Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e342e302f32342d3234203d3e2036383439.roa
File: 33372e35322e342e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: j27366bsAmWC3k10fRDEOnFpo2FD9nwjJSQHbVRs35Y=
Subject key identifier: A1:26:FF:01:63:C1:61:19:C9:44:BA:53:8C:2E:04:6B:40:19:BE:7E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1CC3BECF7251A66FC6A4020726EB354CB8858B0A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e342e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:36:19 +0000
ROA not before: Tue 20 Feb 2024 14:31:19 +0000
ROA not after: Tue 18 Feb 2025 14:36:19 +0000
asID: 6849
IP address blocks: 37.52.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:c3:be:cf:72:51:a6:6f:c6:a4:02:07:26:eb:35:4c:b8:85:8b:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:31:19 2024 GMT
Not After : Feb 18 14:36:19 2025 GMT
Subject: CN=A126FF0163C16119C944BA538C2E046B4019BE7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c2:9d:e5:3a:57:43:8f:a1:f4:a7:27:ca:c0:
f1:f7:b4:e9:3b:ee:ea:a8:17:44:6d:f7:b6:40:3d:
fc:a0:48:f0:0d:ff:4e:de:9a:6f:eb:85:79:d8:a4:
41:16:4c:c8:a4:4e:53:96:c1:75:2b:b7:fb:36:15:
cf:32:40:ac:e4:81:c1:2b:e6:f1:9c:c6:07:fc:d5:
f4:10:f5:1f:d6:33:d8:c1:bb:f5:3a:76:80:c6:52:
3b:88:46:cb:34:51:83:59:8a:aa:c6:84:d6:a1:3a:
b0:17:05:a5:db:b3:5e:75:03:c8:ef:76:82:54:17:
c8:ce:18:9e:b5:1b:ef:b0:84:ba:11:e1:af:c1:fa:
6a:31:9d:6b:cf:37:10:f8:39:9d:f2:e3:0e:50:74:
51:e1:cd:3f:73:7e:9a:7c:ef:ec:73:5b:c1:ad:0b:
e0:d2:a0:71:d4:4d:c8:cb:5d:d3:f5:17:0a:1d:5e:
23:ed:26:e1:72:40:e9:af:f5:b9:88:f9:48:55:41:
36:c9:97:1c:dd:e3:cf:94:06:84:ef:d6:f1:5d:f6:
a9:ac:ae:15:86:a8:49:00:c8:fb:cf:73:1b:b9:55:
6f:df:df:32:32:fb:93:8f:be:1b:ab:bf:66:1c:93:
72:b6:a2:f3:fc:c3:33:ec:8f:a9:31:0c:11:cc:f3:
88:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:26:FF:01:63:C1:61:19:C9:44:BA:53:8C:2E:04:6B:40:19:BE:7E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e342e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.4.0/24
Signature Algorithm: sha256WithRSAEncryption
77:07:e4:1a:88:5f:7c:4c:2c:f6:7a:85:7f:e8:b3:96:30:06:
cc:b8:63:45:2e:39:5b:3e:0b:77:3f:1d:c7:6e:44:89:f9:5a:
cd:9d:d9:76:55:c5:32:1b:cf:02:fb:e6:1c:f8:0a:3a:4d:1b:
1c:3f:ec:be:20:49:81:1d:af:b2:25:9b:82:a4:36:ec:ba:74:
b0:2a:5d:41:bd:12:47:07:f6:a6:fc:00:e7:ee:ac:6d:1f:bc:
b6:41:59:b1:bc:ef:91:3b:d6:64:ad:bb:a2:53:ee:6b:0d:4b:
e3:83:40:25:c2:99:c3:6c:05:bb:3e:b5:af:f4:17:d4:fc:95:
6e:b2:21:c2:d2:a0:82:66:b8:ef:2e:5e:b0:87:c5:2d:50:a4:
db:ca:7a:12:78:85:4d:0e:61:eb:fe:d8:41:3c:f0:6a:f0:be:
d2:1b:77:77:95:2e:53:2a:b1:82:01:17:13:fd:d0:c2:91:39:
ca:71:dd:43:d0:41:7a:cc:02:82:37:8f:4e:18:70:e3:66:af:
58:ba:8a:7e:65:d9:4c:04:e0:57:e3:dd:5b:65:38:3c:2d:1e:
27:e4:21:68:69:aa:f4:b0:41:c0:48:a5:91:80:4d:64:38:7b:
60:ea:54:af:a0:20:36:4e:65:de:14:32:98:07:60:91:fd:45:
7d:42:1f:52
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUHMO+z3JRpm/GpAIHJus1TLiFiwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMxMTlaFw0yNTAyMTgxNDM2MTlaMDMxMTAvBgNV
BAMTKEExMjZGRjAxNjNDMTYxMTlDOTQ0QkE1MzhDMkUwNDZCNDAxOUJFN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAwp3lOldDj6H0pyfKwPH3tOk7
7uqoF0Rt97ZAPfygSPAN/07emm/rhXnYpEEWTMikTlOWwXUrt/s2Fc8yQKzkgcEr
5vGcxgf81fQQ9R/WM9jBu/U6doDGUjuIRss0UYNZiqrGhNahOrAXBaXbs151A8jv
doJUF8jOGJ61G++whLoR4a/B+moxnWvPNxD4OZ3y4w5QdFHhzT9zfpp87+xzW8Gt
C+DSoHHUTcjLXdP1FwodXiPtJuFyQOmv9bmI+UhVQTbJlxzd48+UBoTv1vFd9qms
rhWGqEkAyPvPcxu5VW/f3zIy+5OPvhurv2Yck3K2ovP8wzPsj6kxDBHM84idAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUoSb/AWPBYRnJRLpTjC4Ea0AZvn4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzQyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNjM4MzQzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACU0BDANBgkq
hkiG9w0BAQsFAAOCAQEAdwfkGohffEws9nqFf+izljAGzLhjRS45Wz4Ldz8dx25E
iflazZ3ZdlXFMhvPAvvmHPgKOk0bHD/sviBJgR2vsiWbgqQ27Lp0sCpdQb0SRwf2
pvwA5+6sbR+8tkFZsbzvkTvWZK27olPuaw1L44NAJcKZw2wFuz61r/QX1PyVbrIh
wtKggma47y5esIfFLVCk28p6EniFTQ5h6/7YQTzwavC+0ht3d5UuUyqxggEXE/3Q
wpE5ynHdQ9BBeswCgjePThhw42avWLqKfmXZTATgV+PdW2U4PC0eJ+QhaGmq9LBB
wEilkYBNZDh7YOpUr6AgNk5l3hQymAdgkf1FfUIfUg==
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org