Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/5S2lIbRt76bhgWGIelscSNzLISw.roa
File: 5S2lIbRt76bhgWGIelscSNzLISw.roa (raw, json)
Hash identifier: 1k0ddQOhdo3WEm+L/ZcYNj35/P28gXpzsyuIeE5t7iQ=
Subject key identifier: E5:2D:A5:21:B4:6D:EF:A6:E1:81:61:88:7A:5B:1C:48:DC:CB:21:2C
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 019378AD18E730FDDE38A843D0891F848E0A
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/5S2lIbRt76bhgWGIelscSNzLISw.roa
Signing time: Fri 29 Nov 2024 16:07:10 +0000
ROA not before: Fri 29 Nov 2024 16:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214996
IP address blocks: 152.53.31.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.52.0/22 maxlen: 22
152.53.68.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:78:ad:18:e7:30:fd:de:38:a8:43:d0:89:1f:84:8e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Nov 29 16:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e52da521b46defa6e18161887a5b1c48dccb212c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:59:c3:e0:02:82:a6:e8:5b:f2:df:cb:c8:b5:
cc:f7:aa:9b:2e:ef:75:eb:82:53:9c:a4:d4:88:11:
37:a7:15:a1:53:73:97:87:df:23:8b:83:dc:a1:2e:
f5:94:ea:46:d0:a1:c5:0a:c1:bc:83:cd:90:04:5d:
ae:2b:d5:e9:10:f1:c9:75:8e:fa:c7:06:a0:97:0a:
bc:f0:e2:22:48:2b:c5:5a:ea:3e:0b:38:92:f9:4e:
81:e6:24:d9:f7:c5:94:06:fd:25:e3:d5:ca:a3:2e:
86:f5:c6:13:a3:bb:f6:5d:d5:55:a3:56:d9:ed:bc:
71:87:85:bd:17:87:fa:8d:d8:6c:95:c7:c1:6d:16:
30:87:c0:2a:c4:6a:b6:81:de:6c:33:00:d7:80:d0:
c1:3f:c6:30:0e:6c:34:8f:8a:52:de:71:47:6f:42:
2a:5f:25:16:2c:a4:7a:94:0d:60:ee:58:ff:8e:5d:
4f:53:a0:cb:60:b9:4f:1a:d1:67:57:56:18:b0:c2:
03:f2:ff:b8:14:12:cb:0d:eb:28:34:fe:4e:e3:e3:
1d:ef:42:7f:2c:a8:e2:4d:07:d4:5d:53:99:d6:fb:
23:e3:80:55:b4:c6:78:3b:c7:19:80:b4:60:96:dc:
b1:1e:fd:b8:47:74:b7:5b:66:f1:1f:79:ed:b2:74:
55:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:2D:A5:21:B4:6D:EF:A6:E1:81:61:88:7A:5B:1C:48:DC:CB:21:2C
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/5S2lIbRt76bhgWGIelscSNzLISw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.31.0/24
152.53.36.0/22
152.53.52.0/22
152.53.68.0/24
152.53.80.0/22
152.53.88.0/22
Signature Algorithm: sha256WithRSAEncryption
66:44:9d:0a:6e:49:ee:85:5f:3a:06:f5:de:05:23:b4:7e:d1:
a0:03:67:6c:39:04:04:ac:f3:3a:b6:06:8e:48:cc:71:42:69:
7f:25:01:68:98:c6:e6:8f:c4:03:7b:9a:c1:04:bd:0a:6d:b9:
97:89:b5:75:4d:60:ee:32:75:4a:fc:7e:74:6d:84:44:ce:8a:
e8:de:48:90:16:50:c5:53:49:92:73:bb:73:ea:9e:95:7d:66:
a6:7c:e2:73:2c:25:3b:38:d2:e1:5b:25:3a:55:5b:dc:08:97:
46:1c:1e:7d:10:10:f7:6c:7a:d7:de:3b:4d:2f:fb:96:83:fa:
a4:9d:5e:79:5d:52:2c:57:fd:68:5a:e2:ea:2c:f3:59:fd:9d:
f7:1e:0a:24:f8:8e:a3:20:50:07:87:fd:0a:a7:e4:a3:15:01:
9e:d2:b7:ef:a1:99:3a:47:ab:73:ff:4c:0b:d3:a4:60:9f:0a:
9f:93:18:de:fa:02:0a:3b:1d:43:8c:5d:af:e5:b6:f3:0d:f5:
14:8d:82:b7:31:37:c7:99:d2:ea:f6:1a:dc:80:76:ad:1c:c5:
ee:b9:95:64:1f:77:e6:c1:09:52:b2:05:0d:8f:fd:d1:ad:52:
fb:e8:be:49:1b:45:db:c4:46:a3:e5:65:8b:41:3b:64:ec:9b:
7e:4f:67:46
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZN4rRjnMP3eOKhD0IkfhI4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQxMTI5MTYwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTJkYTUyMWI0NmRlZmE2ZTE4MTYxODg3YTViMWM0OGRjY2IyMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFnD4AKCpuhb8t/LyLXM96qbLu91
64JTnKTUiBE3pxWhU3OXh98ji4PcoS71lOpG0KHFCsG8g82QBF2uK9XpEPHJdY76
xwaglwq88OIiSCvFWuo+CziS+U6B5iTZ98WUBv0l49XKoy6G9cYTo7v2XdVVo1bZ
7bxxh4W9F4f6jdhslcfBbRYwh8AqxGq2gd5sMwDXgNDBP8YwDmw0j4pS3nFHb0Iq
XyUWLKR6lA1g7lj/jl1PU6DLYLlPGtFnV1YYsMID8v+4FBLLDesoNP5O4+Md70J/
LKjiTQfUXVOZ1vsj44BVtMZ4O8cZgLRgltyxHv24R3S3W2bxH3ntsnRVtQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOUtpSG0be+m4YFhiHpbHEjcyyEsMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvNVMybEliUnQ3NmJoZ1dHSWVsc2NTTnpMSVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAmDUfAwQC
mDUkAwQCmDU0AwQAmDVEAwQCmDVQAwQCmDVYMA0GCSqGSIb3DQEBCwUAA4IBAQBm
RJ0KbknuhV86BvXeBSO0ftGgA2dsOQQErPM6tgaOSMxxQml/JQFomMbmj8QDe5rB
BL0KbbmXibV1TWDuMnVK/H50bYREzoro3kiQFlDFU0mSc7tz6p6VfWamfOJzLCU7
ONLhWyU6VVvcCJdGHB59EBD3bHrX3jtNL/uWg/qknV55XVIsV/1oWuLqLPNZ/Z33
Hgok+I6jIFAHh/0Kp+SjFQGe0rfvoZk6R6tz/0wL06Rgnwqfkxje+gIKOx1DjF2v
5bbzDfUUjYK3MTfHmdLq9hrcgHatHMXuuZVkH3fmwQlSsgUNj/3RrVL76L5JG0Xb
xEaj5WWLQTtk7Jt+T2dG
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:57:33 2025 by rpki-client