Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39382e302f32342d3234203d3e2036383439.roa
File: 33372e35322e39382e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: Cn1dMzzgyakI1KbPCqhyWupN8MpSFGzYX7dYgdr088g=
Subject key identifier: C4:8C:AE:D5:3F:A8:6E:D6:23:EB:B4:0F:19:7A:30:79:20:F0:C2:BD
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: CCFF9506712F52AFBC98B92728FEBE3805BAAA
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39382e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:11 +0000
ROA not before: Tue 20 Feb 2024 14:33:11 +0000
ROA not after: Tue 18 Feb 2025 14:38:11 +0000
asID: 6849
IP address blocks: 37.52.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
cc:ff:95:06:71:2f:52:af:bc:98:b9:27:28:fe:be:38:05:ba:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:11 2024 GMT
Not After : Feb 18 14:38:11 2025 GMT
Subject: CN=C48CAED53FA86ED623EBB40F197A307920F0C2BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4d:50:6e:a8:85:32:0c:02:2b:31:bf:e0:57:
ee:c9:99:1f:84:3b:66:c8:1e:11:6f:2f:a1:62:61:
32:2d:1a:15:0b:10:67:af:7e:5b:12:d4:77:20:03:
f4:85:97:85:0a:b3:a8:f3:b8:da:af:d5:ef:af:b1:
cf:2d:43:7a:57:8c:5c:cb:f2:85:e2:4a:11:97:4b:
99:2f:12:7f:c3:00:a4:94:f5:d8:49:81:f3:10:e9:
e3:7f:51:42:74:f6:c1:35:64:e5:2d:de:4d:7c:d6:
6a:4b:29:d9:4a:05:36:cc:22:2a:e2:2b:61:90:e9:
8b:cd:1a:c2:eb:bb:09:af:bf:ce:7c:80:a0:1b:52:
53:4d:f3:3f:8c:c9:a9:d8:60:45:c5:07:0a:5b:c6:
25:fc:ba:82:f2:43:fa:c8:77:e0:b5:bd:e0:a3:6a:
2f:7b:bd:f0:36:ef:55:3c:b6:f3:ed:94:25:d1:8a:
d1:d5:39:96:0a:e0:a4:04:1a:9b:16:49:85:27:bc:
4a:d2:98:a8:0a:84:d2:7c:94:12:c3:af:cf:7b:d1:
75:ab:d2:8e:0e:07:c8:e0:ce:c6:32:d9:9b:d3:49:
91:c1:16:85:10:ca:be:b5:c1:07:9e:8b:62:5b:a2:
3b:d1:1e:37:12:48:c9:f0:aa:34:c4:10:fe:05:2c:
28:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:8C:AE:D5:3F:A8:6E:D6:23:EB:B4:0F:19:7A:30:79:20:F0:C2:BD
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39382e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.98.0/24
Signature Algorithm: sha256WithRSAEncryption
56:06:28:ca:4b:e3:14:c2:0c:bd:37:9d:0b:d1:23:61:0c:82:
40:f6:c6:70:4d:30:41:5c:45:bf:9b:77:57:e1:22:e1:6a:86:
1e:26:78:e0:c7:97:81:ea:43:11:e5:bf:dd:f6:96:a8:66:ff:
a0:e5:46:dc:af:d6:bd:40:26:e3:ff:99:c5:48:0c:12:68:92:
1c:c3:88:0d:ab:c8:9e:cf:93:78:83:b6:55:68:10:47:08:45:
19:86:93:f5:77:c7:a8:77:7a:e9:b5:60:25:75:a3:45:f9:07:
8a:c4:2c:0c:79:69:a0:0b:1b:b6:03:2b:3a:e8:81:0c:55:f0:
b1:ad:e7:bc:2c:25:23:ab:8d:98:4c:0a:df:ed:85:63:62:5e:
6f:b4:d0:67:0b:f2:22:de:f8:73:76:54:e4:80:dd:34:36:da:
d1:3d:af:2f:97:ba:1a:82:8b:d6:7c:d6:d7:03:4b:bd:01:9d:
f4:1e:54:6b:4c:1e:be:2c:a2:2f:b3:20:cf:ac:26:56:5c:4e:
a6:71:4b:bd:24:67:0f:04:75:2b:42:93:d8:e1:57:c3:c9:9b:
5b:c4:54:83:6d:5b:d2:a7:d0:7d:10:be:dd:d7:68:74:61:68:
32:49:fe:4a:c0:ca:68:7a:59:7a:a5:48:25:5f:a0:3a:c6:f2:
18:d2:4d:70
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUAMz/lQZxL1KvvJi5Jyj+vjgFuqowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzMTFaFw0yNTAyMTgxNDM4MTFaMDMxMTAvBgNV
BAMTKEM0OENBRUQ1M0ZBODZFRDYyM0VCQjQwRjE5N0EzMDc5MjBGMEMyQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUTVBuqIUyDAIrMb/gV+7JmR+E
O2bIHhFvL6FiYTItGhULEGevflsS1HcgA/SFl4UKs6jzuNqv1e+vsc8tQ3pXjFzL
8oXiShGXS5kvEn/DAKSU9dhJgfMQ6eN/UUJ09sE1ZOUt3k181mpLKdlKBTbMIiri
K2GQ6YvNGsLruwmvv858gKAbUlNN8z+MyanYYEXFBwpbxiX8uoLyQ/rId+C1veCj
ai97vfA271U8tvPtlCXRitHVOZYK4KQEGpsWSYUnvErSmKgKhNJ8lBLDr8970XWr
0o4OB8jgzsYy2ZvTSZHBFoUQyr61wQeei2JbojvRHjcSSMnwqjTEEP4FLCgbAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUxIyu1T+obtYj67QPGXoweSDwwr0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzkzODJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTRiMA0G
CSqGSIb3DQEBCwUAA4IBAQBWBijKS+MUwgy9N50L0SNhDIJA9sZwTTBBXEW/m3dX
4SLhaoYeJnjgx5eB6kMR5b/d9paoZv+g5Ubcr9a9QCbj/5nFSAwSaJIcw4gNq8ie
z5N4g7ZVaBBHCEUZhpP1d8eod3rptWAldaNF+QeKxCwMeWmgCxu2Ays66IEMVfCx
ree8LCUjq42YTArf7YVjYl5vtNBnC/Ii3vhzdlTkgN00NtrRPa8vl7oagovWfNbX
A0u9AZ30HlRrTB6+LKIvsyDPrCZWXE6mcUu9JGcPBHUrQpPY4VfDyZtbxFSDbVvS
p9B9EL7d12h0YWgySf5KwMpoell6pUglX6A6xvIY0k1w
-----END CERTIFICATE-----
Generated at Fri Feb 23 13:38:38 2024 by rpki-client on console-ams.rpki-client.org