Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/5AgUwXr8fmOZ13YwBU2YocLHC7o.roa
File: 5AgUwXr8fmOZ13YwBU2YocLHC7o.roa (raw, json)
Hash identifier: d037rQhKuE0YcqKG7cuxIWxI0AdHq8PQfQl7tVwOJ/E=
Subject key identifier: E4:08:14:C1:7A:FC:7E:63:99:D7:76:30:05:4D:98:A1:C2:C7:0B:BA
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0191B82FE441D21D52026A202B08C9F755E1
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/5AgUwXr8fmOZ13YwBU2YocLHC7o.roa
Signing time: Tue 03 Sep 2024 14:00:32 +0000
ROA not before: Tue 03 Sep 2024 14:00:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.5.0/24 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
152.53.44.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.64.0/22 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 24 Sep 2024 12:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b8:2f:e4:41:d2:1d:52:02:6a:20:2b:08:c9:f7:55:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Sep 3 14:00:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e40814c17afc7e6399d77630054d98a1c2c70bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:3c:f1:91:ef:cf:2d:13:3a:6c:a1:5a:1d:76:
74:c6:6b:d9:d7:81:cd:6a:37:30:99:9d:3a:8d:a8:
08:d9:54:22:28:f3:a9:90:93:6a:54:2e:31:c1:56:
a7:f7:68:7f:7a:a2:60:35:b2:8e:32:68:5a:43:32:
b4:0f:30:5b:a4:1e:7b:56:b4:7f:0c:42:da:cf:92:
3e:fd:0a:2f:73:50:ff:42:fb:82:e0:61:79:da:01:
d8:a9:89:fc:71:59:2a:34:3c:29:bc:75:55:30:12:
f2:15:e0:7b:9f:60:33:b0:18:fb:ed:cc:eb:f2:80:
8c:02:7f:15:19:94:07:bc:05:d0:1c:03:03:b2:71:
b7:a2:61:43:08:06:14:5c:ed:d3:d1:e4:74:b9:a4:
72:07:1d:2c:9a:26:3b:3b:cf:7b:ad:c2:a0:86:26:
2f:37:dc:c1:f5:16:91:82:18:62:34:8f:48:17:0c:
3d:bd:19:b1:45:02:48:b8:9e:05:a6:59:0f:4f:d4:
52:dd:7a:fe:c9:58:d7:5b:15:1f:0c:19:30:b5:bd:
a5:8b:f8:24:92:fc:ef:ae:55:0d:5d:96:6f:36:1d:
68:b7:32:68:d3:bf:14:fc:6c:69:09:25:b7:46:41:
07:54:d9:c1:de:1c:9d:92:bf:6d:f8:74:b9:eb:d7:
e6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:08:14:C1:7A:FC:7E:63:99:D7:76:30:05:4D:98:A1:C2:C7:0B:BA
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/5AgUwXr8fmOZ13YwBU2YocLHC7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:6b:35:7e:6a:7d:9b:18:ff:ff:32:05:df:e9:c2:3b:f8:eb:
9a:af:49:c3:fb:15:88:35:45:2c:8b:9a:eb:39:02:26:58:10:
34:fc:78:76:f1:8c:ef:11:25:29:2a:ba:76:9e:3f:97:ba:f4:
86:79:bf:83:1c:70:67:b2:ac:8b:76:13:e5:e3:d6:01:32:bf:
27:c3:ea:21:60:9c:db:e1:fa:97:49:d9:f6:cc:d9:6d:88:0c:
55:50:a8:53:a8:40:aa:37:3e:95:67:69:21:da:ad:b3:43:31:
32:5b:d3:c8:f1:b7:ca:d4:2c:1f:6d:19:ef:fa:6f:28:55:66:
26:ac:99:71:6c:3d:f8:75:32:1b:53:cf:01:52:5e:a8:0a:d9:
c1:69:e0:7f:f8:2d:82:0c:36:1b:f3:c7:1c:a3:fc:c0:1c:65:
c9:54:40:1c:cc:f3:94:d7:4f:c1:93:08:d9:de:09:4c:84:d8:
62:35:66:de:9d:27:ce:a4:58:2d:38:5f:ce:76:99:be:9a:8c:
4a:41:9f:29:53:32:be:de:ad:05:69:6b:08:0f:6a:45:22:e1:
4a:fb:23:5d:3b:72:77:d2:3f:b6:1d:d6:8f:7b:4e:c8:28:82:
bd:36:7e:ed:b7:13:cc:29:cf:78:6a:08:ba:5e:26:ca:79:2a:
48:04:41:a8
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZG4L+RB0h1SAmogKwjJ91XhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwOTAzMTQwMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDA4MTRjMTdhZmM3ZTYzOTlkNzc2MzAwNTRkOThhMWMyYzcwYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jzxke/PLRM6bKFaHXZ0xmvZ14HN
ajcwmZ06jagI2VQiKPOpkJNqVC4xwVan92h/eqJgNbKOMmhaQzK0DzBbpB57VrR/
DELaz5I+/Qovc1D/QvuC4GF52gHYqYn8cVkqNDwpvHVVMBLyFeB7n2AzsBj77czr
8oCMAn8VGZQHvAXQHAMDsnG3omFDCAYUXO3T0eR0uaRyBx0smiY7O897rcKghiYv
N9zB9RaRghhiNI9IFww9vRmxRQJIuJ4FplkPT9RS3Xr+yVjXWxUfDBkwtb2li/gk
kvzvrlUNXZZvNh1otzJo078U/GxpCSW3RkEHVNnB3hydkr9t+HS569fm2wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFOQIFMF6/H5jmdd2MAVNmKHCxwu6MB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvNUFnVXdYcjhmbU9aMTNZd0JVMllvY0xIQzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAGlrNX5qfZsY//8yBd/pwjv465qvScP7FYg1RSyLmus5
AiZYEDT8eHbxjO8RJSkqunaeP5e69IZ5v4MccGeyrIt2E+Xj1gEyvyfD6iFgnNvh
+pdJ2fbM2W2IDFVQqFOoQKo3PpVnaSHarbNDMTJb08jxt8rULB9tGe/6byhVZias
mXFsPfh1MhtTzwFSXqgK2cFp4H/4LYIMNhvzxxyj/MAcZclUQBzM85TXT8GTCNne
CUyE2GI1Zt6dJ86kWC04X852mb6ajEpBnylTMr7erQVpawgPakUi4Ur7I107cnfS
P7Yd1o97Tsgogr02fu23E8wpz3hqCLpeJsp5KkgEQag=
-----END CERTIFICATE-----
Generated at Tue Sep 24 14:45:34 2024 by rpki-client on console-fra.rpki-client.org