Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38372e302f32342d3234203d3e2036383439.roa
File: 33372e35322e38372e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: hEDj2zJMmm8cBk3gso2o1D8L4WoAbMrwK+D65GNyj6Q=
Subject key identifier: 5E:8D:25:A6:A5:0C:E8:8E:37:BD:98:51:AF:99:34:73:30:FE:57:4D
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6A672A3E176AA3260FAC881A0FB72FB0DDBC7BC2
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38372e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:37:58 +0000
ROA not before: Tue 20 Feb 2024 14:32:58 +0000
ROA not after: Tue 18 Feb 2025 14:37:58 +0000
asID: 6849
IP address blocks: 37.52.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:67:2a:3e:17:6a:a3:26:0f:ac:88:1a:0f:b7:2f:b0:dd:bc:7b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:32:58 2024 GMT
Not After : Feb 18 14:37:58 2025 GMT
Subject: CN=5E8D25A6A50CE88E37BD9851AF99347330FE574D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:29:68:76:30:b8:d1:de:67:e5:13:b8:64:1b:
09:e9:1e:1c:0e:28:e3:50:39:75:e5:2f:10:36:8a:
90:d0:ae:e9:fd:8a:46:ab:2d:09:cc:71:fe:29:63:
ac:73:ba:01:72:26:33:3c:9e:f6:23:53:f5:1f:3f:
38:31:21:1b:54:0d:a2:a8:9f:45:8c:d2:02:12:92:
49:c1:96:08:05:21:bf:69:22:8d:f2:3a:7c:d3:b3:
d3:43:5d:fb:d4:28:b3:76:d6:10:6d:ba:04:3b:5c:
d3:eb:ae:a7:4b:97:f3:1a:b4:ad:e8:28:c5:32:b0:
8b:05:af:2e:2b:ff:77:1b:52:a1:19:13:5a:d4:c0:
3e:2e:e4:d7:df:2d:70:33:73:78:5a:40:e7:75:4a:
45:c0:b5:c4:8f:13:c2:91:bc:32:41:f8:ff:6a:2d:
73:a8:12:49:1e:13:11:a8:b5:f4:cd:41:c3:9f:88:
3f:be:e2:d1:98:9e:d8:d3:7b:72:66:23:67:73:a4:
d2:cb:da:dd:52:d4:aa:2d:18:14:67:31:3d:39:a7:
4e:de:72:5d:cc:f3:27:e8:df:e4:8e:fb:d5:0b:b5:
78:02:19:e7:c2:35:61:57:83:f2:bb:57:77:d4:93:
c4:a0:68:2f:e5:4d:1b:cf:ad:99:c1:f4:e3:85:2b:
7a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8D:25:A6:A5:0C:E8:8E:37:BD:98:51:AF:99:34:73:30:FE:57:4D
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38372e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.87.0/24
Signature Algorithm: sha256WithRSAEncryption
87:16:6f:e3:cb:8c:85:ee:f0:c2:08:64:61:5e:f1:8b:67:a5:
9c:9f:b2:8d:9f:c0:22:01:7f:97:ea:80:c8:aa:32:c0:35:9c:
9a:54:ac:ee:45:26:fc:b7:aa:b3:5d:85:3c:14:d6:5d:45:db:
d7:f3:68:b2:8e:31:e7:76:0c:38:4f:88:dd:9f:b5:c5:cb:84:
d7:40:22:ba:d2:44:14:9b:d6:85:e9:24:7c:bd:40:f0:4a:f2:
79:f0:18:93:fd:0e:fd:c1:ae:58:4d:86:10:ba:bf:e9:97:cf:
20:e5:5f:e4:cf:7c:86:9b:9d:62:42:fa:be:4d:17:fb:0f:1b:
cc:ab:77:f7:d0:18:f7:7b:df:63:bb:af:d3:fa:12:5d:7a:d4:
76:47:dd:5c:25:6e:6c:21:e1:ba:0a:ab:68:b4:21:23:c4:27:
df:7a:0a:5d:40:bd:58:2c:d9:a5:49:13:3b:1d:9c:24:0c:bd:
f2:7e:de:15:aa:7c:2c:80:56:dc:2f:d3:02:f4:d3:1e:02:d7:
84:a7:df:b9:21:20:73:6b:ad:b1:2b:f0:cc:3c:9f:38:cf:c0:
d7:7c:e6:c6:4e:6f:f6:b1:cf:18:24:e0:33:d7:47:ef:c7:36:
e1:11:09:0a:5d:b8:74:56:e4:1a:4f:b3:a9:ed:f5:35:d2:e5:
e8:c2:5a:12
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUamcqPhdqoyYPrIgaD7cvsN28e8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMyNThaFw0yNTAyMTgxNDM3NThaMDMxMTAvBgNV
BAMTKDVFOEQyNUE2QTUwQ0U4OEUzN0JEOTg1MUFGOTkzNDczMzBGRTU3NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaKWh2MLjR3mflE7hkGwnpHhwO
KONQOXXlLxA2ipDQrun9ikarLQnMcf4pY6xzugFyJjM8nvYjU/UfPzgxIRtUDaKo
n0WM0gISkknBlggFIb9pIo3yOnzTs9NDXfvUKLN21hBtugQ7XNPrrqdLl/MatK3o
KMUysIsFry4r/3cbUqEZE1rUwD4u5NffLXAzc3haQOd1SkXAtcSPE8KRvDJB+P9q
LXOoEkkeExGotfTNQcOfiD++4tGYntjTe3JmI2dzpNLL2t1S1KotGBRnMT05p07e
cl3M8yfo3+SO+9ULtXgCGefCNWFXg/K7V3fUk8SgaC/lTRvPrZnB9OOFK3qxAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUXo0lpqUM6I43vZhRr5k0czD+V00wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzgzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTRXMA0G
CSqGSIb3DQEBCwUAA4IBAQCHFm/jy4yF7vDCCGRhXvGLZ6Wcn7KNn8AiAX+X6oDI
qjLANZyaVKzuRSb8t6qzXYU8FNZdRdvX82iyjjHndgw4T4jdn7XFy4TXQCK60kQU
m9aF6SR8vUDwSvJ58BiT/Q79wa5YTYYQur/pl88g5V/kz3yGm51iQvq+TRf7DxvM
q3f30Bj3e99ju6/T+hJdetR2R91cJW5sIeG6CqtotCEjxCffegpdQL1YLNmlSRM7
HZwkDL3yft4VqnwsgFbcL9MC9NMeAteEp9+5ISBza62xK/DMPJ84z8DXfObGTm/2
sc8YJOAz10fvxzbhEQkKXbh0VuQaT7Op7fU10uXowloS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org