:85:95:02:b6:
79:9d:dc:66:86:4e:3b:1f:ad:63:6a:6b:c0:59:9a:87:22:3c:
52:72:85:6a:d9:86:c8:ee:09:8e:80:db:b7:54:41:7a:09:41:
47:81:7b:cc:9e:8f:9d:40:e1:3b:6a:6d:20:7a:fc:81:16:6d:
b0:27:70:27
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUBjTZ4unkacvNAZysppRuyvfJXpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMxMThaFw0yNTAyMTgxNDM2MThaMDMxMTAvBgNV
BAMTKEYzRDk4MkM0QUY5NjBENDMwRDA3OUFDMzlGRTlGOEQ1QTFCOTVBRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUOpUY/ftGj5kA8sIjox0z065J
+1Fhob5QRuEChsk5y9RA5C+3uQB6a8xlFgHmhyc13j79/7tJnGgX4kpsflXWPjMs
8MOARiBA0X4+kwtSvga8CwPSpVyn7eGMED3rgtaQM2B3v9SQDvUNx8gxofgd/3HQ
C4x6/NEVTokyrx26Q+190TLmjEnsGIBHBAzZEk4D3LZt1WDbrXICKDkAh6YR7fv8
7aWPt2+/Bn5TPFo+aVQ48hn+scBBG9ZHTBze9sw51b2L02yqcNqGOrsrzLnipxB+
hQNA47k2I1xKpHPybrb+uRoTNDQivIWUOaXA6veNuMsULNcgD9+B+vvCiTtLAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU89mCxK+WDUMNB5rDn+n41aG5WvIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzMyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNjM4MzQzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACU0AzANBgkq
hkiG9w0BAQsFAAOCAQEAQz01gZgXnDU+po4/8x9oFfX1VbDvSttBIzshHSXgtfcx
Q4SxAP4YTd+dUMUkc8TRSTDfeNRuvBypFLYKjzyhWmdrH0mg+g2tR6ipeMMxBK0L
J0+9g/1NxaJglEscUqyul51DeNBY1k6s1aNDf2p9U87aaOrMqmEz+BEJBwD1X1yX
NLP+D2X0PeV+95BIneJshSgj3ciLHItR8rEHV5TGS8nt1JNCeiEQq5AcJB+u0B0f
h6VSsBSEmy5fg35i+RyqpfiFlQK2eZ3cZoZOOx+tY2prwFmahyI8UnKFatmGyO4J
joDbt1RBeglBR4F7zJ6PnUDhO2ptIHr8gRZtsCdwJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org