Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39372e302f32342d3234203d3e2036383439.roa
File: 33372e35322e39372e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: tpNkggJcZyg5V9lG2PD2/8Wsp3EpvVc5wcRl4173O9k=
Subject key identifier: A8:A8:A5:65:6D:C0:D9:90:6A:56:BB:69:B9:F7:95:13:D1:55:9F:B6
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 62F54FDD9B752B43F7AD323C40FFD008B6DDD0BA
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39372e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:08 +0000
ROA not before: Tue 20 Feb 2024 14:33:08 +0000
ROA not after: Tue 18 Feb 2025 14:38:08 +0000
asID: 6849
IP address blocks: 37.52.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:f5:4f:dd:9b:75:2b:43:f7:ad:32:3c:40:ff:d0:08:b6:dd:d0:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:08 2024 GMT
Not After : Feb 18 14:38:08 2025 GMT
Subject: CN=A8A8A5656DC0D9906A56BB69B9F79513D1559FB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fb:b0:80:33:db:90:27:e6:0a:e9:7f:4a:cd:
44:bf:81:df:fa:00:88:dc:a1:3a:bd:0a:91:d9:97:
c7:17:6e:03:c6:18:97:53:55:dd:f3:7b:f9:91:f8:
48:5b:33:6d:54:09:d6:9f:f7:52:ee:e8:f3:69:d5:
d1:90:f6:03:a9:10:33:1d:52:56:85:31:9c:6e:bb:
54:4e:64:ee:4e:37:13:78:bc:5d:9c:c9:90:fa:ce:
39:09:96:98:10:50:59:4e:93:43:6c:a4:ab:4b:0c:
0a:07:e4:ad:2e:71:da:74:0e:08:11:98:dd:db:78:
b6:5c:4a:32:e5:ce:fd:22:56:b5:05:c7:3b:5b:a4:
fb:e6:a2:f7:cb:4b:99:8b:38:8b:5d:b1:37:3a:74:
7b:ef:ec:91:c5:98:5b:a3:d0:9d:97:0d:6f:75:13:
68:d2:36:0e:69:08:05:41:ba:de:d5:51:da:26:0a:
8a:cb:13:02:c5:25:fc:af:03:ae:21:28:3c:57:df:
68:8d:ca:7f:7c:03:9a:48:3f:87:ec:36:19:95:8f:
1f:8a:3f:05:fb:38:ab:e3:2e:34:6e:6d:0e:34:a3:
15:96:61:ac:90:d0:88:1b:18:34:74:bc:c0:4a:3e:
c8:72:5f:fa:90:79:05:96:43:86:b7:b9:58:a3:14:
f3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A8:A5:65:6D:C0:D9:90:6A:56:BB:69:B9:F7:95:13:D1:55:9F:B6
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39372e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.97.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:09:f3:9d:2e:ae:b3:26:bc:e7:fa:4b:d4:cc:89:7e:35:07:
49:0f:fa:ab:ae:d5:2a:48:cd:43:f6:56:20:83:8a:53:32:8c:
bf:60:0d:4c:27:56:1e:a2:e5:30:80:52:0d:54:38:2f:d6:9b:
ff:26:0a:ca:87:b3:7f:b2:8d:40:7f:77:c7:07:d2:08:a1:f9:
20:a9:6b:37:4d:9d:d0:ae:c9:00:94:04:75:25:5c:cd:8b:f1:
57:46:97:c8:f8:b2:59:b4:de:37:b2:dd:a3:75:e7:8b:4b:72:
7e:50:7b:1e:e7:fc:4c:aa:39:8b:83:9b:29:38:ac:bd:66:1c:
f8:3b:b1:c5:07:3e:47:c1:66:1a:d8:bb:00:c4:e8:89:3d:69:
2e:0a:72:8d:f6:3e:6f:76:d6:31:27:2e:6f:bd:6a:1f:84:dd:
b9:82:4c:ce:5f:37:70:27:7a:96:40:6c:34:fd:6f:79:97:da:
d9:8e:39:21:64:35:fa:b4:3a:ff:4a:7c:3c:b4:59:d9:58:df:
e5:ec:37:8c:69:ad:c2:0f:e7:65:b1:72:8d:41:0f:f5:5b:d7:
73:31:d9:8c:0d:3d:f1:7f:24:f9:7d:94:3e:8a:bd:96:09:b4:
c6:45:34:1f:8b:7d:17:e6:dd:17:46:53:cc:2e:e4:a1:be:88:
1b:04:88:2d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUYvVP3Zt1K0P3rTI8QP/QCLbd0LowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzMDhaFw0yNTAyMTgxNDM4MDhaMDMxMTAvBgNV
BAMTKEE4QThBNTY1NkRDMEQ5OTA2QTU2QkI2OUI5Rjc5NTEzRDE1NTlGQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT+7CAM9uQJ+YK6X9KzUS/gd/6
AIjcoTq9CpHZl8cXbgPGGJdTVd3ze/mR+EhbM21UCdaf91Lu6PNp1dGQ9gOpEDMd
UlaFMZxuu1ROZO5ONxN4vF2cyZD6zjkJlpgQUFlOk0NspKtLDAoH5K0ucdp0DggR
mN3beLZcSjLlzv0iVrUFxztbpPvmovfLS5mLOItdsTc6dHvv7JHFmFuj0J2XDW91
E2jSNg5pCAVBut7VUdomCorLEwLFJfyvA64hKDxX32iNyn98A5pIP4fsNhmVjx+K
PwX7OKvjLjRubQ40oxWWYayQ0IgbGDR0vMBKPshyX/qQeQWWQ4a3uVijFPNrAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUqKilZW3A2ZBqVrtpufeVE9FVn7YwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzkzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTRhMA0G
CSqGSIb3DQEBCwUAA4IBAQALCfOdLq6zJrzn+kvUzIl+NQdJD/qrrtUqSM1D9lYg
g4pTMoy/YA1MJ1YeouUwgFINVDgv1pv/JgrKh7N/so1Af3fHB9IIofkgqWs3TZ3Q
rskAlAR1JVzNi/FXRpfI+LJZtN43st2jdeeLS3J+UHse5/xMqjmLg5spOKy9Zhz4
O7HFBz5HwWYa2LsAxOiJPWkuCnKN9j5vdtYxJy5vvWofhN25gkzOXzdwJ3qWQGw0
/W95l9rZjjkhZDX6tDr/Snw8tFnZWN/l7DeMaa3CD+dlsXKNQQ/1W9dzMdmMDT3x
fyT5fZQ+ir2WCbTGRTQfi30X5t0XRlPMLuShvogbBIgt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org