Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38352e302f32342d3234203d3e2036383439.roa
File: 33372e35322e38352e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: H++A/hXpw949BvjcOlW/HMPTqkaq8Et0Dg096XWqHnM=
Subject key identifier: 89:8D:14:7D:26:EA:BC:F1:0D:CC:CA:40:21:AB:54:08:97:55:05:6B
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3FD3B670A39FECBE1756FDD7AD57BD79581735DB
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38352e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:37:51 +0000
ROA not before: Tue 20 Feb 2024 14:32:51 +0000
ROA not after: Tue 18 Feb 2025 14:37:51 +0000
asID: 6849
IP address blocks: 37.52.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:d3:b6:70:a3:9f:ec:be:17:56:fd:d7:ad:57:bd:79:58:17:35:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:32:51 2024 GMT
Not After : Feb 18 14:37:51 2025 GMT
Subject: CN=898D147D26EABCF10DCCCA4021AB54089755056B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:dd:76:45:d7:45:18:3e:cd:f7:d5:11:32:62:
36:64:be:cc:27:ac:fa:ff:2f:6c:3f:27:b8:94:fc:
f0:9d:c2:55:8b:b2:11:4b:be:0e:4b:b5:29:a6:c5:
05:cb:9b:40:b3:22:c3:f6:9e:53:05:1b:12:d0:1d:
66:40:22:85:c5:93:49:66:25:e6:3d:ad:a8:78:e4:
e4:0d:58:6a:b3:c6:6c:64:ac:41:f1:b9:9a:08:d9:
3f:02:6d:3c:fe:d7:31:1b:84:e3:ec:c0:2b:bd:64:
d9:62:20:07:15:f9:0c:0c:ad:c7:bf:83:53:76:53:
eb:1e:cb:4f:70:e2:3c:a3:d4:c8:9e:66:4b:ef:a3:
43:75:4c:5a:1e:11:05:de:31:ee:52:aa:af:a7:81:
79:9e:7c:ad:a5:f1:f0:e3:90:06:d8:b3:1c:03:78:
cc:46:93:39:56:b3:82:b6:b4:9b:2e:fc:74:6f:e2:
9b:22:42:50:7a:fe:71:9e:87:ec:74:4a:da:3f:d3:
34:0e:b9:53:9a:86:80:cc:7f:c9:e8:c0:fe:24:f3:
5a:da:c5:55:2e:bb:19:26:87:6a:ef:68:12:3a:cf:
da:51:72:4a:23:66:5f:45:c1:3f:70:ae:dc:71:53:
eb:e0:59:81:e8:f2:76:89:df:a1:43:9d:2f:51:9c:
d3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8D:14:7D:26:EA:BC:F1:0D:CC:CA:40:21:AB:54:08:97:55:05:6B
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38352e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.85.0/24
Signature Algorithm: sha256WithRSAEncryption
34:3d:3b:d2:a5:8e:76:ba:36:da:80:6b:86:63:53:bb:66:15:
2c:e0:17:76:c7:90:9b:58:87:14:a7:1d:fa:f6:42:b4:9c:8b:
04:22:e8:68:2d:90:30:dd:38:a4:ce:c9:98:67:af:a8:5a:bc:
4c:94:14:db:b1:8d:05:c5:04:e5:1d:a7:67:68:83:1a:5a:bd:
7e:3e:a8:ba:ee:ee:6d:b7:ae:e8:47:d1:ba:3c:6f:58:f2:4b:
f2:e7:0c:10:5c:73:57:ad:68:5d:36:af:51:34:53:04:b9:aa:
0c:37:b0:9e:78:3f:d7:e1:05:ea:28:ea:e7:18:10:12:c6:a0:
82:05:c7:0f:77:51:bf:2b:85:03:55:69:7b:d0:f1:65:7a:42:
bb:be:ba:c1:d5:ab:9b:e9:78:14:a6:38:74:2c:6d:8a:2d:04:
eb:81:b5:80:6a:20:d7:ea:92:db:0b:b1:09:44:3a:14:3d:3c:
4b:a7:27:3a:6d:f6:d8:eb:63:ea:41:b2:c3:35:ec:1d:08:2f:
3f:99:e5:9b:82:58:5b:e4:d2:36:95:6d:9f:e9:4d:8e:09:23:
27:6e:6f:71:bf:2b:45:5d:0c:03:81:d9:48:57:17:64:4d:7d:
e9:49:9f:20:26:48:f4:b9:13:3a:c6:c6:ff:f7:a2:72:87:f8:
1b:77:d4:e4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUP9O2cKOf7L4XVv3XrVe9eVgXNdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMyNTFaFw0yNTAyMTgxNDM3NTFaMDMxMTAvBgNV
BAMTKDg5OEQxNDdEMjZFQUJDRjEwRENDQ0E0MDIxQUI1NDA4OTc1NTA1NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf3XZF10UYPs331REyYjZkvswn
rPr/L2w/J7iU/PCdwlWLshFLvg5LtSmmxQXLm0CzIsP2nlMFGxLQHWZAIoXFk0lm
JeY9rah45OQNWGqzxmxkrEHxuZoI2T8CbTz+1zEbhOPswCu9ZNliIAcV+QwMrce/
g1N2U+sey09w4jyj1MieZkvvo0N1TFoeEQXeMe5Sqq+ngXmefK2l8fDjkAbYsxwD
eMxGkzlWs4K2tJsu/HRv4psiQlB6/nGeh+x0Sto/0zQOuVOahoDMf8nowP4k81ra
xVUuuxkmh2rvaBI6z9pRckojZl9FwT9wrtxxU+vgWYHo8naJ36FDnS9RnNMpAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUiY0UfSbqvPENzMpAIatUCJdVBWswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzgzNTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTRVMA0G
CSqGSIb3DQEBCwUAA4IBAQA0PTvSpY52ujbagGuGY1O7ZhUs4Bd2x5CbWIcUpx36
9kK0nIsEIuhoLZAw3TikzsmYZ6+oWrxMlBTbsY0FxQTlHadnaIMaWr1+Pqi67u5t
t67oR9G6PG9Y8kvy5wwQXHNXrWhdNq9RNFMEuaoMN7CeeD/X4QXqKOrnGBASxqCC
BccPd1G/K4UDVWl70PFlekK7vrrB1aub6XgUpjh0LG2KLQTrgbWAaiDX6pLbC7EJ
RDoUPTxLpyc6bfbY62PqQbLDNewdCC8/meWbglhb5NI2lW2f6U2OCSMnbm9xvytF
XQwDgdlIVxdkTX3pSZ8gJkj0uRM6xsb/96Jyh/gbd9Tk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org