Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33322e302f32312d3231203d3e2036383439.roa
File: 33372e35322e33322e302f32312d3231203d3e2036383439.roa (raw, json)
Hash identifier: DnGZAVPVjeJTqAQA7ieJOCXmUszzRQuHP8m7IN7uUTc=
Subject key identifier: 65:3A:A2:53:E4:14:B3:A0:29:05:2C:5F:E8:7C:3F:BD:44:BE:E1:4B
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 11AB2A66AEF3C10DD23A807D82EE23350401BA7A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33322e302f32312d3231203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:36:35 +0000
ROA not before: Tue 20 Feb 2024 14:31:35 +0000
ROA not after: Tue 18 Feb 2025 14:36:35 +0000
asID: 6849
IP address blocks: 37.52.32.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:ab:2a:66:ae:f3:c1:0d:d2:3a:80:7d:82:ee:23:35:04:01:ba:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:31:35 2024 GMT
Not After : Feb 18 14:36:35 2025 GMT
Subject: CN=653AA253E414B3A029052C5FE87C3FBD44BEE14B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e9:95:8b:8b:88:19:3b:32:a8:7e:a7:1f:e5:
01:4f:44:52:7a:bf:76:04:4e:e1:e9:0e:fb:ef:7e:
1e:6a:e3:48:51:e1:48:bb:5a:31:3a:22:45:93:35:
95:b3:8c:c8:dd:1d:47:9b:f4:2e:ba:59:7f:56:16:
bc:f4:67:30:7e:3e:22:27:42:fe:95:bf:b2:3e:dc:
ab:df:87:53:72:2f:c2:e7:96:90:7f:0b:b4:40:f6:
af:c7:c6:24:8a:4f:dd:a1:16:d1:a9:60:24:24:a0:
36:89:b5:76:dc:32:97:7d:35:30:a5:1d:70:cc:fe:
13:7b:8c:da:5c:e5:2e:26:db:c0:74:35:3e:93:44:
fa:f3:3d:4e:1f:fd:31:ec:c5:d3:4a:86:37:31:d7:
52:e5:da:64:1c:38:23:e5:58:33:01:01:5a:60:0d:
f1:6c:a1:3d:4d:4c:4d:5b:71:9a:eb:88:32:7f:6d:
f2:c4:20:a5:af:78:7d:18:9c:6b:c6:e6:2c:c7:fe:
9d:e3:f3:89:9a:ba:82:dc:a5:c4:eb:23:19:00:3c:
fb:72:12:2f:1e:d0:36:35:11:33:a7:f4:0e:9a:60:
e9:1e:e3:48:4c:88:7e:94:49:8b:49:a1:12:3d:6c:
63:94:f1:cc:d2:ba:92:d5:f2:ba:b5:c3:f9:17:87:
73:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3A:A2:53:E4:14:B3:A0:29:05:2C:5F:E8:7C:3F:BD:44:BE:E1:4B
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33322e302f32312d3231203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.32.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:86:31:b1:af:95:cc:93:e1:23:90:89:4b:da:a3:8a:3c:2d:
e8:12:55:bb:8e:29:13:ec:ed:da:af:af:6b:84:40:d3:85:5e:
ef:cb:2e:5a:61:43:82:83:f3:b7:b5:8c:77:78:00:68:92:7c:
36:06:e3:b4:f0:40:d6:00:ef:35:11:c7:99:d2:6a:6b:5d:57:
cd:c4:20:84:08:11:01:18:72:19:21:5f:3e:6a:d9:e1:df:f0:
cb:4f:71:c2:32:47:32:57:19:4f:3b:31:01:4c:67:04:00:f1:
f9:ea:74:14:47:9f:cd:0c:38:f7:5b:1c:23:6f:d8:9a:3e:b0:
6b:02:0e:0c:03:3f:05:b7:01:72:46:93:67:f9:df:d1:6f:7f:
0d:1e:a2:7f:2a:17:53:5b:07:5e:b3:49:02:d9:cb:09:e8:8c:
b4:8d:83:5e:73:c2:69:14:b7:39:ee:41:f9:2f:dc:4a:3f:5c:
a3:22:22:b0:8b:30:bd:1f:7a:d3:3f:3f:81:51:55:13:08:df:
9d:2f:64:35:a8:1a:34:c5:6d:54:6a:f7:5c:cd:ee:73:0d:1d:
60:88:81:7f:0b:7e:86:af:f7:7d:c4:3c:0d:ed:a2:b8:bb:c6:
36:dc:45:3f:2b:88:4b:c7:54:65:1a:6b:5b:8c:dd:bc:c9:82:
16:1b:ea:b2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUEasqZq7zwQ3SOoB9gu4jNQQBunowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMxMzVaFw0yNTAyMTgxNDM2MzVaMDMxMTAvBgNV
BAMTKDY1M0FBMjUzRTQxNEIzQTAyOTA1MkM1RkU4N0MzRkJENDRCRUUxNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN6ZWLi4gZOzKofqcf5QFPRFJ6
v3YETuHpDvvvfh5q40hR4Ui7WjE6IkWTNZWzjMjdHUeb9C66WX9WFrz0ZzB+PiIn
Qv6Vv7I+3Kvfh1NyL8LnlpB/C7RA9q/HxiSKT92hFtGpYCQkoDaJtXbcMpd9NTCl
HXDM/hN7jNpc5S4m28B0NT6TRPrzPU4f/THsxdNKhjcx11Ll2mQcOCPlWDMBAVpg
DfFsoT1NTE1bcZrriDJ/bfLEIKWveH0YnGvG5izH/p3j84mauoLcpcTrIxkAPPty
Ei8e0DY1ETOn9A6aYOke40hMiH6USYtJoRI9bGOU8czSupLV8rq1w/kXh3ONAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUZTqiU+QUs6ApBSxf6Hw/vUS+4UswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzMzMjJl
MzAyZjMyMzEyZDMyMzEyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJTQgMA0G
CSqGSIb3DQEBCwUAA4IBAQBvhjGxr5XMk+EjkIlL2qOKPC3oElW7jikT7O3ar69r
hEDThV7vyy5aYUOCg/O3tYx3eABoknw2BuO08EDWAO81EceZ0mprXVfNxCCECBEB
GHIZIV8+atnh3/DLT3HCMkcyVxlPOzEBTGcEAPH56nQUR5/NDDj3Wxwjb9iaPrBr
Ag4MAz8FtwFyRpNn+d/Rb38NHqJ/KhdTWwdes0kC2csJ6Iy0jYNec8JpFLc57kH5
L9xKP1yjIiKwizC9H3rTPz+BUVUTCN+dL2Q1qBo0xW1Uavdcze5zDR1giIF/C36G
r/d9xDwN7aK4u8Y23EU/K4hLx1RlGmtbjN28yYIWG+qy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org