Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38302e302f32342d3234203d3e2036383439.roa
File: 33372e35322e38302e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: MlJeqmQcPyw7S2OHaIDnHw1MzrHr85q/+NjKqcU0VF8=
Subject key identifier: A2:32:12:1F:B7:55:17:6F:37:AB:68:00:5E:D0:37:71:47:A9:B0:D5
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 21D727B6DB83237978CA232D7913D43911CFF23C
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38302e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:37:31 +0000
ROA not before: Tue 20 Feb 2024 14:32:31 +0000
ROA not after: Tue 18 Feb 2025 14:37:31 +0000
asID: 6849
IP address blocks: 37.52.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:d7:27:b6:db:83:23:79:78:ca:23:2d:79:13:d4:39:11:cf:f2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:32:31 2024 GMT
Not After : Feb 18 14:37:31 2025 GMT
Subject: CN=A232121FB755176F37AB68005ED0377147A9B0D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:50:5e:ff:38:a5:6f:4f:5a:e0:44:53:2d:22:
3e:d0:96:0d:e1:4d:2f:4d:70:3d:ec:f8:65:0d:1c:
e7:c8:04:72:ea:fb:91:b8:93:2e:c9:38:96:54:30:
bc:22:98:28:5b:1f:6f:6f:32:d6:1e:36:9e:7a:a4:
10:7e:d3:fe:ef:dd:01:f3:59:b2:89:ec:dc:91:dd:
18:58:1a:28:da:21:bb:a7:90:a4:5b:6c:b7:c1:81:
e0:c9:ac:ce:5f:56:66:3e:35:d5:fa:bf:56:22:1f:
01:a9:6f:d5:66:b4:56:ef:11:30:b2:b2:9a:ed:e1:
d5:df:18:75:9d:4a:02:a7:97:30:f5:42:75:e0:05:
a6:23:b0:91:1d:9e:a4:5c:a6:b9:ac:7b:b9:75:21:
b4:fa:13:60:6a:b5:6f:53:52:bf:2d:ac:d2:9f:42:
06:18:36:93:54:2d:ad:b8:a4:c1:5b:76:68:b2:ff:
54:bd:99:b2:a1:f8:e1:d8:9c:60:82:aa:65:7d:3c:
e6:5f:f4:27:14:84:15:b9:a0:fc:7a:12:f9:83:e5:
69:f5:b0:02:07:91:2d:50:b5:e2:ce:bf:a1:72:9d:
66:73:af:6a:04:77:aa:dc:4e:86:7c:8b:97:8f:84:
31:50:4e:11:5f:6e:db:fe:b8:b7:1e:9d:2d:42:58:
3b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:32:12:1F:B7:55:17:6F:37:AB:68:00:5E:D0:37:71:47:A9:B0:D5
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38302e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.80.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:6a:3a:d5:b3:da:16:a5:35:4e:42:df:a0:a8:fe:28:19:37:
2e:6e:a4:32:74:3c:df:8d:5b:94:24:ff:a0:84:64:97:0d:13:
98:4a:f7:81:ab:11:b2:b0:6d:36:25:b9:5c:d0:bf:5b:07:d1:
da:3d:55:bf:96:6b:f6:94:40:78:a6:b7:d9:f5:50:5b:19:88:
4e:8c:4c:06:70:ed:37:64:ba:a1:f7:66:55:ec:f8:0e:a8:bb:
4e:4e:75:c7:ed:e1:2c:2c:e8:28:15:4e:72:bd:60:3a:a6:d8:
ef:1e:f7:41:60:26:f0:26:a1:19:85:4f:0d:6f:56:c0:80:fe:
8b:08:ce:80:b1:97:4c:ce:2d:69:42:fa:7d:45:38:7a:99:38:
e2:69:b9:70:b3:47:c6:10:fd:f7:42:2e:d0:f9:26:ab:60:4f:
2e:50:d5:dd:59:1e:80:68:56:18:69:a0:5d:5c:e8:a9:ba:5c:
c8:96:5f:13:dc:ae:d9:9c:ca:1e:47:85:20:5d:b2:51:c7:c8:
2c:61:cf:07:8e:b2:87:95:73:c1:33:fb:1e:93:69:e1:38:0b:
cd:16:aa:e3:5a:0b:c8:38:05:16:7f:62:41:32:43:2a:96:c5:
77:c6:21:6a:cf:5d:fc:7c:0c:88:d0:b3:b9:58:74:47:bc:ec:
00:c1:57:ae
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUIdcnttuDI3l4yiMteRPUORHP8jwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMyMzFaFw0yNTAyMTgxNDM3MzFaMDMxMTAvBgNV
BAMTKEEyMzIxMjFGQjc1NTE3NkYzN0FCNjgwMDVFRDAzNzcxNDdBOUIwRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7UF7/OKVvT1rgRFMtIj7Qlg3h
TS9NcD3s+GUNHOfIBHLq+5G4ky7JOJZUMLwimChbH29vMtYeNp56pBB+0/7v3QHz
WbKJ7NyR3RhYGijaIbunkKRbbLfBgeDJrM5fVmY+NdX6v1YiHwGpb9VmtFbvETCy
sprt4dXfGHWdSgKnlzD1QnXgBaYjsJEdnqRcprmse7l1IbT6E2BqtW9TUr8trNKf
QgYYNpNULa24pMFbdmiy/1S9mbKh+OHYnGCCqmV9POZf9CcUhBW5oPx6EvmD5Wn1
sAIHkS1QteLOv6FynWZzr2oEd6rcToZ8i5ePhDFQThFfbtv+uLcenS1CWDtXAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUojISH7dVF283q2gAXtA3cUepsNUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzgzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTRQMA0G
CSqGSIb3DQEBCwUAA4IBAQB+ajrVs9oWpTVOQt+gqP4oGTcubqQydDzfjVuUJP+g
hGSXDROYSveBqxGysG02Jblc0L9bB9HaPVW/lmv2lEB4prfZ9VBbGYhOjEwGcO03
ZLqh92ZV7PgOqLtOTnXH7eEsLOgoFU5yvWA6ptjvHvdBYCbwJqEZhU8Nb1bAgP6L
CM6AsZdMzi1pQvp9RTh6mTjiablws0fGEP33Qi7Q+SarYE8uUNXdWR6AaFYYaaBd
XOipulzIll8T3K7ZnMoeR4UgXbJRx8gsYc8HjrKHlXPBM/sek2nhOAvNFqrjWgvI
OAUWf2JBMkMqlsV3xiFqz138fAyI0LO5WHRHvOwAwVeu
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:25:18 2025 by rpki-client