Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38342e302f32342d3234203d3e2036383439.roa
File: 33372e35322e38342e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: hzzjpbg7skMCyK39XefLzxHraGX2Tv6NTGA+F+vfjpk=
Subject key identifier: 97:F9:32:3C:92:42:49:F2:B5:15:78:48:96:A0:59:85:63:18:10:FE
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1F2928EFE113CC75B8DECE121AC7802A51A9BFC3
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38342e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:37:48 +0000
ROA not before: Tue 20 Feb 2024 14:32:48 +0000
ROA not after: Tue 18 Feb 2025 14:37:48 +0000
asID: 6849
IP address blocks: 37.52.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:29:28:ef:e1:13:cc:75:b8:de:ce:12:1a:c7:80:2a:51:a9:bf:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:32:48 2024 GMT
Not After : Feb 18 14:37:48 2025 GMT
Subject: CN=97F9323C924249F2B515784896A05985631810FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:64:56:a0:a9:76:dd:0b:8d:cd:33:05:1f:82:
07:0e:b1:eb:51:8e:69:53:c6:d6:dd:0f:5e:22:16:
42:19:b2:06:1b:82:a7:f7:03:4f:00:35:f1:aa:29:
6f:74:da:1d:84:e6:41:a0:cb:04:fa:dd:7e:35:80:
4a:a5:5d:31:03:a1:33:0a:80:c9:c1:a7:bb:06:e7:
45:81:d2:f8:e0:58:7a:4a:55:63:ea:ee:c7:16:be:
7a:e2:bc:8f:e0:c6:86:02:db:17:b7:c0:c9:ad:4c:
fe:24:77:29:51:71:f5:03:ae:44:ae:e4:f3:53:a6:
2e:9c:76:c6:3a:97:69:93:6f:39:ab:5a:14:28:66:
24:b7:64:d7:c8:18:fd:b2:02:eb:0f:0b:b4:86:6d:
06:0b:ee:cf:32:df:fc:07:6c:60:5c:f7:67:09:6b:
34:50:a3:c8:ac:4a:1d:58:2a:0b:ef:6b:f9:ef:66:
0f:ec:1f:34:aa:d5:40:49:85:1f:0e:d5:4d:47:dc:
8b:88:57:f3:cb:ff:0c:97:2d:72:ec:c4:f0:2a:19:
ed:87:49:96:23:97:fd:f4:3e:43:b2:9f:b5:22:28:
ab:81:26:b7:1b:e7:83:0a:6f:4b:44:de:49:8c:3b:
92:43:3c:e0:9d:9e:19:3e:22:10:26:37:c3:c4:a2:
88:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F9:32:3C:92:42:49:F2:B5:15:78:48:96:A0:59:85:63:18:10:FE
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38342e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.84.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:25:e3:68:34:a5:3e:52:f1:ea:1f:0a:73:cd:da:8b:80:ca:
68:cb:6f:d3:79:2c:f2:a0:57:bc:06:a7:22:53:56:7c:24:d9:
78:0f:9b:6a:38:3c:0e:40:9f:a8:c8:92:b3:71:6c:c0:46:92:
e4:27:ce:75:1f:bf:9d:0d:38:e1:ba:c9:09:fb:4f:8f:d1:4b:
9a:1a:c0:35:14:79:37:63:b6:36:9e:b0:e0:4f:38:2b:32:41:
fc:e3:23:db:20:76:2d:13:83:aa:f8:39:76:e2:3e:44:6a:92:
a5:0f:28:a4:bb:63:2a:30:e5:3e:15:92:7f:ca:f7:38:9d:27:
0c:a2:97:ae:12:82:1d:5e:62:a4:8e:a2:0f:44:25:a0:1f:31:
07:be:fe:35:37:f7:88:f1:d4:43:0b:a4:54:c0:d9:53:bd:0e:
0e:dd:13:68:d1:f4:05:2a:af:44:67:7b:76:b7:4a:fe:c9:03:
33:10:97:9b:4b:b4:c9:4f:8c:d5:92:b5:0b:7b:9d:b2:8d:bd:
82:9b:67:33:c5:8c:da:f7:90:49:24:57:5f:a0:01:65:7f:8e:
1f:50:da:cf:f4:ce:11:fc:a2:aa:dc:78:3c:df:65:59:e8:34:
e0:66:67:74:25:53:94:9d:6e:ec:a8:91:92:b6:8b:85:42:7f:
73:45:16:92
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUHyko7+ETzHW43s4SGseAKlGpv8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMyNDhaFw0yNTAyMTgxNDM3NDhaMDMxMTAvBgNV
BAMTKDk3RjkzMjNDOTI0MjQ5RjJCNTE1Nzg0ODk2QTA1OTg1NjMxODEwRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2ZFagqXbdC43NMwUfggcOsetR
jmlTxtbdD14iFkIZsgYbgqf3A08ANfGqKW902h2E5kGgywT63X41gEqlXTEDoTMK
gMnBp7sG50WB0vjgWHpKVWPq7scWvnrivI/gxoYC2xe3wMmtTP4kdylRcfUDrkSu
5PNTpi6cdsY6l2mTbzmrWhQoZiS3ZNfIGP2yAusPC7SGbQYL7s8y3/wHbGBc92cJ
azRQo8isSh1YKgvva/nvZg/sHzSq1UBJhR8O1U1H3IuIV/PL/wyXLXLsxPAqGe2H
SZYjl/30PkOyn7UiKKuBJrcb54MKb0tE3kmMO5JDPOCdnhk+IhAmN8PEoogzAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUl/kyPJJCSfK1FXhIlqBZhWMYEP4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzgzNDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTRUMA0G
CSqGSIb3DQEBCwUAA4IBAQAfJeNoNKU+UvHqHwpzzdqLgMpoy2/TeSzyoFe8Bqci
U1Z8JNl4D5tqODwOQJ+oyJKzcWzARpLkJ851H7+dDTjhuskJ+0+P0UuaGsA1FHk3
Y7Y2nrDgTzgrMkH84yPbIHYtE4Oq+Dl24j5EapKlDyiku2MqMOU+FZJ/yvc4nScM
opeuEoIdXmKkjqIPRCWgHzEHvv41N/eI8dRDC6RUwNlTvQ4O3RNo0fQFKq9EZ3t2
t0r+yQMzEJebS7TJT4zVkrULe52yjb2Cm2czxYza95BJJFdfoAFlf44fUNrP9M4R
/KKq3Hg832VZ6DTgZmd0JVOUnW7sqJGStouFQn9zRRaS
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org