Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e36342e302f32312d3231203d3e2036383439.roa
File: 33372e35322e36342e302f32312d3231203d3e2036383439.roa (raw, json)
Hash identifier: GY+2dJPhBBn7VHhnKRTniNil16kF5lg8oTy+y20+dkI=
Subject key identifier: 4F:46:CD:07:C3:9E:DD:7C:7F:25:C1:2E:31:BF:56:60:52:7D:D4:EB
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 05DA8D21D21E99DDE2E5D4B41EAE7503EDA40A65
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e36342e302f32312d3231203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:37:26 +0000
ROA not before: Tue 20 Feb 2024 14:32:26 +0000
ROA not after: Tue 18 Feb 2025 14:37:26 +0000
asID: 6849
IP address blocks: 37.52.64.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:da:8d:21:d2:1e:99:dd:e2:e5:d4:b4:1e:ae:75:03:ed:a4:0a:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:32:26 2024 GMT
Not After : Feb 18 14:37:26 2025 GMT
Subject: CN=4F46CD07C39EDD7C7F25C12E31BF5660527DD4EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7a:62:a4:67:dd:46:6d:02:2c:52:ef:12:45:
73:55:27:7c:7a:19:d7:f0:fb:19:bc:cb:f1:25:9d:
c6:af:97:5e:2d:80:bc:c2:10:90:25:9c:64:aa:ff:
05:37:04:91:78:f8:2d:d1:c4:e6:8d:21:9e:eb:a6:
ba:10:ef:69:6b:52:0e:a6:34:62:6e:cf:f9:50:8b:
10:b4:82:17:c5:2e:9f:19:b9:2e:0f:50:62:70:4b:
a9:3e:09:c3:2e:9b:1c:df:8e:1c:9e:0a:40:ac:44:
c1:cb:3c:e0:18:51:6f:bb:9a:98:55:18:32:03:af:
73:14:61:4d:4a:76:00:83:1c:86:65:45:62:a8:7c:
31:6a:ed:00:6c:56:ef:55:52:28:f4:64:ff:da:58:
df:f1:eb:62:0b:86:df:61:ea:b1:28:e1:74:22:c4:
da:a6:81:a4:1e:1d:69:fe:33:53:6a:ea:c3:dd:ee:
e8:2b:68:09:90:14:ad:c9:19:8b:6a:02:05:f2:2a:
67:c9:1b:43:e7:3f:29:38:f6:a7:56:96:97:83:c7:
f7:d9:a0:99:0e:74:a8:0e:06:ad:a6:b5:bf:65:6a:
6e:48:fe:c8:82:c0:24:87:d2:00:91:1e:39:71:9a:
a6:b5:aa:b7:93:1e:41:e0:d1:bf:66:2e:51:c8:ce:
8a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:46:CD:07:C3:9E:DD:7C:7F:25:C1:2E:31:BF:56:60:52:7D:D4:EB
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e36342e302f32312d3231203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.64.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:24:f8:22:c8:70:06:68:6d:a2:38:49:98:6e:44:9e:db:c9:
1f:81:9f:13:85:e6:ca:39:cf:a8:7c:9d:6d:7b:d4:d9:74:87:
fa:ba:d0:07:cf:02:65:8d:af:70:31:15:5c:3a:a7:5d:8b:b4:
a7:7d:92:11:94:95:fe:b5:ff:cd:4f:e4:f1:ab:e8:eb:dd:2f:
4f:2f:38:a9:40:3a:a8:4a:aa:7a:31:dd:91:ba:b9:15:3f:d2:
e1:d8:5c:a5:98:6a:29:91:86:23:90:be:3b:c1:75:e3:a1:59:
a4:7b:be:42:de:55:f7:d5:05:7d:21:b9:22:b6:ae:1b:c3:d7:
48:c3:7e:e0:ed:ff:39:06:d8:a1:a8:3e:95:db:6d:95:52:34:
87:e9:65:e8:d3:7b:6b:77:85:51:90:7d:51:45:5b:58:39:42:
f0:44:2f:82:25:13:47:0c:d8:bf:5a:7e:fc:f3:9c:a6:7e:d1:
05:15:28:4f:03:0c:46:6e:73:ac:71:d0:71:35:f0:bb:10:38:
a6:f3:4f:94:44:8e:de:2a:55:4a:15:06:ed:01:a6:64:6e:65:
e3:b7:85:17:2b:26:ad:cc:ec:a3:62:f8:b4:67:25:dc:e1:60:
64:ea:f4:3a:07:8f:23:a7:c9:fc:0c:97:c7:a2:14:7f:59:35:
d0:51:f2:9e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUBdqNIdIemd3i5dS0Hq51A+2kCmUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMyMjZaFw0yNTAyMTgxNDM3MjZaMDMxMTAvBgNV
BAMTKDRGNDZDRDA3QzM5RUREN0M3RjI1QzEyRTMxQkY1NjYwNTI3REQ0RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEemKkZ91GbQIsUu8SRXNVJ3x6
Gdfw+xm8y/Elncavl14tgLzCEJAlnGSq/wU3BJF4+C3RxOaNIZ7rproQ72lrUg6m
NGJuz/lQixC0ghfFLp8ZuS4PUGJwS6k+CcMumxzfjhyeCkCsRMHLPOAYUW+7mphV
GDIDr3MUYU1KdgCDHIZlRWKofDFq7QBsVu9VUij0ZP/aWN/x62ILht9h6rEo4XQi
xNqmgaQeHWn+M1Nq6sPd7ugraAmQFK3JGYtqAgXyKmfJG0PnPyk49qdWlpeDx/fZ
oJkOdKgOBq2mtb9lam5I/siCwCSH0gCRHjlxmqa1qreTHkHg0b9mLlHIzooHAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUT0bNB8Oe3Xx/JcEuMb9WYFJ91OswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzYzNDJl
MzAyZjMyMzEyZDMyMzEyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJTRAMA0G
CSqGSIb3DQEBCwUAA4IBAQBvJPgiyHAGaG2iOEmYbkSe28kfgZ8ThebKOc+ofJ1t
e9TZdIf6utAHzwJlja9wMRVcOqddi7SnfZIRlJX+tf/NT+Txq+jr3S9PLzipQDqo
Sqp6Md2RurkVP9Lh2FylmGopkYYjkL47wXXjoVmke75C3lX31QV9Ibkitq4bw9dI
w37g7f85BtihqD6V222VUjSH6WXo03trd4VRkH1RRVtYOULwRC+CJRNHDNi/Wn78
85ymftEFFShPAwxGbnOscdBxNfC7EDim80+URI7eKlVKFQbtAaZkbmXjt4UXKyat
zOyjYvi0ZyXc4WBk6vQ6B48jp8n8DJfHohR/WTXQUfKe
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org