Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39362e302f32312d3231203d3e2036383439.roa
File: 33372e35322e39362e302f32312d3231203d3e2036383439.roa (raw, json)
Hash identifier: 5B5TO/LhEE17IRybHoE/NxdF5C2nSPTeMAHfA1dtGcM=
Subject key identifier: 09:7D:36:DF:56:9B:50:06:87:30:5F:D6:2A:23:8F:F7:BF:BA:E6:2B
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: FEC880DCA65A231D1BFD1F918B4AEF3781AD64
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39362e302f32312d3231203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:02 +0000
ROA not before: Tue 20 Feb 2024 14:33:02 +0000
ROA not after: Tue 18 Feb 2025 14:38:02 +0000
asID: 6849
IP address blocks: 37.52.96.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
fe:c8:80:dc:a6:5a:23:1d:1b:fd:1f:91:8b:4a:ef:37:81:ad:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:02 2024 GMT
Not After : Feb 18 14:38:02 2025 GMT
Subject: CN=097D36DF569B500687305FD62A238FF7BFBAE62B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:cf:95:11:42:fa:1b:4a:7d:0f:ba:d0:78:69:
0c:73:8b:51:e4:1a:e4:cf:52:8d:cb:ab:10:48:26:
48:c9:8c:2b:7d:b0:b7:a2:6e:5d:66:4b:f1:c5:ef:
af:82:51:1d:05:b3:26:18:d6:96:37:fa:2e:58:b2:
8b:88:7b:6c:6b:ed:53:39:e4:0e:4e:4f:29:f0:a8:
77:cb:5f:99:71:dd:09:bb:71:06:35:a4:96:df:17:
70:4e:0a:ab:49:ca:71:e7:32:1a:0d:5b:04:a8:b8:
e6:b6:f6:5c:bb:72:1f:61:5a:c0:f6:cf:92:e1:7e:
5f:8a:c7:b9:83:21:c3:2d:44:58:fa:fb:4b:a9:30:
97:0a:95:0a:60:ce:c8:29:ca:c9:2d:e2:77:1a:68:
12:78:01:ef:6f:fe:fb:94:c5:b2:f2:8b:e6:7c:aa:
00:b9:0e:b5:a2:ec:e6:ea:61:0b:18:8e:8d:bc:a0:
a5:40:d7:8d:3c:fa:cf:3d:e1:72:ac:68:28:b6:7a:
4c:ab:36:99:13:43:e3:39:d7:fd:45:81:67:a7:49:
cf:73:36:2a:1b:1d:6f:dc:18:2e:c4:33:9a:63:8c:
11:bc:99:30:d7:3b:91:b2:b0:29:01:a0:b0:e7:f4:
ae:e3:25:77:7f:3e:11:c1:93:26:d5:41:12:d1:9c:
d2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:7D:36:DF:56:9B:50:06:87:30:5F:D6:2A:23:8F:F7:BF:BA:E6:2B
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39362e302f32312d3231203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.96.0/21
Signature Algorithm: sha256WithRSAEncryption
08:ce:97:95:48:95:97:2f:03:b5:25:bf:fb:ea:3e:ba:6d:6d:
39:0c:51:3f:b8:f0:72:14:88:be:87:7c:b5:3a:b3:43:8f:fc:
59:8c:ed:9f:24:13:bb:40:32:95:2f:16:95:49:0b:bd:94:be:
22:cb:a4:92:b2:52:36:53:13:0f:e1:7f:5e:47:77:d0:c5:48:
a5:f8:e0:99:56:7c:b5:07:1f:80:4e:41:3f:31:fd:3f:ab:13:
20:c0:0a:78:60:d5:6a:60:17:b7:38:4c:09:6c:af:1e:de:4b:
c1:f1:41:33:28:19:cd:3d:b9:54:ea:cc:0b:8c:39:dc:78:78:
91:e7:6e:95:09:f1:bf:82:98:8b:48:86:b5:bb:2c:cd:b4:f0:
00:77:11:53:8c:d3:f4:ed:3f:1c:51:65:d9:51:7d:a5:48:a7:
5e:f2:8e:f6:1c:55:c3:45:2a:28:ab:f8:ec:e1:c2:b2:d3:de:
a7:ac:5a:1f:ae:fd:97:85:78:2c:bd:b5:b2:40:2d:fd:b7:e2:
83:dd:0d:d7:28:17:b1:82:f6:c1:d2:f9:9e:99:bd:81:70:b9:
e4:39:75:42:6c:71:c6:40:25:e5:29:02:42:01:03:15:3e:85:
0f:df:5b:9d:dc:33:12:ab:94:81:1a:b4:39:48:71:dd:62:de:
a2:ee:e1:86
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUAP7IgNymWiMdG/0fkYtK7zeBrWQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzMDJaFw0yNTAyMTgxNDM4MDJaMDMxMTAvBgNV
BAMTKDA5N0QzNkRGNTY5QjUwMDY4NzMwNUZENjJBMjM4RkY3QkZCQUU2MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmz5URQvobSn0PutB4aQxzi1Hk
GuTPUo3LqxBIJkjJjCt9sLeibl1mS/HF76+CUR0FsyYY1pY3+i5YsouIe2xr7VM5
5A5OTynwqHfLX5lx3Qm7cQY1pJbfF3BOCqtJynHnMhoNWwSouOa29ly7ch9hWsD2
z5Lhfl+Kx7mDIcMtRFj6+0upMJcKlQpgzsgpyskt4ncaaBJ4Ae9v/vuUxbLyi+Z8
qgC5DrWi7ObqYQsYjo28oKVA1408+s894XKsaCi2ekyrNpkTQ+M51/1FgWenSc9z
NiobHW/cGC7EM5pjjBG8mTDXO5GysCkBoLDn9K7jJXd/PhHBkybVQRLRnNKzAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUCX0231abUAaHMF/WKiOP97+65iswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzkzNjJl
MzAyZjMyMzEyZDMyMzEyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJTRgMA0G
CSqGSIb3DQEBCwUAA4IBAQAIzpeVSJWXLwO1Jb/76j66bW05DFE/uPByFIi+h3y1
OrNDj/xZjO2fJBO7QDKVLxaVSQu9lL4iy6SSslI2UxMP4X9eR3fQxUil+OCZVny1
Bx+ATkE/Mf0/qxMgwAp4YNVqYBe3OEwJbK8e3kvB8UEzKBnNPblU6swLjDnceHiR
526VCfG/gpiLSIa1uyzNtPAAdxFTjNP07T8cUWXZUX2lSKde8o72HFXDRSooq/js
4cKy096nrFofrv2XhXgsvbWyQC39t+KD3Q3XKBexgvbB0vmemb2BcLnkOXVCbHHG
QCXlKQJCAQMVPoUP31ud3DMSq5SBGrQ5SHHdYt6i7uGG
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org