Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e37322e302f32342d3234203d3e2036383439.roa
File: 33372e35322e37322e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: rP9RbkX3xRQxR7Yk8ulMPKV0yngSye+cNBQNCGblzf8=
Subject key identifier: 3E:EF:C5:1A:30:5A:F8:42:28:23:5A:CA:BC:35:F9:83:AB:2B:62:A3
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 35431F40269416700A6B124E89CC142C15F6B056
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e37322e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:37:30 +0000
ROA not before: Tue 20 Feb 2024 14:32:30 +0000
ROA not after: Tue 18 Feb 2025 14:37:30 +0000
asID: 6849
IP address blocks: 37.52.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:43:1f:40:26:94:16:70:0a:6b:12:4e:89:cc:14:2c:15:f6:b0:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:32:30 2024 GMT
Not After : Feb 18 14:37:30 2025 GMT
Subject: CN=3EEFC51A305AF84228235ACABC35F983AB2B62A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:98:aa:a5:5f:6a:33:2f:49:dd:a1:ad:88:af:
f0:14:4c:66:cd:c8:e4:07:85:91:01:62:28:bc:8d:
20:cd:6d:66:f5:1d:79:30:7b:eb:50:78:a0:a7:86:
62:3f:68:e8:9a:8d:5d:a8:38:da:e8:73:7c:c5:25:
35:f4:d6:cc:17:17:18:40:23:db:29:15:0e:79:81:
c7:ef:f2:af:02:97:58:e3:35:55:ee:37:bb:3f:55:
33:d3:0f:8c:40:d7:42:de:c7:60:39:01:e6:d2:9b:
8d:26:48:e0:78:1a:78:30:cf:e1:5c:fc:43:0d:fb:
9e:c2:d5:85:24:3d:2b:87:71:10:45:24:2f:e2:d9:
fd:38:54:bc:ce:87:3b:65:cb:3b:56:f3:a2:60:b1:
61:82:5b:46:00:79:48:ee:b7:ca:29:3d:59:2e:3f:
74:fc:e5:f1:cf:2e:2e:a9:59:6f:60:18:47:82:48:
08:0f:0d:21:ad:13:c4:c2:df:bf:50:cf:3b:dd:76:
63:99:d7:9d:79:b3:02:6d:30:71:4c:87:55:f5:2d:
8d:82:f2:5f:f3:63:2f:d6:06:2e:66:cf:5c:83:32:
62:aa:de:8d:a2:23:ec:07:27:d9:ca:bb:ee:86:a7:
a7:6c:27:f5:a2:bb:bb:35:2a:e1:62:7d:d2:ce:ff:
f2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:EF:C5:1A:30:5A:F8:42:28:23:5A:CA:BC:35:F9:83:AB:2B:62:A3
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e37322e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.72.0/24
Signature Algorithm: sha256WithRSAEncryption
07:a2:76:67:a8:72:4b:63:38:18:0b:d3:52:16:df:c6:ee:fb:
9d:c2:91:d1:93:77:fe:13:82:de:5b:2e:93:37:7c:f9:d4:5f:
a3:d8:26:b3:69:da:0d:c8:91:a7:4f:2d:ce:ff:cb:54:ab:dc:
e9:64:2b:6e:24:51:0b:77:49:85:34:3a:af:ef:32:54:a6:15:
c6:48:9d:83:56:b5:54:88:a2:fe:8d:1d:a0:ea:75:7a:59:ac:
16:29:73:39:59:bf:4e:db:b9:c2:2e:c5:02:d3:90:d3:ac:24:
f0:04:6e:b0:0c:19:cd:3e:62:7a:13:55:68:64:f7:72:55:48:
2e:b0:81:6a:1a:26:52:8c:bf:2e:87:a9:06:39:15:c6:e6:85:
d0:c1:74:5d:b6:29:cf:8b:36:1f:41:f5:a4:14:0e:55:88:79:
21:79:2d:cc:6e:08:0b:52:9d:70:a6:5f:e9:8c:d4:a7:96:9c:
bb:8c:2e:63:d8:ca:01:bb:45:2a:5b:82:61:72:79:3a:92:f8:
46:8e:48:7c:b6:c1:02:7c:57:9a:70:9b:97:6e:12:59:82:4e:
e3:ff:ca:b0:e4:fa:7b:2e:1c:c5:fa:d0:26:14:ee:4b:71:a6:
25:b4:28:62:74:f6:47:94:94:0c:52:f1:89:76:e7:40:53:e5:
1b:69:5e:83
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUNUMfQCaUFnAKaxJOicwULBX2sFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMyMzBaFw0yNTAyMTgxNDM3MzBaMDMxMTAvBgNV
BAMTKDNFRUZDNTFBMzA1QUY4NDIyODIzNUFDQUJDMzVGOTgzQUIyQjYyQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8mKqlX2ozL0ndoa2Ir/AUTGbN
yOQHhZEBYii8jSDNbWb1HXkwe+tQeKCnhmI/aOiajV2oONroc3zFJTX01swXFxhA
I9spFQ55gcfv8q8Cl1jjNVXuN7s/VTPTD4xA10Lex2A5AebSm40mSOB4Gngwz+Fc
/EMN+57C1YUkPSuHcRBFJC/i2f04VLzOhztlyztW86JgsWGCW0YAeUjut8opPVku
P3T85fHPLi6pWW9gGEeCSAgPDSGtE8TC379QzzvddmOZ1515swJtMHFMh1X1LY2C
8l/zYy/WBi5mz1yDMmKq3o2iI+wHJ9nKu+6Gp6dsJ/Wiu7s1KuFifdLO//JzAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUPu/FGjBa+EIoI1rKvDX5g6srYqMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzczMjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTRIMA0G
CSqGSIb3DQEBCwUAA4IBAQAHonZnqHJLYzgYC9NSFt/G7vudwpHRk3f+E4LeWy6T
N3z51F+j2CazadoNyJGnTy3O/8tUq9zpZCtuJFELd0mFNDqv7zJUphXGSJ2DVrVU
iKL+jR2g6nV6WawWKXM5Wb9O27nCLsUC05DTrCTwBG6wDBnNPmJ6E1VoZPdyVUgu
sIFqGiZSjL8uh6kGORXG5oXQwXRdtinPizYfQfWkFA5ViHkheS3MbggLUp1wpl/p
jNSnlpy7jC5j2MoBu0UqW4Jhcnk6kvhGjkh8tsECfFeacJuXbhJZgk7j/8qw5Pp7
LhzF+tAmFO5LcaYltChidPZHlJQMUvGJdudAU+UbaV6D
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:14:23 2025 by rpki-client