Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33352e302f32342d3234203d3e2036383439.roa
File: 33372e35322e33352e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: IbeRonYEy1yp3CMCr8N+ljI2W5qGgHXCrXOi+3lVETo=
Subject key identifier: 80:31:54:4A:B7:30:5C:CE:28:FE:F3:82:CD:0D:51:34:A7:6A:C0:67
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 471D68333CCE068ED43EA6ECC2E18F9D4F694DEC
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33352e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:36:40 +0000
ROA not before: Tue 20 Feb 2024 14:31:40 +0000
ROA not after: Tue 18 Feb 2025 14:36:40 +0000
asID: 6849
IP address blocks: 37.52.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:1d:68:33:3c:ce:06:8e:d4:3e:a6:ec:c2:e1:8f:9d:4f:69:4d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:31:40 2024 GMT
Not After : Feb 18 14:36:40 2025 GMT
Subject: CN=8031544AB7305CCE28FEF382CD0D5134A76AC067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2b:43:c8:bc:81:9b:70:d6:3f:39:68:07:88:
89:c1:c1:41:44:0d:a8:4e:43:34:1f:c5:8e:7b:5f:
d4:41:a8:dd:11:f6:91:01:6b:a4:52:8f:d6:69:c7:
51:0d:e0:4e:40:62:7d:1a:64:15:88:d2:6a:bd:7f:
0d:fe:01:6f:6f:fc:e6:46:22:28:a0:90:2a:08:fb:
2e:2d:dd:ae:c7:f9:0b:4b:68:0f:45:fc:58:d3:33:
4c:7d:b5:01:de:68:eb:a5:cb:54:29:a6:e6:0a:cb:
83:9d:a9:d4:75:74:57:cc:4f:35:bb:88:85:6f:b6:
9f:50:0f:95:92:da:da:55:a9:dc:3f:fa:e6:ef:5a:
22:43:d7:15:14:a5:27:7f:3b:50:8e:44:c0:14:b6:
32:c2:85:6a:ad:2e:e0:39:9a:8a:b2:8d:dd:6e:3d:
7f:8e:d2:1c:d3:3f:3c:07:ed:5e:bd:64:dd:ff:27:
15:0e:49:4c:85:df:a6:5c:33:4a:03:02:21:8e:49:
36:98:05:6b:2b:c0:c3:dc:a5:23:24:33:25:c4:c9:
89:ba:62:a3:c4:93:0c:e4:21:d1:47:08:68:ca:46:
3a:49:a6:37:70:83:a4:81:71:c4:5a:69:8f:97:4b:
cb:bb:ff:22:d2:29:c5:c0:40:b0:7d:a3:a1:79:40:
fc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:31:54:4A:B7:30:5C:CE:28:FE:F3:82:CD:0D:51:34:A7:6A:C0:67
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33352e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.35.0/24
Signature Algorithm: sha256WithRSAEncryption
79:e8:74:40:fb:ff:3f:42:40:9a:5a:b7:7f:45:36:18:81:d4:
e9:20:5b:92:4a:5f:20:ef:f7:a5:7f:6e:53:20:e0:08:f6:72:
d4:2c:37:7d:50:a9:6f:8e:b7:e3:29:cb:6e:a7:7c:cc:89:13:
bf:2d:bd:bd:c0:9a:03:4d:5d:ab:a0:39:85:55:c0:58:ef:c2:
6e:fd:6f:e5:f7:ec:98:c1:58:cf:c3:79:67:be:b5:b0:6e:70:
4c:a4:34:52:a4:92:82:c6:e1:a5:ff:c6:08:4f:90:9c:d3:42:
8c:2f:18:93:3f:f9:14:0b:df:db:c7:d0:ac:86:ad:6f:7e:e0:
80:91:e5:d0:76:de:a7:d7:6a:9c:34:8e:f5:7f:2b:8b:67:16:
7f:6a:b6:d2:42:90:14:52:91:4f:46:0d:41:d5:7d:a9:fc:f1:
2d:43:58:e1:35:e8:d2:28:5b:3b:75:f5:72:6b:41:5f:1d:81:
08:4b:29:95:31:b7:3f:aa:2b:a8:23:ef:2a:6e:18:49:7c:7c:
0e:80:fb:a6:27:61:36:62:18:b1:9b:21:7d:c8:13:c7:55:d7:
21:bb:fa:7b:6e:d2:fb:5a:67:4f:19:68:01:e3:4f:b4:9d:87:
a3:2e:9e:18:26:b3:75:59:99:79:08:41:21:91:07:3e:2f:97:
e2:49:78:48
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIURx1oMzzOBo7UPqbswuGPnU9pTewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMxNDBaFw0yNTAyMTgxNDM2NDBaMDMxMTAvBgNV
BAMTKDgwMzE1NDRBQjczMDVDQ0UyOEZFRjM4MkNEMEQ1MTM0QTc2QUMwNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8K0PIvIGbcNY/OWgHiInBwUFE
DahOQzQfxY57X9RBqN0R9pEBa6RSj9Zpx1EN4E5AYn0aZBWI0mq9fw3+AW9v/OZG
IiigkCoI+y4t3a7H+QtLaA9F/FjTM0x9tQHeaOuly1QppuYKy4OdqdR1dFfMTzW7
iIVvtp9QD5WS2tpVqdw/+ubvWiJD1xUUpSd/O1CORMAUtjLChWqtLuA5moqyjd1u
PX+O0hzTPzwH7V69ZN3/JxUOSUyF36ZcM0oDAiGOSTaYBWsrwMPcpSMkMyXEyYm6
YqPEkwzkIdFHCGjKRjpJpjdwg6SBccRaaY+XS8u7/yLSKcXAQLB9o6F5QPxNAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUgDFUSrcwXM4o/vOCzQ1RNKdqwGcwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzMzNTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTQjMA0G
CSqGSIb3DQEBCwUAA4IBAQB56HRA+/8/QkCaWrd/RTYYgdTpIFuSSl8g7/elf25T
IOAI9nLULDd9UKlvjrfjKctup3zMiRO/Lb29wJoDTV2roDmFVcBY78Ju/W/l9+yY
wVjPw3lnvrWwbnBMpDRSpJKCxuGl/8YIT5Cc00KMLxiTP/kUC9/bx9Cshq1vfuCA
keXQdt6n12qcNI71fyuLZxZ/arbSQpAUUpFPRg1B1X2p/PEtQ1jhNejSKFs7dfVy
a0FfHYEISymVMbc/qiuoI+8qbhhJfHwOgPumJ2E2YhixmyF9yBPHVdchu/p7btL7
WmdPGWgB40+0nYejLp4YJrN1WZl5CEEhkQc+L5fiSXhI
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org