Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33342e302f32342d3234203d3e2036383439.roa
File: 33372e35322e33342e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: Zs9mBo8SkxHI2i+V0ggjgQlffa7anctx280uiuLdsQI=
Subject key identifier: B5:03:D1:39:63:C6:1B:AC:0F:32:D6:10:30:C7:B7:C8:6C:3E:55:94
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 610734DA64209D973C0E7358E536E74C3254F378
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33342e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:36:38 +0000
ROA not before: Tue 20 Feb 2024 14:31:38 +0000
ROA not after: Tue 18 Feb 2025 14:36:38 +0000
asID: 6849
IP address blocks: 37.52.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:07:34:da:64:20:9d:97:3c:0e:73:58:e5:36:e7:4c:32:54:f3:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:31:38 2024 GMT
Not After : Feb 18 14:36:38 2025 GMT
Subject: CN=B503D13963C61BAC0F32D61030C7B7C86C3E5594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:9a:47:ef:73:8d:9e:1a:24:2d:7e:65:7e:5d:
4f:c5:71:be:eb:08:7e:8c:07:5a:9b:bd:cd:3d:69:
61:a2:d3:19:ad:1b:8a:1c:07:07:4c:6a:bd:e7:33:
cb:34:c0:f3:b9:1c:9f:b0:83:55:ab:ef:19:7b:7a:
8c:d3:f9:3b:1d:eb:26:db:6e:24:af:ff:1f:42:69:
cf:6d:97:49:d0:10:89:4c:95:22:82:d6:bd:10:6f:
b1:61:42:64:d2:cd:8a:02:f4:1d:46:d9:59:78:74:
26:c6:42:ac:48:4f:b7:b7:cc:f4:53:4c:0d:9b:c3:
37:a6:1b:ca:d0:46:e7:a3:8e:17:a4:b8:5e:a8:98:
be:53:5e:05:d1:b6:a1:7f:e1:45:46:48:3b:1c:a9:
fd:a0:63:dc:9c:ac:84:37:8d:32:6a:02:07:38:78:
6c:fa:55:7b:86:8c:e3:ca:a3:7d:2b:1b:cb:ca:e0:
1e:06:0f:a9:79:10:e7:71:c8:ab:f1:5e:56:65:18:
3c:6b:af:9f:8a:58:fb:cd:9c:89:4a:9c:9f:2d:93:
5c:e8:b7:e0:a1:8e:09:3e:2d:53:0b:32:c8:3d:be:
e0:3c:66:71:b4:bf:38:31:40:f6:ca:a8:03:a3:25:
1c:3f:20:f8:9b:f3:b2:be:77:da:61:1b:a9:4b:76:
33:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:03:D1:39:63:C6:1B:AC:0F:32:D6:10:30:C7:B7:C8:6C:3E:55:94
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33342e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.34.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:bc:e4:5e:1e:3a:fb:79:69:07:a1:1f:11:66:39:b6:2b:ae:
36:ce:01:54:84:75:09:b6:2a:53:fc:a9:cf:7d:39:e7:87:01:
9b:b6:76:09:15:20:5c:15:69:3d:e2:54:1f:6d:da:eb:15:58:
37:46:20:ab:66:66:99:22:2b:fd:87:1f:6e:8b:ac:94:b4:cd:
97:c4:99:95:53:5e:1f:86:d3:c1:67:5c:6d:4f:0f:01:aa:85:
f8:92:b6:29:4d:da:17:87:0f:fe:a3:a2:f0:fa:e5:c8:87:79:
83:bc:b1:3b:0c:2c:86:f0:3e:ad:18:0c:e1:1a:fe:fb:c3:54:
1d:78:ca:23:23:e7:e1:8a:1b:94:ba:e3:17:ee:b6:f3:67:c3:
40:57:79:bb:db:fe:d1:0a:48:87:bf:5f:e6:d6:cc:45:6a:08:
b9:77:4b:87:93:aa:c8:76:70:5a:b5:b5:46:96:b6:c8:1a:b5:
26:ff:c8:96:ff:c6:56:02:a2:c3:12:b0:13:ce:d9:ad:db:46:
8e:f8:d1:53:45:f2:37:f5:54:ef:8a:83:81:2f:9f:b8:85:18:
99:e1:ca:23:4b:ab:ce:36:5b:93:8c:a7:10:26:bc:e6:18:2b:
f0:c9:98:3a:b6:bf:3c:20:0e:0e:0b:5b:5b:65:b1:ba:f6:1e:
3f:df:15:a8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUYQc02mQgnZc8DnNY5TbnTDJU83gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMxMzhaFw0yNTAyMTgxNDM2MzhaMDMxMTAvBgNV
BAMTKEI1MDNEMTM5NjNDNjFCQUMwRjMyRDYxMDMwQzdCN0M4NkMzRTU1OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmmkfvc42eGiQtfmV+XU/Fcb7r
CH6MB1qbvc09aWGi0xmtG4ocBwdMar3nM8s0wPO5HJ+wg1Wr7xl7eozT+Tsd6ybb
biSv/x9Cac9tl0nQEIlMlSKC1r0Qb7FhQmTSzYoC9B1G2Vl4dCbGQqxIT7e3zPRT
TA2bwzemG8rQRuejjhekuF6omL5TXgXRtqF/4UVGSDscqf2gY9ycrIQ3jTJqAgc4
eGz6VXuGjOPKo30rG8vK4B4GD6l5EOdxyKvxXlZlGDxrr5+KWPvNnIlKnJ8tk1zo
t+Chjgk+LVMLMsg9vuA8ZnG0vzgxQPbKqAOjJRw/IPib87K+d9phG6lLdjOvAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUtQPROWPGG6wPMtYQMMe3yGw+VZQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzMzNDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTQiMA0G
CSqGSIb3DQEBCwUAA4IBAQCgvOReHjr7eWkHoR8RZjm2K642zgFUhHUJtipT/KnP
fTnnhwGbtnYJFSBcFWk94lQfbdrrFVg3RiCrZmaZIiv9hx9ui6yUtM2XxJmVU14f
htPBZ1xtTw8BqoX4krYpTdoXhw/+o6Lw+uXIh3mDvLE7DCyG8D6tGAzhGv77w1Qd
eMojI+fhihuUuuMX7rbzZ8NAV3m72/7RCkiHv1/m1sxFagi5d0uHk6rIdnBatbVG
lrbIGrUm/8iW/8ZWAqLDErATztmt20aO+NFTRfI39VTvioOBL5+4hRiZ4cojS6vO
NluTjKcQJrzmGCvwyZg6tr88IA4OC1tbZbG69h4/3xWo
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:05:33 2025 by rpki-client