Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/2uZxWNiiNlEm9OoKKcdvwT2HKMw.roa
File: 2uZxWNiiNlEm9OoKKcdvwT2HKMw.roa (raw, json)
Hash identifier: REMiCEt16bcTQl/DRObAABSgLCCm5EBbI6gqnj1bf4c=
Subject key identifier: DA:E6:71:58:D8:A2:36:51:26:F4:EA:0A:29:C7:6F:C1:3D:87:28:CC
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 019425FDDA32172A8494C3AF8CF1E55B59DF
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/2uZxWNiiNlEm9OoKKcdvwT2HKMw.roa
Signing time: Thu 02 Jan 2025 07:49:40 +0000
ROA not before: Thu 02 Jan 2025 07:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214996
IP address blocks: 152.53.31.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.52.0/22 maxlen: 22
152.53.68.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 25 Feb 2025 10:59:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:da:32:17:2a:84:94:c3:af:8c:f1:e5:5b:59:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Jan 2 07:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dae67158d8a2365126f4ea0a29c76fc13d8728cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4b:af:35:12:d8:db:89:ba:b6:c1:9b:92:e8:
78:4f:94:af:d1:e5:82:ce:d2:a2:7d:ad:96:6a:28:
da:ab:bc:ce:f3:52:58:3d:3a:0d:f3:a3:46:c5:92:
15:bf:82:6f:9b:df:e1:d8:ff:67:56:cb:51:88:b6:
55:7c:ce:3c:8f:03:2a:61:2e:30:93:02:5a:86:46:
50:59:28:65:9d:1f:45:2b:73:fe:1a:ed:60:23:01:
5d:b1:6f:bf:58:61:9a:b2:9e:23:c0:2a:e9:da:1d:
3d:83:51:b1:86:91:34:ab:cc:56:8f:a8:0d:3b:f8:
e9:44:6a:e6:37:18:e9:09:66:ad:11:31:9a:8d:a8:
61:09:6d:a6:b3:e0:fc:74:98:4a:3a:a7:64:63:38:
9c:8a:aa:ab:f1:ed:a8:b5:a2:e6:2b:5b:cb:19:fc:
33:c3:0f:22:80:2a:ae:21:17:51:c8:62:32:53:42:
4d:52:ad:f3:50:86:e8:4e:3e:4d:aa:26:eb:f7:78:
89:de:cc:0f:d5:50:72:8d:d3:bd:6d:ef:7a:89:5b:
a4:f6:8f:c0:74:19:c5:39:2a:dd:e9:e9:ac:1d:d3:
d8:1f:1e:9c:88:c3:8c:99:44:25:cd:3a:99:13:51:
01:6c:c9:25:99:2e:8b:db:10:d3:a1:ac:5d:9c:15:
01:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E6:71:58:D8:A2:36:51:26:F4:EA:0A:29:C7:6F:C1:3D:87:28:CC
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/2uZxWNiiNlEm9OoKKcdvwT2HKMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.31.0/24
152.53.36.0/22
152.53.52.0/22
152.53.68.0/24
152.53.80.0/22
152.53.88.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:a9:8e:05:7b:ac:07:25:ab:b0:a4:c7:3f:21:5b:91:2d:4a:
e8:9e:f8:13:e7:a4:43:90:8f:f7:01:4f:45:d4:40:53:e7:ef:
fb:af:d4:2f:ae:f9:a9:00:0e:cd:fa:91:d2:58:98:92:03:f1:
ff:1c:cf:e6:18:f6:af:d7:54:bd:e2:4f:1b:39:c5:74:dd:1a:
a2:48:46:fb:a0:4e:94:ec:9d:4b:97:0f:60:a8:eb:99:3a:7a:
63:71:db:68:0d:08:5d:f0:53:b7:f3:f4:08:1e:b2:dd:c6:f5:
f0:36:e8:2a:07:2e:bc:bf:47:22:25:79:92:d8:7c:42:6f:93:
08:8d:96:3a:29:18:4c:66:17:fd:a5:98:45:5a:b2:83:30:b6:
ad:ee:e7:75:50:5e:29:20:fa:0e:52:fc:51:54:5c:f0:0d:2e:
4f:4a:5b:c3:5e:46:d0:5f:46:a4:9c:17:6f:b1:c3:a0:11:a7:
2d:39:f0:6d:63:b8:45:32:92:e3:8d:63:a0:c5:f1:fa:6d:c9:
ae:14:ea:e1:9a:9d:17:d0:c2:df:2c:f6:f8:dc:4a:ba:94:2b:
89:1a:bd:a6:b3:82:0d:3e:85:db:61:89:1f:b9:7e:c7:2b:23:
c7:b9:0f:19:18:7f:bd:46:ae:7e:6c:fd:a2:63:95:e3:07:05:
16:a2:45:37
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQl/doyFyqElMOvjPHlW1nfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwMTAyMDc0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWU2NzE1OGQ4YTIzNjUxMjZmNGVhMGEyOWM3NmZjMTNkODcyOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkuvNRLY24m6tsGbkuh4T5Sv0eWC
ztKifa2Waijaq7zO81JYPToN86NGxZIVv4Jvm9/h2P9nVstRiLZVfM48jwMqYS4w
kwJahkZQWShlnR9FK3P+Gu1gIwFdsW+/WGGasp4jwCrp2h09g1GxhpE0q8xWj6gN
O/jpRGrmNxjpCWatETGajahhCW2ms+D8dJhKOqdkYziciqqr8e2otaLmK1vLGfwz
ww8igCquIRdRyGIyU0JNUq3zUIboTj5Nqibr93iJ3swP1VByjdO9be96iVuk9o/A
dBnFOSrd6emsHdPYHx6ciMOMmUQlzTqZE1EBbMklmS6L2xDToaxdnBUBAwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNrmcVjYojZRJvTqCinHb8E9hyjMMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvMnVaeFdOaWlObEVtOU9vS0tjZHZ3VDJIS013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAmDUfAwQC
mDUkAwQCmDU0AwQAmDVEAwQCmDVQAwQCmDVYMA0GCSqGSIb3DQEBCwUAA4IBAQCf
qY4Fe6wHJauwpMc/IVuRLUronvgT56RDkI/3AU9F1EBT5+/7r9QvrvmpAA7N+pHS
WJiSA/H/HM/mGPav11S94k8bOcV03RqiSEb7oE6U7J1Llw9gqOuZOnpjcdtoDQhd
8FO38/QIHrLdxvXwNugqBy68v0ciJXmS2HxCb5MIjZY6KRhMZhf9pZhFWrKDMLat
7ud1UF4pIPoOUvxRVFzwDS5PSlvDXkbQX0aknBdvscOgEactOfBtY7hFMpLjjWOg
xfH6bcmuFOrhmp0X0MLfLPb43Eq6lCuJGr2ms4INPoXbYYkfuX7HKyPHuQ8ZGH+9
Rq5+bP2iY5XjBwUWokU3
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:23:36 2025 by rpki-client