Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39362e302f32342d3234203d3e2036383439.roa
File: 33372e35322e39362e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: nE0Oi7JGO4YeYWCCtWLcyaWcM04hBaUBIXrMsY3S12I=
Subject key identifier: 2D:C3:CC:01:D7:C3:73:E9:AA:59:A6:0E:B8:44:E3:AE:E9:2F:0A:D5
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4B2D65B5534EF8C7B33638BE6DA6F8B030B1F8E2
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39362e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:05 +0000
ROA not before: Tue 20 Feb 2024 14:33:05 +0000
ROA not after: Tue 18 Feb 2025 14:38:05 +0000
asID: 6849
IP address blocks: 37.52.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:2d:65:b5:53:4e:f8:c7:b3:36:38:be:6d:a6:f8:b0:30:b1:f8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:05 2024 GMT
Not After : Feb 18 14:38:05 2025 GMT
Subject: CN=2DC3CC01D7C373E9AA59A60EB844E3AEE92F0AD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a5:40:c9:75:0d:f9:3e:13:a1:8e:1a:a4:1e:
14:44:6c:c1:d9:e6:b0:67:09:da:e1:b7:e8:39:c9:
51:69:49:3f:58:04:05:2a:4f:34:12:f7:4a:b4:25:
d6:0b:1e:86:66:d8:67:7c:c7:d1:89:b5:11:f7:8f:
37:cf:ec:84:fb:28:ef:4a:28:95:18:d3:6f:ea:04:
20:b3:d2:e9:42:4f:28:97:9d:2d:e2:7a:9f:96:f8:
b2:5b:5b:ce:ee:a7:cf:c6:29:88:f4:3d:5f:f9:69:
10:39:0e:6a:66:60:0c:02:6e:91:4a:95:eb:77:95:
a6:8f:b2:20:f9:f0:6b:24:7f:7f:09:0c:66:0b:9d:
f3:45:ef:aa:8a:ce:23:b8:0c:17:3c:9c:87:02:4d:
64:ad:be:7c:59:e1:26:b8:ed:a3:4c:65:0d:bc:24:
9e:4b:e1:7f:2d:77:fb:96:0c:06:ce:70:72:fc:ae:
33:bc:18:ec:90:c9:85:7d:df:e2:83:2e:5e:17:65:
95:68:65:e6:ef:6b:4d:1e:65:43:2b:49:70:86:bf:
45:08:f9:5b:74:6f:14:be:6b:44:69:1a:ca:1b:26:
06:f5:2f:3b:43:dd:ca:48:00:ac:7b:e0:96:c8:23:
85:e2:fd:23:73:81:6a:09:1d:76:e7:dd:3b:55:0f:
62:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C3:CC:01:D7:C3:73:E9:AA:59:A6:0E:B8:44:E3:AE:E9:2F:0A:D5
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39362e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.96.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:f0:1d:0a:95:0a:51:27:97:7f:4f:81:bc:94:bd:06:73:d4:
b2:bd:0d:a4:0b:cb:47:13:49:39:f4:95:cb:31:7c:e6:30:15:
76:4b:c1:0e:7f:43:e4:a1:d9:9c:94:ee:5c:1e:38:0a:cb:18:
c7:a0:3c:24:82:db:11:07:c5:3f:6d:ed:57:f1:e1:d0:d9:3a:
ee:a7:1f:1f:66:dd:78:84:42:49:2d:58:6f:42:bd:a3:e9:86:
04:6c:05:47:2f:65:d5:0f:7f:6b:b0:e8:ae:8c:45:4e:4b:a3:
db:6d:c6:29:ef:3f:04:e1:4f:8b:0a:8c:29:c1:45:85:d9:89:
76:75:a8:6d:51:87:70:c3:c2:41:ff:62:35:e5:51:aa:22:ba:
05:fc:c5:db:a2:90:90:f7:b7:6b:aa:77:c9:7c:ff:68:2a:82:
f7:a3:7a:f0:db:92:7c:1e:b4:c2:ef:63:03:dd:70:35:8d:e1:
36:5c:01:f9:7d:91:a7:75:5a:07:73:a9:1c:db:88:89:03:2b:
f6:02:c3:36:b4:14:3a:8e:f0:a3:17:88:61:b5:68:d4:0d:3f:
e3:1f:e5:33:f3:d1:22:8d:3d:bb:af:d1:16:bc:c2:28:bf:64:
c3:06:76:50:b0:9e:9b:c6:ff:f8:5c:23:18:11:31:7c:41:89:
31:5c:5a:03
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUSy1ltVNO+MezNji+bab4sDCx+OIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzMDVaFw0yNTAyMTgxNDM4MDVaMDMxMTAvBgNV
BAMTKDJEQzNDQzAxRDdDMzczRTlBQTU5QTYwRUI4NDRFM0FFRTkyRjBBRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqpUDJdQ35PhOhjhqkHhREbMHZ
5rBnCdrht+g5yVFpST9YBAUqTzQS90q0JdYLHoZm2Gd8x9GJtRH3jzfP7IT7KO9K
KJUY02/qBCCz0ulCTyiXnS3iep+W+LJbW87up8/GKYj0PV/5aRA5DmpmYAwCbpFK
let3laaPsiD58Gskf38JDGYLnfNF76qKziO4DBc8nIcCTWStvnxZ4Sa47aNMZQ28
JJ5L4X8td/uWDAbOcHL8rjO8GOyQyYV93+KDLl4XZZVoZebva00eZUMrSXCGv0UI
+Vt0bxS+a0RpGsobJgb1LztD3cpIAKx74JbII4Xi/SNzgWoJHXbn3TtVD2IZAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQULcPMAdfDc+mqWaYOuETjrukvCtUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzkzNjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTRgMA0G
CSqGSIb3DQEBCwUAA4IBAQA88B0KlQpRJ5d/T4G8lL0Gc9SyvQ2kC8tHE0k59JXL
MXzmMBV2S8EOf0PkodmclO5cHjgKyxjHoDwkgtsRB8U/be1X8eHQ2Trupx8fZt14
hEJJLVhvQr2j6YYEbAVHL2XVD39rsOiujEVOS6PbbcYp7z8E4U+LCowpwUWF2Yl2
dahtUYdww8JB/2I15VGqIroF/MXbopCQ97drqnfJfP9oKoL3o3rw25J8HrTC72MD
3XA1jeE2XAH5fZGndVoHc6kc24iJAyv2AsM2tBQ6jvCjF4hhtWjUDT/jH+Uz89Ei
jT27r9EWvMIov2TDBnZQsJ6bxv/4XCMYETF8QYkxXFoD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org