Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/4wYeC8OxcPdRTqT2PbLTUcqiT8Y.roa
File: 4wYeC8OxcPdRTqT2PbLTUcqiT8Y.roa (raw, json)
Hash identifier: NsKzN3mjM2L6Fz3o0BVd2d1Tp3wam1c6reafjqC6ruY=
Subject key identifier: E3:06:1E:0B:C3:B1:70:F7:51:4E:A4:F6:3D:B2:D3:51:CA:A2:4F:C6
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 018B0550CF19D64EC36D29E33386C4FE9677
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/4wYeC8OxcPdRTqT2PbLTUcqiT8Y.roa
Signing time: Fri 06 Oct 2023 14:07:43 +0000
ROA not before: Fri 06 Oct 2023 14:07:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.69.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.0.0/16 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:05:50:cf:19:d6:4e:c3:6d:29:e3:33:86:c4:fe:96:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Oct 6 14:07:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3061e0bc3b170f7514ea4f63db2d351caa24fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e8:e0:43:ab:4c:92:c0:82:d0:de:53:57:2d:
90:98:5c:e7:9a:0a:76:9a:a5:12:c0:55:19:3d:66:
6c:0d:38:f9:63:18:92:10:63:c4:8a:b1:f0:c3:82:
27:bb:dc:94:b4:cd:58:44:bf:67:f2:87:99:d0:d3:
27:0b:97:15:ee:ce:d2:2b:5a:d8:4b:e5:3a:dd:98:
2a:d3:93:69:8b:c1:84:c8:9f:12:16:97:50:a0:8e:
e4:82:c7:87:a1:56:3e:b0:6b:0d:90:cd:9b:5e:b4:
1c:61:35:20:b2:8e:59:5d:8a:29:83:09:96:e9:1e:
99:ee:38:58:46:d9:7c:7d:62:a4:b6:7c:8a:03:b1:
c1:5c:2b:df:84:f1:b0:8f:6e:e9:e6:f6:04:cc:36:
4b:59:b9:7d:c1:22:d5:83:3a:83:8d:64:82:d5:16:
32:df:0a:5a:da:55:5f:68:16:44:25:d8:92:91:a3:
e9:b8:d3:32:52:f2:c3:49:e3:a8:34:88:38:ca:0c:
28:33:74:9e:2b:cc:ee:1d:24:29:c5:19:bf:3f:cb:
ac:9b:1d:3b:ab:f0:f8:32:1d:3e:9a:ba:fe:75:28:
10:9c:7f:59:05:75:86:2c:d1:50:e1:2d:ef:40:87:
3c:d9:27:50:db:d5:c4:b8:a5:3a:aa:ac:1d:a2:60:
eb:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:06:1E:0B:C3:B1:70:F7:51:4E:A4:F6:3D:B2:D3:51:CA:A2:4F:C6
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/4wYeC8OxcPdRTqT2PbLTUcqiT8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:c0:0c:8f:88:7f:55:f7:b8:93:c2:0e:4e:a0:ed:87:b1:57:
f0:56:e9:d2:a9:05:bd:42:1d:34:1d:77:0f:0a:82:01:dd:de:
02:f8:43:cb:59:4f:78:c4:4f:df:6c:20:01:71:54:a3:f2:c4:
81:19:36:91:05:26:7a:92:af:4d:d8:09:97:9a:58:ee:1b:60:
48:38:9c:b9:b5:d1:5c:36:1d:67:44:94:68:e7:3f:d1:0e:15:
00:7c:a7:c0:28:58:60:56:e3:b0:13:cc:0d:32:d5:53:b4:a4:
a1:52:0d:8b:6a:fc:ae:34:71:f8:05:68:f3:2c:0b:91:aa:95:
ae:a8:48:35:a4:bf:9c:84:0a:e9:da:95:d3:30:eb:c0:a9:da:
af:b8:64:68:ae:27:84:84:b7:0f:7a:24:9c:c8:c0:b1:26:02:
b3:08:27:72:6d:4a:47:ae:ee:6b:6d:dc:6c:9a:14:c1:77:9c:
bb:69:17:19:7d:d4:69:23:f8:e7:25:81:e2:26:6a:f8:30:f1:
9d:0a:c2:3c:8b:ac:81:af:6b:74:67:7e:c1:7d:a1:d2:99:46:
55:97:33:d8:1a:c5:07:ae:c9:f1:60:e6:e0:71:9a:84:a9:70:
a4:5b:ac:3f:37:f0:76:09:77:2f:c9:1e:14:77:e2:b8:30:30:
d5:10:3d:57
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYsFUM8Z1k7DbSnjM4bE/pZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjMxMDA2MTQwNzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzA2MWUwYmMzYjE3MGY3NTE0ZWE0ZjYzZGIyZDM1MWNhYTI0ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkejgQ6tMksCC0N5TVy2QmFznmgp2
mqUSwFUZPWZsDTj5YxiSEGPEirHww4Inu9yUtM1YRL9n8oeZ0NMnC5cV7s7SK1rY
S+U63Zgq05Npi8GEyJ8SFpdQoI7kgseHoVY+sGsNkM2bXrQcYTUgso5ZXYopgwmW
6R6Z7jhYRtl8fWKktnyKA7HBXCvfhPGwj27p5vYEzDZLWbl9wSLVgzqDjWSC1RYy
3wpa2lVfaBZEJdiSkaPpuNMyUvLDSeOoNIg4ygwoM3SeK8zuHSQpxRm/P8usmx07
q/D4Mh0+mrr+dSgQnH9ZBXWGLNFQ4S3vQIc82SdQ29XEuKU6qqwdomDrbwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFOMGHgvDsXD3UU6k9j2y01HKok/GMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvNHdZZUM4T3hjUGRSVHFUMlBiTFRVY3FpVDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAJ3ADI+If1X3uJPCDk6g7YexV/BW6dKpBb1CHTQddw8K
ggHd3gL4Q8tZT3jET99sIAFxVKPyxIEZNpEFJnqSr03YCZeaWO4bYEg4nLm10Vw2
HWdElGjnP9EOFQB8p8AoWGBW47ATzA0y1VO0pKFSDYtq/K40cfgFaPMsC5Gqla6o
SDWkv5yECunaldMw68Cp2q+4ZGiuJ4SEtw96JJzIwLEmArMIJ3JtSkeu7mtt3Gya
FMF3nLtpFxl91Gkj+OclgeImavgw8Z0KwjyLrIGva3RnfsF9odKZRlWXM9gaxQeu
yfFg5uBxmoSpcKRbrD838HYJdy/JHhR34rgwMNUQPVc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:16 2024 by rpki-client on console-ams.rpki-client.org