Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/1-EiC1W0jvOy4sqBxwx4sW8NCyJ0.roa
File: 1-EiC1W0jvOy4sqBxwx4sW8NCyJ0.roa (raw, json)
Hash identifier: UYlAXEP+9n1umOmvApvLy8c9iBCRYsA+utHa81Tx7Fg=
Subject key identifier: F8:48:82:D5:6D:23:BC:EC:B8:B2:A0:71:C3:1E:2C:5B:C3:42:C8:9D
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 019585A4D26930E4C6559E3E52946CEC1BD5
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/1-EiC1W0jvOy4sqBxwx4sW8NCyJ0.roa
Signing time: Tue 11 Mar 2025 14:38:46 +0000
ROA not before: Tue 11 Mar 2025 14:38:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8412
IP address blocks: 152.53.234.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 13 Mar 2025 10:58:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:85:a4:d2:69:30:e4:c6:55:9e:3e:52:94:6c:ec:1b:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Mar 11 14:38:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f84882d56d23bcecb8b2a071c31e2c5bc342c89d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7a:f5:78:61:71:73:ea:5e:17:ae:ff:11:ba:
29:0e:9a:e0:12:ba:20:92:8f:b6:1b:de:e5:86:66:
95:ae:c8:4d:da:1e:cc:a8:d7:0d:3e:ab:61:7e:c9:
d3:7a:03:f7:e9:f2:17:34:f5:d1:be:aa:76:06:66:
ea:bc:e6:1c:74:cc:22:fd:cd:16:43:3e:b3:97:4f:
d6:3b:17:ff:b8:42:77:e3:25:05:b0:29:82:b3:57:
c7:ea:6e:98:b1:59:53:54:a0:d6:b0:1c:b9:72:14:
70:fe:6f:05:e1:7a:ff:f1:e5:1e:4b:66:a5:19:b4:
61:ed:12:3e:b7:6c:02:75:5f:61:6e:e4:98:30:99:
4c:ef:51:75:60:3a:48:aa:cf:3f:39:e7:5d:e4:6c:
59:28:fd:41:93:fe:33:fe:2e:a0:93:10:bd:a1:39:
9b:56:b9:00:13:80:0d:f0:c1:7a:dd:f6:ea:2c:38:
06:16:05:c2:d6:4a:db:94:13:00:80:4d:19:2b:7a:
20:a2:61:55:8d:4e:1c:0f:30:f6:61:f4:54:da:57:
65:06:13:76:73:00:bc:8f:72:eb:75:be:23:d1:9c:
92:a5:2d:fc:00:47:33:5b:0d:c7:df:06:f0:3c:5c:
9e:ca:bc:f4:80:6d:12:76:c6:6e:c7:ca:03:4b:c8:
fb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:48:82:D5:6D:23:BC:EC:B8:B2:A0:71:C3:1E:2C:5B:C3:42:C8:9D
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/1-EiC1W0jvOy4sqBxwx4sW8NCyJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.234.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:9b:0e:3b:6c:76:be:0a:57:0d:80:eb:47:d8:cb:85:c4:f6:
d5:e8:51:9a:96:bb:9e:e6:02:e8:da:62:16:3c:34:0b:e4:7c:
81:b9:e5:a3:2e:fb:52:b5:40:5f:af:7b:c9:95:7c:05:42:1c:
2d:c7:4b:55:bc:bd:b6:b9:c6:10:34:35:dd:59:35:6f:f7:77:
e6:1e:96:31:86:81:ae:cb:28:68:75:e2:c6:c7:18:a0:6f:19:
f9:84:e3:ca:68:68:21:6f:c1:87:6b:01:de:96:7e:56:17:3c:
f3:45:76:ee:b4:95:a3:d6:ad:eb:bf:58:16:ac:a2:85:23:52:
94:54:f1:c8:25:b5:49:e3:c5:9b:e2:cb:40:5b:ca:88:87:68:
02:6c:a5:68:71:23:d2:c6:4e:48:da:31:6f:d1:ce:cc:5a:1a:
ca:fc:4c:08:91:bb:02:39:43:0b:cd:71:0c:8d:cb:c3:08:30:
6c:6c:11:86:de:a0:29:4c:d3:8e:5b:29:8b:e0:3f:d7:b8:b3:
b3:5c:70:46:59:f2:66:86:d4:ce:db:90:d3:c0:7c:ad:eb:bd:
02:f6:e8:98:63:4f:a3:d6:b5:03:a5:d4:ed:11:41:b9:e6:ef:
27:68:b6:d2:3c:59:76:3b:55:f1:73:fa:9d:f6:46:99:c7:64:
c4:80:38:66
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZWFpNJpMOTGVZ4+UpRs7BvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwMzExMTQzODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODQ4ODJkNTZkMjNiY2VjYjhiMmEwNzFjMzFlMmM1YmMzNDJjODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3r1eGFxc+peF67/EbopDprgErog
ko+2G97lhmaVrshN2h7MqNcNPqthfsnTegP36fIXNPXRvqp2BmbqvOYcdMwi/c0W
Qz6zl0/WOxf/uEJ34yUFsCmCs1fH6m6YsVlTVKDWsBy5chRw/m8F4Xr/8eUeS2al
GbRh7RI+t2wCdV9hbuSYMJlM71F1YDpIqs8/Oedd5GxZKP1Bk/4z/i6gkxC9oTmb
VrkAE4AN8MF63fbqLDgGFgXC1krblBMAgE0ZK3ogomFVjU4cDzD2YfRU2ldlBhN2
cwC8j3Lrdb4j0ZySpS38AEczWw3H3wbwPFyeyrz0gG0SdsZux8oDS8j7AQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPhIgtVtI7zsuLKgccMeLFvDQsidMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvMS1FaUMxVzBqdk95NHNxQnh3eDRzVzhOQ3lKMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODAvNzMwZmM1LTczMDEtNGE2MC04NmQxLTdkYjY4NjhkODQ3
NC8xLzBBczN0dlMwUldSZWFaT3B4ZXhnaEpKQ1h3NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZg16jAN
BgkqhkiG9w0BAQsFAAOCAQEAHpsOO2x2vgpXDYDrR9jLhcT21ehRmpa7nuYC6Npi
Fjw0C+R8gbnloy77UrVAX697yZV8BUIcLcdLVby9trnGEDQ13Vk1b/d35h6WMYaB
rssoaHXixscYoG8Z+YTjymhoIW/Bh2sB3pZ+Vhc880V27rSVo9at679YFqyihSNS
lFTxyCW1SePFm+LLQFvKiIdoAmylaHEj0sZOSNoxb9HOzFoayvxMCJG7AjlDC81x
DI3LwwgwbGwRht6gKUzTjlspi+A/17izs1xwRlnyZobUztuQ08B8reu9AvbomGNP
o9a1A6XU7RFBuebvJ2i20jxZdjtV8XP6nfZGmcdkxIA4Zg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:33:45 2025 by rpki-client