Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33372e302f32342d3234203d3e2036383439.roa
File: 33372e35322e33372e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: 455LWjVewDJZ7d5GB5ZZ5M99o8RY90229tXdCP7oj0s=
Subject key identifier: 86:56:3A:A4:9E:C5:8C:D6:92:72:A3:A6:18:F6:0D:6A:02:24:5A:5E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4E514B2F2F39E0F496E876111003FD22A72AA200
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33372e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:36:47 +0000
ROA not before: Tue 20 Feb 2024 14:31:47 +0000
ROA not after: Tue 18 Feb 2025 14:36:47 +0000
asID: 6849
IP address blocks: 37.52.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:51:4b:2f:2f:39:e0:f4:96:e8:76:11:10:03:fd:22:a7:2a:a2:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:31:47 2024 GMT
Not After : Feb 18 14:36:47 2025 GMT
Subject: CN=86563AA49EC58CD69272A3A618F60D6A02245A5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:93:d2:25:a8:2d:cb:64:3b:af:21:c0:46:5f:
1d:ea:13:0c:9f:13:5b:62:2d:16:cc:81:71:19:07:
2a:ad:f1:e2:57:66:aa:13:21:6e:88:08:c1:6f:e5:
e9:81:c8:71:16:cd:56:6a:1b:f0:fc:fd:eb:a1:6b:
4b:79:1b:74:64:34:c5:8b:ff:bb:9d:87:f9:ae:1f:
ee:e8:e0:1e:79:84:b0:b7:b5:b8:b3:5e:25:fd:9e:
31:50:78:1d:a2:78:04:14:a8:34:19:b1:a9:04:c6:
14:67:78:94:56:9f:70:02:92:47:71:c6:e9:32:60:
25:53:ec:01:41:ea:e0:b9:e1:c9:35:e3:0b:25:a6:
13:96:c9:f2:5c:e8:fd:a8:d3:41:d6:68:a5:1a:09:
64:5e:20:8e:47:0c:42:f8:5c:24:06:a4:68:ae:87:
01:3d:64:5a:33:56:83:0d:9a:59:37:2e:79:39:12:
be:89:f6:f4:6d:87:bc:8d:75:cf:d1:eb:6f:c1:02:
d9:c0:23:85:e0:2d:3d:75:e8:d8:ef:c4:45:ff:47:
12:ec:fb:99:0f:4a:2d:a0:e5:a5:60:37:32:df:ad:
1a:33:10:d1:ff:2c:e4:22:9c:f7:17:c6:6c:31:36:
2a:7d:b8:10:28:ef:e2:f4:a4:83:f2:e8:1b:a9:5a:
a4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:56:3A:A4:9E:C5:8C:D6:92:72:A3:A6:18:F6:0D:6A:02:24:5A:5E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33372e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.37.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:eb:f0:20:e2:3e:32:ed:f4:72:0a:b6:aa:54:87:4c:2c:10:
14:6c:b7:c9:15:1f:bd:46:53:90:e9:d8:f9:f2:ca:50:8f:3e:
1a:48:5c:25:b5:92:68:57:d8:e3:6a:66:41:0f:85:41:27:44:
73:e7:3f:c5:98:70:26:b9:41:18:a3:ad:42:69:f8:04:68:6b:
68:9f:f0:d4:66:b4:bc:db:14:ae:b3:05:f6:6d:80:d6:25:90:
0b:00:3f:8d:52:78:27:ba:87:b4:09:8b:bb:1f:f9:e9:21:4c:
a8:7d:f4:77:1f:b7:b2:7d:58:2d:5f:20:52:f1:6b:2e:1a:c7:
c1:26:47:88:89:1f:f6:5b:d2:5f:9c:02:87:ba:3e:cc:d3:9f:
54:b8:d8:b9:28:e2:9a:93:30:2d:2f:31:7d:41:f6:87:12:a9:
c0:8c:ef:8e:98:9d:d7:9c:74:27:16:63:7e:cc:8f:64:78:ec:
cc:99:b0:9c:52:5f:ae:a1:ca:7c:ad:f8:11:87:9c:ea:bd:41:
fc:45:a0:e1:3f:61:01:72:bc:0c:4d:ac:38:84:ce:78:da:5c:
25:fe:2e:52:84:7b:7f:f5:60:f8:86:a8:b1:1c:56:0f:a9:fe:
fd:17:9d:56:df:3b:ae:c6:d5:d7:12:32:1b:2c:e3:07:28:9a:
fe:53:08:6d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUTlFLLy854PSW6HYREAP9IqcqogAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMxNDdaFw0yNTAyMTgxNDM2NDdaMDMxMTAvBgNV
BAMTKDg2NTYzQUE0OUVDNThDRDY5MjcyQTNBNjE4RjYwRDZBMDIyNDVBNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbk9IlqC3LZDuvIcBGXx3qEwyf
E1tiLRbMgXEZByqt8eJXZqoTIW6ICMFv5emByHEWzVZqG/D8/euha0t5G3RkNMWL
/7udh/muH+7o4B55hLC3tbizXiX9njFQeB2ieAQUqDQZsakExhRneJRWn3ACkkdx
xukyYCVT7AFB6uC54ck14wslphOWyfJc6P2o00HWaKUaCWReII5HDEL4XCQGpGiu
hwE9ZFozVoMNmlk3Lnk5Er6J9vRth7yNdc/R62/BAtnAI4XgLT116NjvxEX/RxLs
+5kPSi2g5aVgNzLfrRozENH/LOQinPcXxmwxNip9uBAo7+L0pIPy6BupWqSfAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUhlY6pJ7FjNaScqOmGPYNagIkWl4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzMzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTQlMA0G
CSqGSIb3DQEBCwUAA4IBAQBr6/Ag4j4y7fRyCraqVIdMLBAUbLfJFR+9RlOQ6dj5
8spQjz4aSFwltZJoV9jjamZBD4VBJ0Rz5z/FmHAmuUEYo61CafgEaGton/DUZrS8
2xSuswX2bYDWJZALAD+NUngnuoe0CYu7H/npIUyoffR3H7eyfVgtXyBS8WsuGsfB
JkeIiR/2W9JfnAKHuj7M059UuNi5KOKakzAtLzF9QfaHEqnAjO+OmJ3XnHQnFmN+
zI9keOzMmbCcUl+uocp8rfgRh5zqvUH8RaDhP2EBcrwMTaw4hM542lwl/i5ShHt/
9WD4hqixHFYPqf79F51W3zuuxtXXEjIbLOMHKJr+Uwht
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org