Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38322e302f32342d3234203d3e2036383439.roa
File: 33372e35322e38322e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: j9mnK1au+yFl5oPwNL5vbPQzAwISRfTjUKZDbWY62Js=
Subject key identifier: 33:59:FC:9E:29:F2:3A:E2:42:0C:B6:2E:78:8C:1C:ED:0A:61:CE:86
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0F3FDF04B1E7C398B6B51059109AB77DEF26A43F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38322e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:37:38 +0000
ROA not before: Tue 20 Feb 2024 14:32:38 +0000
ROA not after: Tue 18 Feb 2025 14:37:38 +0000
asID: 6849
IP address blocks: 37.52.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:3f:df:04:b1:e7:c3:98:b6:b5:10:59:10:9a:b7:7d:ef:26:a4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:32:38 2024 GMT
Not After : Feb 18 14:37:38 2025 GMT
Subject: CN=3359FC9E29F23AE2420CB62E788C1CED0A61CE86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5a:c8:9a:2a:4a:04:fe:14:6a:da:e1:a0:bf:
71:9c:eb:06:04:a4:62:a4:6e:67:d4:4c:d0:13:58:
a4:80:e1:05:22:5c:08:2d:e7:03:1a:b6:42:0a:71:
69:ba:0e:2a:e6:7c:eb:03:f1:a8:3c:3f:6d:2c:bd:
16:65:48:c3:ba:a7:2e:32:f0:a3:8e:21:7a:f8:88:
a6:03:aa:2c:8c:b5:8d:62:24:39:bc:e6:a3:f1:bc:
31:8e:b7:90:97:bc:63:2c:23:55:15:b1:45:1b:35:
0f:ab:ad:0a:7b:22:46:fd:4f:13:35:ad:ac:0c:dc:
35:9b:05:dc:5e:05:0c:26:03:e3:ad:90:fc:1e:53:
61:67:97:bc:f2:c1:bf:48:69:24:c0:ce:a7:b3:ce:
5a:94:e4:87:e0:58:80:7d:a6:b9:7c:e9:30:e9:b0:
b5:d9:67:9e:36:bd:b1:e9:0b:31:2e:b2:8e:01:f6:
99:2c:64:6e:01:47:4f:ef:bc:e1:7e:0a:0f:6a:ff:
93:8d:cb:a5:bf:52:fb:9f:1d:32:3a:a9:31:ec:1c:
89:63:cb:08:52:e2:44:c9:dd:aa:1a:76:0c:c5:16:
82:15:9e:9c:b9:d7:65:18:18:ff:2b:ff:ef:cf:fd:
de:d5:12:32:14:e6:65:d7:78:c5:36:43:a8:65:61:
c5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:59:FC:9E:29:F2:3A:E2:42:0C:B6:2E:78:8C:1C:ED:0A:61:CE:86
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38322e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.82.0/24
Signature Algorithm: sha256WithRSAEncryption
41:81:7c:ec:28:fb:f8:9b:19:f9:d4:7d:e7:ca:e5:28:2d:a7:
ce:10:6b:b7:7e:15:3b:0a:b1:e3:0d:88:f1:cb:12:1d:4c:59:
82:19:19:df:a4:dc:ac:6a:41:00:b8:1b:92:c9:27:eb:99:37:
a5:2b:78:c0:c8:4d:0f:4d:3a:30:7c:39:07:46:04:cd:a8:45:
4b:86:15:38:87:d4:a2:08:e9:1f:80:05:c0:34:48:b8:10:82:
4a:d2:86:50:b0:b0:a3:0a:a7:66:c7:1f:36:a5:46:4e:e9:8f:
a7:9d:04:fe:68:d0:bc:80:b4:54:23:1b:82:43:77:6c:04:27:
26:00:6e:7b:42:d4:2d:e3:eb:5e:34:a2:34:65:01:d8:b7:1d:
8c:57:7e:5b:4f:61:dd:b9:2f:a2:be:22:13:4d:9b:02:ee:78:
1b:d7:71:36:56:e6:f3:02:52:02:af:93:63:bc:47:ce:75:a4:
7f:8e:2d:4c:22:4f:2e:99:b7:13:f3:4b:dc:3f:01:be:2a:97:
df:f7:aa:03:36:f5:4a:13:a7:7a:43:34:97:9f:7e:95:30:cb:
71:a5:04:1a:f2:3d:5d:12:77:52:64:f0:36:eb:f9:1b:d9:b8:
55:cf:35:63:ba:5c:9e:a4:04:6c:94:b9:c2:0c:6c:8f:67:12:
6d:be:90:43
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUDz/fBLHnw5i2tRBZEJq3fe8mpD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMyMzhaFw0yNTAyMTgxNDM3MzhaMDMxMTAvBgNV
BAMTKDMzNTlGQzlFMjlGMjNBRTI0MjBDQjYyRTc4OEMxQ0VEMEE2MUNFODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoWsiaKkoE/hRq2uGgv3Gc6wYE
pGKkbmfUTNATWKSA4QUiXAgt5wMatkIKcWm6DirmfOsD8ag8P20svRZlSMO6py4y
8KOOIXr4iKYDqiyMtY1iJDm85qPxvDGOt5CXvGMsI1UVsUUbNQ+rrQp7Ikb9TxM1
rawM3DWbBdxeBQwmA+OtkPweU2Fnl7zywb9IaSTAzqezzlqU5IfgWIB9prl86TDp
sLXZZ542vbHpCzEuso4B9pksZG4BR0/vvOF+Cg9q/5ONy6W/UvufHTI6qTHsHIlj
ywhS4kTJ3aoadgzFFoIVnpy512UYGP8r/+/P/d7VEjIU5mXXeMU2Q6hlYcXFAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUM1n8ninyOuJCDLYueIwc7QphzoYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzgzMjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTRSMA0G
CSqGSIb3DQEBCwUAA4IBAQBBgXzsKPv4mxn51H3nyuUoLafOEGu3fhU7CrHjDYjx
yxIdTFmCGRnfpNysakEAuBuSySfrmTelK3jAyE0PTTowfDkHRgTNqEVLhhU4h9Si
COkfgAXANEi4EIJK0oZQsLCjCqdmxx82pUZO6Y+nnQT+aNC8gLRUIxuCQ3dsBCcm
AG57QtQt4+teNKI0ZQHYtx2MV35bT2HduS+iviITTZsC7ngb13E2VubzAlICr5Nj
vEfOdaR/ji1MIk8umbcT80vcPwG+Kpff96oDNvVKE6d6QzSXn36VMMtxpQQa8j1d
EndSZPA26/kb2bhVzzVjulyepARslLnCDGyPZxJtvpBD
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org