Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/7qL62BXYr8IEkCevTPkR6ghFMUU.roa
File: 7qL62BXYr8IEkCevTPkR6ghFMUU.roa (raw, json)
Hash identifier: gMX9hpAR2OuF7HZakgOtL8jR5W3WWtCZSKkveuMut9s=
Subject key identifier: EE:A2:FA:D8:15:D8:AF:C2:04:90:27:AF:4C:F9:11:EA:08:45:31:45
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0192580310E66AD097389493274D2F36FD09
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/7qL62BXYr8IEkCevTPkR6ghFMUU.roa
Signing time: Fri 04 Oct 2024 14:50:48 +0000
ROA not before: Fri 04 Oct 2024 14:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214996
IP address blocks: 152.53.31.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.52.0/22 maxlen: 22
152.53.80.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 16 Oct 2024 11:38:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:58:03:10:e6:6a:d0:97:38:94:93:27:4d:2f:36:fd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Oct 4 14:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eea2fad815d8afc2049027af4cf911ea08453145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1d:3a:03:ad:4e:9e:9a:2c:18:fd:ae:3c:64:
ff:6a:90:39:60:b0:a3:8c:11:4e:c7:bc:84:9d:35:
5e:16:68:92:fe:75:80:ba:40:d6:3f:80:28:a0:ff:
09:21:8d:df:52:55:a9:43:9f:92:1a:3b:ae:74:32:
7d:91:ec:25:b2:15:3d:9c:97:e6:0a:4a:bd:6d:38:
13:25:6c:83:fd:da:b5:39:bf:54:bc:ed:8f:2e:2a:
bc:19:80:06:47:0e:97:40:53:53:3b:69:30:38:85:
b2:46:4e:c2:79:e0:ab:9f:f3:05:cb:c6:3c:70:12:
ba:0b:1f:e2:fc:55:b9:e4:67:c4:d9:b7:6a:a3:b4:
a2:06:00:f8:de:30:6b:3a:d2:52:6d:91:95:ea:aa:
b2:13:c9:e5:39:3a:68:61:99:5c:f6:78:6d:2f:fe:
2f:f3:b0:aa:32:47:bc:ea:5c:2a:bb:e7:38:09:0e:
1c:06:20:9c:a2:cb:0a:67:59:a8:b8:57:64:cb:a3:
31:c8:ca:af:bf:d4:cf:8e:e2:a8:e9:8f:27:44:84:
94:3a:ce:a1:e9:ed:96:b9:e3:5f:9c:de:76:45:88:
2d:8c:89:b6:5e:7e:dd:ff:79:a8:e5:95:2e:76:fb:
85:d5:af:5e:7e:67:46:cc:01:7c:22:ad:d6:34:97:
38:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A2:FA:D8:15:D8:AF:C2:04:90:27:AF:4C:F9:11:EA:08:45:31:45
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/7qL62BXYr8IEkCevTPkR6ghFMUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.31.0/24
152.53.36.0/22
152.53.52.0/22
152.53.80.0/22
Signature Algorithm: sha256WithRSAEncryption
75:fb:25:49:9e:97:0d:d8:04:0f:be:98:93:7b:2f:c2:b7:6d:
c4:fc:1e:5f:69:e8:8b:96:4d:ff:44:ee:ba:45:8a:0f:6f:e2:
20:e8:af:84:48:5c:fa:52:13:a8:e4:d8:14:cb:de:77:59:cb:
21:72:96:25:4c:0c:c6:5c:f8:f8:dc:e4:ac:71:b6:0c:90:70:
99:b4:93:6d:a2:a2:07:7c:f6:09:af:61:fb:e4:5e:54:c6:49:
56:60:1e:aa:4d:12:76:96:a1:d9:2a:68:00:c9:0f:4f:dc:b8:
8b:e8:81:59:b6:53:68:35:75:0c:24:83:74:ce:43:6b:34:5a:
ae:ad:8b:b3:cf:34:9e:9e:19:88:27:6e:42:11:0b:fa:12:4b:
a0:8d:c0:82:2f:9b:0a:5d:1f:07:e6:2c:8b:40:09:c5:91:fc:
1d:6a:da:54:49:16:9d:14:06:31:4a:e8:9a:e1:25:b8:de:4a:
53:ff:12:be:7f:e1:85:71:42:c9:00:cb:8e:d1:ee:d8:dd:e6:
5c:20:03:b7:70:96:a8:74:ac:58:12:d7:f0:61:44:ee:74:57:
43:dd:b3:03:35:d7:b2:26:00:25:b2:e9:c0:64:f1:c8:d4:91:
08:36:65:a3:25:ed:54:35:a9:07:89:60:c5:2c:49:10:1a:a9:
79:77:fd:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJYAxDmatCXOJSTJ00vNv0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQxMDA0MTQ1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWEyZmFkODE1ZDhhZmMyMDQ5MDI3YWY0Y2Y5MTFlYTA4NDUzMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh06A61OnposGP2uPGT/apA5YLCj
jBFOx7yEnTVeFmiS/nWAukDWP4AooP8JIY3fUlWpQ5+SGjuudDJ9kewlshU9nJfm
Ckq9bTgTJWyD/dq1Ob9UvO2PLiq8GYAGRw6XQFNTO2kwOIWyRk7CeeCrn/MFy8Y8
cBK6Cx/i/FW55GfE2bdqo7SiBgD43jBrOtJSbZGV6qqyE8nlOTpoYZlc9nhtL/4v
87CqMke86lwqu+c4CQ4cBiCcossKZ1mouFdky6MxyMqvv9TPjuKo6Y8nRISUOs6h
6e2WueNfnN52RYgtjIm2Xn7d/3mo5ZUudvuF1a9efmdGzAF8Iq3WNJc4uQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO6i+tgV2K/CBJAnr0z5EeoIRTFFMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvN3FMNjJCWFlyOElFa0NldlRQa1I2Z2hGTVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAmDUfAwQC
mDUkAwQCmDU0AwQCmDVQMA0GCSqGSIb3DQEBCwUAA4IBAQB1+yVJnpcN2AQPvpiT
ey/Ct23E/B5faeiLlk3/RO66RYoPb+Ig6K+ESFz6UhOo5NgUy953WcshcpYlTAzG
XPj43OSscbYMkHCZtJNtoqIHfPYJr2H75F5UxklWYB6qTRJ2lqHZKmgAyQ9P3LiL
6IFZtlNoNXUMJIN0zkNrNFqurYuzzzSenhmIJ25CEQv6EkugjcCCL5sKXR8H5iyL
QAnFkfwdatpUSRadFAYxSuia4SW43kpT/xK+f+GFcULJAMuO0e7Y3eZcIAO3cJao
dKxYEtfwYUTudFdD3bMDNdeyJgAlsunAZPHI1JEINmWjJe1UNakHiWDFLEkQGql5
d/3N
-----END CERTIFICATE-----
Generated at Wed Oct 16 15:43:23 2024 by rpki-client on console-ams.rpki-client.org