Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e37322e302f32312d3231203d3e2036383439.roa
File: 33372e35322e37322e302f32312d3231203d3e2036383439.roa (raw, json)
Hash identifier: EXEiWwVk4OeysqvPkWl+nxyVL5N1Q+JHr74fmDYKyWc=
Subject key identifier: 0A:83:62:61:80:48:AE:75:0E:17:97:DF:6A:42:C4:08:29:73:DE:4E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4632A2E7A881E0FF2CED285A77CF50DBF7742439
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e37322e302f32312d3231203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:37:27 +0000
ROA not before: Tue 20 Feb 2024 14:32:27 +0000
ROA not after: Tue 18 Feb 2025 14:37:27 +0000
asID: 6849
IP address blocks: 37.52.72.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:32:a2:e7:a8:81:e0:ff:2c:ed:28:5a:77:cf:50:db:f7:74:24:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:32:27 2024 GMT
Not After : Feb 18 14:37:27 2025 GMT
Subject: CN=0A8362618048AE750E1797DF6A42C4082973DE4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b4:19:cc:05:b4:e5:a1:dc:b1:16:b4:66:4f:
c7:95:6e:fe:83:aa:f7:cc:0b:80:dc:c3:58:ed:e1:
80:b3:99:59:c7:26:c0:69:4e:2f:12:88:57:62:9c:
c0:b6:ec:40:49:42:f0:6f:7f:9e:1d:03:57:90:ef:
d3:c5:be:d2:4c:59:32:d4:cb:3e:b7:3e:15:20:0c:
57:e2:db:b8:b1:c0:26:5b:6e:1e:16:5c:4d:75:cd:
7a:26:39:b1:f0:fd:03:64:ad:c8:d8:38:84:30:0d:
e7:69:ec:24:4a:56:8d:ad:a1:6f:10:ee:fe:57:c3:
2a:12:68:b2:8f:79:4a:5e:63:bf:77:88:67:c6:22:
82:0e:7f:be:a5:ba:23:be:18:47:26:8e:ae:42:f7:
7b:2d:9f:81:25:f0:a4:25:be:11:22:58:b4:0a:ec:
2a:3a:47:07:8b:db:01:86:bb:d1:ae:7f:12:d4:82:
58:ff:ee:1d:9c:13:9a:9a:56:5b:53:b9:93:4a:2b:
f5:b5:88:10:64:f6:82:33:8e:c8:dc:0a:a6:a1:fa:
b4:60:b8:6f:84:1e:0e:ea:ed:43:2a:dd:34:47:bf:
b5:d7:0d:f2:1f:34:da:73:64:ee:c6:93:39:bb:0c:
c1:15:6f:e2:0c:20:76:f7:3f:d3:07:81:f0:8b:fb:
c4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:83:62:61:80:48:AE:75:0E:17:97:DF:6A:42:C4:08:29:73:DE:4E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e37322e302f32312d3231203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.72.0/21
Signature Algorithm: sha256WithRSAEncryption
51:54:ee:88:18:92:2b:a7:c8:b6:11:3c:bc:23:19:aa:ed:8f:
64:b7:ba:f1:66:d4:a5:70:52:ed:32:bf:39:fd:bb:eb:ea:3b:
3b:f2:94:2c:54:bf:84:18:5f:36:cc:f3:f4:83:03:34:7a:82:
dd:78:97:b3:20:25:b0:5c:48:ce:d1:00:16:5b:04:e1:bd:32:
c6:98:d8:a3:d8:36:d6:b6:ec:fb:29:38:a4:60:73:aa:d7:84:
90:09:3e:82:9d:bd:f5:01:04:47:35:90:a1:13:62:1b:25:39:
1c:98:bb:e0:2d:6b:d4:b0:b2:8f:ef:ff:18:09:18:76:bb:93:
93:b8:95:3d:1e:5c:58:fd:44:7e:83:fc:9a:a6:d0:d2:ed:41:
b0:95:bb:42:7c:18:10:68:e3:8a:0f:0f:df:37:3d:7a:c2:62:
56:77:8d:1f:c0:9f:43:17:48:31:2d:b9:c9:b7:e7:cf:ea:9a:
fb:f2:49:8c:98:a7:2f:84:f7:25:7f:6e:d3:ec:f1:e6:79:34:
5f:9a:6d:58:8d:0b:2a:b8:27:37:fe:bf:13:21:1e:cd:01:bf:
51:de:a8:33:76:0c:d6:2c:53:28:3e:86:79:99:0f:fe:ab:c2:
8a:64:8a:c9:ea:a3:69:22:4b:87:1f:3d:04:7e:35:9a:d4:53:
b7:69:98:eb
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIURjKi56iB4P8s7Shad89Q2/d0JDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMyMjdaFw0yNTAyMTgxNDM3MjdaMDMxMTAvBgNV
BAMTKDBBODM2MjYxODA0OEFFNzUwRTE3OTdERjZBNDJDNDA4Mjk3M0RFNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDStBnMBbTlodyxFrRmT8eVbv6D
qvfMC4Dcw1jt4YCzmVnHJsBpTi8SiFdinMC27EBJQvBvf54dA1eQ79PFvtJMWTLU
yz63PhUgDFfi27ixwCZbbh4WXE11zXomObHw/QNkrcjYOIQwDedp7CRKVo2toW8Q
7v5XwyoSaLKPeUpeY793iGfGIoIOf76luiO+GEcmjq5C93stn4El8KQlvhEiWLQK
7Co6RweL2wGGu9GufxLUglj/7h2cE5qaVltTuZNKK/W1iBBk9oIzjsjcCqah+rRg
uG+EHg7q7UMq3TRHv7XXDfIfNNpzZO7Gkzm7DMEVb+IMIHb3P9MHgfCL+8RTAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUCoNiYYBIrnUOF5ffakLECClz3k4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzczMjJl
MzAyZjMyMzEyZDMyMzEyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJTRIMA0G
CSqGSIb3DQEBCwUAA4IBAQBRVO6IGJIrp8i2ETy8Ixmq7Y9kt7rxZtSlcFLtMr85
/bvr6js78pQsVL+EGF82zPP0gwM0eoLdeJezICWwXEjO0QAWWwThvTLGmNij2DbW
tuz7KTikYHOq14SQCT6Cnb31AQRHNZChE2IbJTkcmLvgLWvUsLKP7/8YCRh2u5OT
uJU9HlxY/UR+g/yaptDS7UGwlbtCfBgQaOOKDw/fNz16wmJWd40fwJ9DF0gxLbnJ
t+fP6pr78kmMmKcvhPclf27T7PHmeTRfmm1YjQsquCc3/r8TIR7NAb9R3qgzdgzW
LFMoPoZ5mQ/+q8KKZIrJ6qNpIkuHHz0EfjWa1FO3aZjr
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:12:33 2025 by rpki-client