Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e35362e302f32312d3231203d3e2036383439.roa
File: 33372e35322e35362e302f32312d3231203d3e2036383439.roa (raw, json)
Hash identifier: dX+f8+rc2udMN0gAwWDRTMQqbeJmS02o9gpvZdnnOQ8=
Subject key identifier: 7E:71:2F:D6:17:CA:11:F9:6B:BC:90:89:15:FB:BC:2D:8E:1F:63:61
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 639F53222819CEFAC7B9C0541A0050707BBDA010
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e35362e302f32312d3231203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:37:24 +0000
ROA not before: Tue 20 Feb 2024 14:32:24 +0000
ROA not after: Tue 18 Feb 2025 14:37:24 +0000
asID: 6849
IP address blocks: 37.52.56.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:9f:53:22:28:19:ce:fa:c7:b9:c0:54:1a:00:50:70:7b:bd:a0:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:32:24 2024 GMT
Not After : Feb 18 14:37:24 2025 GMT
Subject: CN=7E712FD617CA11F96BBC908915FBBC2D8E1F6361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6a:a8:22:6f:78:22:69:89:d8:96:b5:d5:5a:
2e:3c:6c:d6:d8:99:d9:60:a5:84:12:7a:3c:30:68:
26:ff:cb:8b:6f:f5:c8:dc:46:03:9d:e7:a1:a1:a4:
4b:86:f9:1e:03:f0:ab:4b:3b:a7:a1:3b:a8:c4:52:
28:7c:80:ef:ce:41:91:87:82:53:79:87:7c:98:5c:
eb:a9:b7:ec:37:34:0d:f6:ca:29:16:f6:c3:fa:0a:
8e:c5:d2:ec:23:32:56:2c:53:84:52:3a:e3:c1:26:
a4:66:a5:49:a5:70:b8:26:6f:6e:54:0e:1d:c1:11:
67:dc:ce:19:0f:1b:39:54:f0:dd:76:fe:6d:16:76:
42:7b:95:55:01:40:54:5a:4b:ab:f5:2a:6f:39:8e:
09:68:f6:75:d6:a4:b8:d2:e4:fb:91:6f:04:e2:41:
f0:7e:bc:2c:88:f2:88:32:02:8a:4e:6e:fa:5f:3c:
b7:32:45:ee:06:86:fe:40:c1:aa:dd:45:e8:fe:42:
c5:b8:f8:ab:19:4b:cc:c3:ee:35:17:9e:a4:0b:02:
40:f0:02:1b:6c:97:38:25:56:96:40:fc:22:73:9a:
3e:56:87:be:34:8b:ba:bb:fc:46:80:13:a3:b4:b3:
ba:3d:93:7a:d6:0e:bd:29:66:83:dc:74:c0:b3:06:
ef:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:71:2F:D6:17:CA:11:F9:6B:BC:90:89:15:FB:BC:2D:8E:1F:63:61
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e35362e302f32312d3231203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.56.0/21
Signature Algorithm: sha256WithRSAEncryption
45:0e:76:fa:31:1c:70:71:f3:c0:5d:f1:68:72:0d:eb:93:de:
0b:ea:95:cb:45:ee:1f:b7:53:0d:29:78:26:c7:84:5f:29:8e:
ac:a4:0c:02:a9:db:e8:c3:d0:db:db:f3:d8:3a:33:d7:2e:25:
a2:bc:f7:8c:b8:2d:9a:53:2d:54:b9:4e:1d:d6:a1:7e:74:20:
69:de:39:2d:3d:ed:3e:43:14:0c:95:a0:a8:6a:a7:76:5a:49:
5d:bb:ac:f5:92:50:ec:28:78:4e:4a:32:70:8d:ff:86:04:6e:
48:33:f1:9c:92:3e:7f:19:ee:22:4d:50:d0:e9:6d:b6:12:46:
97:fb:14:6e:03:f2:2a:79:0d:ea:d2:ef:49:be:33:81:dd:56:
96:b7:b3:82:9f:a1:e7:a4:73:83:43:10:bd:f2:40:b3:3c:9c:
0d:34:1c:8a:7d:e5:5f:e5:ab:dd:2c:c0:bb:dc:32:00:60:54:
31:42:5f:31:86:76:74:47:11:3f:91:e0:49:7e:33:d0:63:42:
5b:9a:11:bb:39:c9:60:89:25:c3:ee:ba:ac:f8:e8:17:da:1e:
22:f3:23:2e:08:be:13:d8:24:a0:ac:37:af:f0:ef:82:5d:c4:
b2:ac:85:51:9b:4b:98:29:74:46:e2:71:de:e7:48:9d:94:4d:
b2:f4:5f:0a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUY59TIigZzvrHucBUGgBQcHu9oBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMyMjRaFw0yNTAyMTgxNDM3MjRaMDMxMTAvBgNV
BAMTKDdFNzEyRkQ2MTdDQTExRjk2QkJDOTA4OTE1RkJCQzJEOEUxRjYzNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7aqgib3giaYnYlrXVWi48bNbY
mdlgpYQSejwwaCb/y4tv9cjcRgOd56GhpEuG+R4D8KtLO6ehO6jEUih8gO/OQZGH
glN5h3yYXOupt+w3NA32yikW9sP6Co7F0uwjMlYsU4RSOuPBJqRmpUmlcLgmb25U
Dh3BEWfczhkPGzlU8N12/m0WdkJ7lVUBQFRaS6v1Km85jglo9nXWpLjS5PuRbwTi
QfB+vCyI8ogyAopObvpfPLcyRe4Ghv5AwardRej+QsW4+KsZS8zD7jUXnqQLAkDw
AhtslzglVpZA/CJzmj5Wh740i7q7/EaAE6O0s7o9k3rWDr0pZoPcdMCzBu8jAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUfnEv1hfKEflrvJCJFfu8LY4fY2EwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzUzNjJl
MzAyZjMyMzEyZDMyMzEyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJTQ4MA0G
CSqGSIb3DQEBCwUAA4IBAQBFDnb6MRxwcfPAXfFocg3rk94L6pXLRe4ft1MNKXgm
x4RfKY6spAwCqdvow9Db2/PYOjPXLiWivPeMuC2aUy1UuU4d1qF+dCBp3jktPe0+
QxQMlaCoaqd2Wkldu6z1klDsKHhOSjJwjf+GBG5IM/Gckj5/Ge4iTVDQ6W22EkaX
+xRuA/IqeQ3q0u9JvjOB3VaWt7OCn6HnpHODQxC98kCzPJwNNByKfeVf5avdLMC7
3DIAYFQxQl8xhnZ0RxE/keBJfjPQY0JbmhG7OclgiSXD7rqs+OgX2h4i8yMuCL4T
2CSgrDev8O+CXcSyrIVRm0uYKXRG4nHe50idlE2y9F8K
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org