Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39392e302f32342d3234203d3e2036383439.roa
File: 33372e35322e39392e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: MtfhU+w+9r1RqvrBww8lq22MeoDb+lWQQqTNOM+x6XY=
Subject key identifier: 0E:FB:20:B0:D7:28:7C:62:13:DA:0E:99:D7:13:93:AE:07:02:FC:81
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 200AB96143983D32D152FF537D4D53E72517D0B7
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39392e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:14 +0000
ROA not before: Tue 20 Feb 2024 14:33:14 +0000
ROA not after: Tue 18 Feb 2025 14:38:14 +0000
asID: 6849
IP address blocks: 37.52.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 09:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:0a:b9:61:43:98:3d:32:d1:52:ff:53:7d:4d:53:e7:25:17:d0:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:14 2024 GMT
Not After : Feb 18 14:38:14 2025 GMT
Subject: CN=0EFB20B0D7287C6213DA0E99D71393AE0702FC81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:95:02:f9:8f:10:9e:4c:58:74:c7:f9:19:53:
e7:cc:74:b9:53:03:ff:78:88:33:e9:68:4d:7e:6d:
6f:bb:0d:c4:a7:57:ec:8e:07:9f:7b:8c:ea:91:e5:
70:3f:c8:57:f7:e5:23:ca:19:65:f9:10:42:5a:14:
71:fe:96:ef:5e:eb:7c:81:51:8c:f0:cf:b2:cf:4d:
ef:c0:60:10:66:bf:0d:c8:02:96:7c:ef:ea:de:31:
88:ec:a0:dd:1b:1f:50:63:6a:de:e2:fb:88:16:5e:
67:d7:1e:c3:a4:c0:fa:98:cb:a2:55:2e:1f:7b:74:
f9:62:90:b8:8e:39:e9:74:81:c7:22:9c:a3:e3:79:
9d:9d:a8:dd:99:11:2b:d6:b9:d7:04:55:5e:55:60:
5e:1f:9d:db:2b:d7:61:85:4d:e8:46:2c:6e:20:9e:
2c:a5:5d:7e:b8:15:33:78:ca:a5:43:47:bb:92:28:
7c:54:50:9c:72:ab:cd:ef:b9:d7:15:f8:42:ac:08:
8b:da:41:7d:c7:eb:74:42:ac:1a:6b:ee:22:94:9d:
2b:d4:e5:cc:0e:67:0d:9e:1c:1c:de:ef:aa:1d:c7:
2d:64:a9:79:de:2d:90:13:d2:7e:7d:a1:8a:00:97:
e4:91:32:23:5d:29:36:cf:20:ff:30:bc:e5:0d:f5:
86:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:FB:20:B0:D7:28:7C:62:13:DA:0E:99:D7:13:93:AE:07:02:FC:81
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e39392e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.99.0/24
Signature Algorithm: sha256WithRSAEncryption
66:4d:9f:71:e0:09:77:ef:60:6b:13:fb:1f:ae:9e:f3:5e:67:
e2:6f:29:30:52:36:05:27:d4:b1:8e:f0:d8:0e:c6:03:31:64:
20:ad:7c:6e:fa:fe:ac:4f:1d:73:dc:b2:4f:35:82:7e:45:e4:
a6:2b:7d:60:16:ff:64:10:7c:b7:98:9c:fc:4a:13:4b:1f:2c:
12:df:95:14:4e:2d:7d:41:3c:67:0f:d4:43:89:4a:d1:e6:4f:
8e:b1:f7:b1:5b:c4:7b:b9:88:83:68:f9:85:17:ec:26:cc:03:
8a:75:10:b0:b3:15:d9:38:1f:10:3f:9f:98:b8:e1:77:73:4d:
bd:52:13:99:31:94:8c:28:55:95:da:3f:43:85:f9:00:3e:2a:
5c:fb:4a:41:69:25:b2:3f:2b:6a:d7:5d:1c:28:7b:b3:c5:e8:
66:b0:fa:33:73:99:90:b9:ec:0b:56:9d:75:5b:c0:8b:27:64:
e3:88:01:90:0e:92:24:ce:a5:82:56:18:fe:93:6c:5f:4e:dc:
bc:fe:63:e8:1f:9a:98:09:6a:3b:c5:dd:ff:58:94:38:68:c8:
bf:68:b3:cd:b6:b8:c3:27:b1:2b:89:98:80:71:87:d4:de:0b:
36:a3:67:65:06:39:15:0a:56:c0:6d:a6:96:bb:43:ae:bb:63:
a4:eb:ce:b8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUIAq5YUOYPTLRUv9TfU1T5yUX0LcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzMTRaFw0yNTAyMTgxNDM4MTRaMDMxMTAvBgNV
BAMTKDBFRkIyMEIwRDcyODdDNjIxM0RBMEU5OUQ3MTM5M0FFMDcwMkZDODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQlQL5jxCeTFh0x/kZU+fMdLlT
A/94iDPpaE1+bW+7DcSnV+yOB597jOqR5XA/yFf35SPKGWX5EEJaFHH+lu9e63yB
UYzwz7LPTe/AYBBmvw3IApZ87+reMYjsoN0bH1Bjat7i+4gWXmfXHsOkwPqYy6JV
Lh97dPlikLiOOel0gccinKPjeZ2dqN2ZESvWudcEVV5VYF4fndsr12GFTehGLG4g
niylXX64FTN4yqVDR7uSKHxUUJxyq83vudcV+EKsCIvaQX3H63RCrBpr7iKUnSvU
5cwOZw2eHBze76odxy1kqXneLZAT0n59oYoAl+SRMiNdKTbPIP8wvOUN9Ya/AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUDvsgsNcofGIT2g6Z1xOTrgcC/IEwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzkzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTRjMA0G
CSqGSIb3DQEBCwUAA4IBAQBmTZ9x4Al372BrE/sfrp7zXmfibykwUjYFJ9SxjvDY
DsYDMWQgrXxu+v6sTx1z3LJPNYJ+ReSmK31gFv9kEHy3mJz8ShNLHywS35UUTi19
QTxnD9RDiUrR5k+OsfexW8R7uYiDaPmFF+wmzAOKdRCwsxXZOB8QP5+YuOF3c029
UhOZMZSMKFWV2j9DhfkAPipc+0pBaSWyPytq110cKHuzxehmsPozc5mQuewLVp11
W8CLJ2TjiAGQDpIkzqWCVhj+k2xfTty8/mPoH5qYCWo7xd3/WJQ4aMi/aLPNtrjD
J7EriZiAcYfU3gs2o2dlBjkVClbAbaaWu0Ouu2Ok6864
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org