Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/9XnR8r9TmO04cEoun1z86NZJ6xA.roa
File: 9XnR8r9TmO04cEoun1z86NZJ6xA.roa (raw, json)
Hash identifier: t23K1QaVN6/Z1kzTci9QTZuv1jVhJ3NtBNfbS6wmp2w=
Subject key identifier: F5:79:D1:F2:BF:53:98:ED:38:70:4A:2E:9F:5C:FC:E8:D6:49:EB:10
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 018F2EB0FF5F994EA3D070EC4DC612900483
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/9XnR8r9TmO04cEoun1z86NZJ6xA.roa
Signing time: Tue 30 Apr 2024 11:08:22 +0000
ROA not before: Tue 30 Apr 2024 11:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Jun 2024 12:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:b0:ff:5f:99:4e:a3:d0:70:ec:4d:c6:12:90:04:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Apr 30 11:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f579d1f2bf5398ed38704a2e9f5cfce8d649eb10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ee:b2:74:47:9b:f3:d0:3b:52:1c:3f:a3:4b:
37:34:26:22:63:d0:51:3e:eb:94:b5:01:60:2b:e3:
85:41:dd:70:2b:41:f3:25:e1:61:7f:ab:c8:0a:57:
2c:46:e9:71:8d:b9:97:d4:cc:2a:e0:1e:c4:11:fc:
30:22:88:23:f7:94:eb:28:22:12:20:68:4f:52:96:
c8:81:cb:65:58:b9:13:f0:67:82:63:58:d9:10:13:
e1:e2:3e:23:14:92:18:0d:e5:9e:d5:d4:27:6c:a4:
82:f1:2c:60:c2:29:3e:05:ee:af:d8:5c:19:52:33:
83:f5:a9:b7:4f:15:f6:3c:91:a9:a6:e1:51:dc:3b:
25:9c:8c:86:04:ac:be:96:b6:61:06:3c:4e:74:23:
4c:c9:61:4c:8e:a0:ea:83:40:05:11:b2:b4:bf:ad:
c2:00:db:f0:36:8b:bc:80:8c:78:59:e8:1b:0b:75:
97:43:c3:58:a8:03:52:40:28:e4:35:54:07:34:81:
cd:1d:2f:b5:71:26:95:f1:b1:b9:2a:59:83:e4:0d:
6d:74:c0:09:85:61:fc:d8:fd:32:f8:5f:58:27:32:
de:59:fb:89:5c:62:13:65:61:fc:f0:e5:22:ab:80:
31:2f:7b:20:42:d3:5d:82:80:90:36:ea:5b:20:08:
b2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:79:D1:F2:BF:53:98:ED:38:70:4A:2E:9F:5C:FC:E8:D6:49:EB:10
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/9XnR8r9TmO04cEoun1z86NZJ6xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:f7:27:5c:b4:21:f7:ba:c7:00:56:d5:bb:f7:74:54:1e:a3:
ad:b7:29:06:58:e4:5b:e7:fa:40:01:4f:ac:bf:d5:63:d8:0a:
0c:d2:16:17:fa:1a:6a:33:e1:38:0c:4b:4b:5e:e3:19:84:31:
66:98:e7:dc:ee:a6:e7:ed:32:9f:fb:af:ee:d1:17:bb:b8:08:
a1:a7:a4:1e:48:a4:70:d0:72:e6:75:dc:07:17:a8:b6:21:25:
25:5d:b3:1b:a6:d6:7d:d5:8f:e2:74:e8:51:21:30:bc:ec:d0:
b9:45:c9:6f:a3:d3:d6:32:4a:a3:8d:ff:1c:a9:69:33:2e:bf:
32:f9:53:f4:ea:ab:56:00:e6:9f:ae:c3:0d:d5:66:79:fd:52:
a9:3e:eb:08:a2:25:b1:a4:77:a9:e6:c2:83:ea:a7:fc:2c:b5:
33:b4:95:65:51:a3:d4:76:55:92:e2:ec:18:78:08:81:d7:f4:
16:88:75:a2:b1:15:80:4f:ab:66:c8:e3:0a:51:fd:55:6b:2c:
ee:d8:e0:7f:ff:a4:e2:0b:fe:c3:f0:72:4d:41:f6:b1:13:17:
e2:97:46:dd:25:92:ba:ef:2d:ec:27:63:ee:34:42:bd:fa:46:
b2:5a:be:7b:04:86:05:ab:fd:9e:6e:1b:ae:b0:ed:81:02:f3:
55:22:d9:48
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAY8usP9fmU6j0HDsTcYSkASDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwNDMwMTEwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTc5ZDFmMmJmNTM5OGVkMzg3MDRhMmU5ZjVjZmNlOGQ2NDllYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5O6ydEeb89A7Uhw/o0s3NCYiY9BR
PuuUtQFgK+OFQd1wK0HzJeFhf6vIClcsRulxjbmX1Mwq4B7EEfwwIogj95TrKCIS
IGhPUpbIgctlWLkT8GeCY1jZEBPh4j4jFJIYDeWe1dQnbKSC8Sxgwik+Be6v2FwZ
UjOD9am3TxX2PJGppuFR3DslnIyGBKy+lrZhBjxOdCNMyWFMjqDqg0AFEbK0v63C
ANvwNou8gIx4WegbC3WXQ8NYqANSQCjkNVQHNIHNHS+1cSaV8bG5KlmD5A1tdMAJ
hWH82P0y+F9YJzLeWfuJXGITZWH88OUiq4AxL3sgQtNdgoCQNupbIAiyiQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFPV50fK/U5jtOHBKLp9c/OjWSesQMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvOVhuUjhyOVRtTzA0Y0VvdW4xejg2TlpKNnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAHv3J1y0Ife6xwBW1bv3dFQeo623KQZY5Fvn+kABT6y/
1WPYCgzSFhf6Gmoz4TgMS0te4xmEMWaY59zupuftMp/7r+7RF7u4CKGnpB5IpHDQ
cuZ13AcXqLYhJSVdsxum1n3Vj+J06FEhMLzs0LlFyW+j09YySqON/xypaTMuvzL5
U/Tqq1YA5p+uww3VZnn9Uqk+6wiiJbGkd6nmwoPqp/wstTO0lWVRo9R2VZLi7Bh4
CIHX9BaIdaKxFYBPq2bI4wpR/VVrLO7Y4H//pOIL/sPwck1B9rETF+KXRt0lkrrv
LewnY+40Qr36RrJavnsEhgWr/Z5uG66w7YEC81Ui2Ug=
-----END CERTIFICATE-----
Generated at Sun Jun 23 14:14:14 2024 by rpki-client on console-fra.rpki-client.org