Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33362e302f32342d3234203d3e2036383439.roa
File: 33372e35322e33362e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: ZlPhjX0ocJW0j48csVGtR/6byZifeKXw20UXRHRei+4=
Subject key identifier: 2D:BF:6B:C3:5D:16:47:0E:AD:E1:56:95:BE:CD:27:9B:20:1E:B7:58
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5AAE90DB449C0B70ACD66F71E90950B3B57DF068
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33362e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:36:42 +0000
ROA not before: Tue 20 Feb 2024 14:31:42 +0000
ROA not after: Tue 18 Feb 2025 14:36:42 +0000
asID: 6849
IP address blocks: 37.52.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:ae:90:db:44:9c:0b:70:ac:d6:6f:71:e9:09:50:b3:b5:7d:f0:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:31:42 2024 GMT
Not After : Feb 18 14:36:42 2025 GMT
Subject: CN=2DBF6BC35D16470EADE15695BECD279B201EB758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:58:38:cb:83:5c:1a:4b:0c:2e:35:d1:a4:9c:
0d:fa:f7:41:cb:42:7c:36:c5:94:c8:d3:a3:de:23:
52:a3:0a:44:94:2c:97:88:66:bf:3c:c3:02:fe:60:
8f:92:88:24:f2:79:b3:df:61:61:27:ef:eb:b1:3c:
7c:34:a9:d9:81:32:23:e9:56:22:b8:d2:33:1b:2f:
91:82:22:ce:bc:c2:4e:96:b4:18:82:8c:9a:75:43:
ab:f5:2d:31:8c:b9:d1:51:af:e6:93:8a:d1:75:f7:
e3:74:9f:da:e0:bd:3c:f7:80:58:c7:eb:ba:4a:60:
25:6a:c7:02:ff:6c:e3:45:84:27:77:aa:ab:eb:72:
97:a6:32:c4:3c:25:a2:f9:d9:87:0f:c5:0b:0c:0f:
c3:02:7c:7a:9b:d1:6e:13:c4:e8:1c:a1:ee:95:4e:
1a:10:53:32:13:c3:5f:75:0c:52:c4:e9:29:9c:80:
b4:95:b0:e6:94:f4:ce:d2:10:57:48:f6:85:57:53:
d6:aa:83:cd:b5:6f:56:6e:59:23:7d:e2:f5:ff:50:
b2:d1:20:66:5f:3e:2d:b9:da:e7:f9:99:66:0a:ef:
05:e6:c5:e8:35:ed:eb:31:8f:a1:2c:25:dc:2a:b4:
01:18:2e:15:29:6a:41:ca:0e:cd:76:ae:6f:c8:3a:
e5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:BF:6B:C3:5D:16:47:0E:AD:E1:56:95:BE:CD:27:9B:20:1E:B7:58
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33362e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.36.0/24
Signature Algorithm: sha256WithRSAEncryption
17:cc:67:1f:ba:fa:4d:86:de:fe:ec:06:28:29:12:5f:9e:42:
9b:e2:e9:1e:e8:d7:1f:cd:86:14:82:79:f2:49:80:ff:1b:47:
1c:3a:2a:57:94:49:fe:47:23:1c:c5:dd:07:cd:04:c6:db:d7:
d6:93:ec:f9:53:ad:98:32:61:d3:69:78:10:4a:14:f2:a8:72:
fc:13:17:0c:94:4c:8f:66:c5:15:40:2b:21:25:5c:94:18:e2:
e0:b9:f1:04:38:15:e5:8b:fc:07:a1:e2:4d:4c:fd:f0:c4:3c:
59:86:d2:c4:b3:d1:04:bd:68:ad:6f:9c:73:9e:f9:ea:59:0c:
fd:fb:a8:29:b5:6f:c9:b4:9e:10:f6:f9:88:fe:21:63:d7:1a:
37:79:bd:46:9c:80:76:67:88:1e:e5:ab:7d:53:03:0b:77:8e:
79:e1:a0:6f:e8:d3:3a:e8:81:66:20:16:04:01:84:7e:ea:38:
18:80:54:f6:ce:7f:f2:2d:57:f9:ea:ae:76:ca:cb:f7:34:61:
98:13:2b:60:8d:f7:1b:db:1b:ec:fd:51:a2:18:31:47:a3:20:
00:da:f2:96:02:37:91:3d:12:06:a8:ce:18:9b:af:1e:f8:10:
85:49:9b:24:1d:8c:7c:07:f1:cf:eb:d0:eb:74:0a:67:b5:b8:
20:9b:da:75
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUWq6Q20ScC3Cs1m9x6QlQs7V98GgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMxNDJaFw0yNTAyMTgxNDM2NDJaMDMxMTAvBgNV
BAMTKDJEQkY2QkMzNUQxNjQ3MEVBREUxNTY5NUJFQ0QyNzlCMjAxRUI3NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCBWDjLg1waSwwuNdGknA3690HL
Qnw2xZTI06PeI1KjCkSULJeIZr88wwL+YI+SiCTyebPfYWEn7+uxPHw0qdmBMiPp
ViK40jMbL5GCIs68wk6WtBiCjJp1Q6v1LTGMudFRr+aTitF19+N0n9rgvTz3gFjH
67pKYCVqxwL/bONFhCd3qqvrcpemMsQ8JaL52YcPxQsMD8MCfHqb0W4TxOgcoe6V
ThoQUzITw191DFLE6SmcgLSVsOaU9M7SEFdI9oVXU9aqg821b1ZuWSN94vX/ULLR
IGZfPi252uf5mWYK7wXmxeg17esxj6EsJdwqtAEYLhUpakHKDs12rm/IOuVzAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQULb9rw10WRw6t4VaVvs0nmyAet1gwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzMzNjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTQkMA0G
CSqGSIb3DQEBCwUAA4IBAQAXzGcfuvpNht7+7AYoKRJfnkKb4uke6NcfzYYUgnny
SYD/G0ccOipXlEn+RyMcxd0HzQTG29fWk+z5U62YMmHTaXgQShTyqHL8ExcMlEyP
ZsUVQCshJVyUGOLgufEEOBXli/wHoeJNTP3wxDxZhtLEs9EEvWitb5xznvnqWQz9
+6gptW/JtJ4Q9vmI/iFj1xo3eb1GnIB2Z4ge5at9UwMLd4554aBv6NM66IFmIBYE
AYR+6jgYgFT2zn/yLVf56q52ysv3NGGYEytgjfcb2xvs/VGiGDFHoyAA2vKWAjeR
PRIGqM4Ym68e+BCFSZskHYx8B/HP69DrdApntbggm9p1
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:05:55 2025 by rpki-client