Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/C-tRUHrlsCj62M44vw0kkgFCECQ.roa
File: C-tRUHrlsCj62M44vw0kkgFCECQ.roa (raw, json)
Hash identifier: 2BJ10bNzkAfURjhJ6PAZCvCx99HazPJoD5eYC4NbOqw=
Subject key identifier: 0B:EB:51:50:7A:E5:B0:28:FA:D8:CE:38:BF:0D:24:92:01:42:10:24
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 019377303CC37CD7C66DB87DE1617A049468
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/C-tRUHrlsCj62M44vw0kkgFCECQ.roa
Signing time: Fri 29 Nov 2024 09:11:10 +0000
ROA not before: Fri 29 Nov 2024 09:11:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.5.0/24 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
152.53.44.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.64.0/22 maxlen: 24
152.53.84.0/22 maxlen: 22
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
Validation: Failed, certificate revoked on Fri 29 Nov 2024 16:03:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:30:3c:c3:7c:d7:c6:6d:b8:7d:e1:61:7a:04:94:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Nov 29 09:11:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0beb51507ae5b028fad8ce38bf0d249201421024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:42:21:fd:54:d4:e7:07:8d:2c:09:f0:43:2c:
b1:54:dc:af:dd:3f:7c:29:e8:10:72:94:20:4e:d2:
5e:bb:10:44:ff:ab:2c:2d:42:38:08:d6:03:4d:b8:
ad:a4:9e:2d:9a:42:3c:df:76:14:e8:df:dc:5a:4f:
7e:4f:18:9a:24:d9:25:0a:9b:d0:5d:d6:79:8f:51:
2e:8a:fb:7d:55:e7:fa:06:82:95:85:9d:8e:70:2c:
c9:00:cc:17:a8:a0:33:9c:c7:d7:4d:d9:5e:f8:5c:
ac:c5:5c:62:28:e2:d6:d1:6c:75:48:e0:ae:b3:d4:
e5:19:c0:27:e7:7e:89:c6:68:4a:5d:bd:c1:5a:07:
2d:67:ec:02:1d:31:6a:af:d0:76:94:8d:9f:1d:bf:
fb:18:12:f1:48:4b:5f:b0:18:fd:ed:fa:5c:ba:9d:
a5:32:ff:56:e2:74:a7:3b:e5:57:51:5e:73:5c:42:
ea:ff:bc:97:e4:5c:52:b1:5b:12:18:2f:8d:ae:6d:
e4:6f:09:d1:54:eb:3f:19:28:9b:00:8b:57:af:17:
e0:39:95:99:3d:86:42:13:32:f2:28:b9:44:d2:9f:
c0:1b:36:72:ee:f3:68:66:06:81:9f:0c:5c:7f:06:
ca:e6:2e:b7:2b:a2:df:bb:fd:48:52:9e:98:94:61:
23:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:EB:51:50:7A:E5:B0:28:FA:D8:CE:38:BF:0D:24:92:01:42:10:24
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/C-tRUHrlsCj62M44vw0kkgFCECQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:14:45:eb:c7:b2:57:20:10:c1:5c:df:90:45:50:2a:52:22:
dc:bf:6b:4a:36:ba:7c:41:a8:2c:fb:87:cb:22:18:02:0e:d9:
7f:28:25:2d:b1:97:26:55:8a:0f:4e:c3:52:c4:4c:d2:b1:51:
cd:69:cd:a7:e4:49:e0:fd:6a:5a:dc:df:bc:c6:97:3d:91:9f:
24:9f:db:22:2c:0d:14:d4:30:25:5c:1f:ab:c6:1d:31:72:e3:
79:b0:8c:0f:23:6a:4e:61:b3:26:2c:45:cf:bb:0b:2c:de:d1:
f7:28:6a:c0:69:44:65:68:c4:ff:54:b6:f5:f3:21:fe:0b:1c:
82:7c:fd:4e:f1:a5:1f:94:a0:d1:78:7b:2d:05:9a:2a:9a:2a:
33:7d:55:f1:c9:7c:60:00:2e:b2:f2:29:75:04:77:bf:db:fd:
a1:c8:29:84:d8:3f:3e:d0:34:05:19:53:ab:74:7c:66:12:d1:
ef:83:eb:7b:de:bb:37:51:4c:89:66:fb:3a:77:5d:98:1a:a1:
2c:c9:17:af:ec:85:9a:f3:47:d5:67:6f:5d:1e:c7:b5:b5:a7:
73:35:1a:9f:f7:c2:76:fa:2f:dc:e8:6a:02:23:10:89:a1:b4:
a0:b4:ba:02:b5:e3:3f:67:0f:78:9c:4a:a7:43:f3:6a:10:99:
33:33:df:b5
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZN3MDzDfNfGbbh94WF6BJRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQxMTI5MDkxMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmViNTE1MDdhZTViMDI4ZmFkOGNlMzhiZjBkMjQ5MjAxNDIxMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0Ih/VTU5weNLAnwQyyxVNyv3T98
KegQcpQgTtJeuxBE/6ssLUI4CNYDTbitpJ4tmkI833YU6N/cWk9+TxiaJNklCpvQ
XdZ5j1Euivt9Vef6BoKVhZ2OcCzJAMwXqKAznMfXTdle+FysxVxiKOLW0Wx1SOCu
s9TlGcAn536JxmhKXb3BWgctZ+wCHTFqr9B2lI2fHb/7GBLxSEtfsBj97fpcup2l
Mv9W4nSnO+VXUV5zXELq/7yX5FxSsVsSGC+Nrm3kbwnRVOs/GSibAItXrxfgOZWZ
PYZCEzLyKLlE0p/AGzZy7vNoZgaBnwxcfwbK5i63K6Lfu/1IUp6YlGEjowIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFAvrUVB65bAo+tjOOL8NJJIBQhAkMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvQy10UlVIcmxzQ2o2Mk00NHZ3MGtrZ0ZDRUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBALMURevHslcgEMFc35BFUCpSIty/a0o2unxBqCz7h8si
GAIO2X8oJS2xlyZVig9Ow1LETNKxUc1pzafkSeD9alrc37zGlz2RnySf2yIsDRTU
MCVcH6vGHTFy43mwjA8jak5hsyYsRc+7Cyze0fcoasBpRGVoxP9UtvXzIf4LHIJ8
/U7xpR+UoNF4ey0FmiqaKjN9VfHJfGAALrLyKXUEd7/b/aHIKYTYPz7QNAUZU6t0
fGYS0e+D63veuzdRTIlm+zp3XZgaoSzJF6/shZrzR9Vnb10ex7W1p3M1Gp/3wnb6
L9zoagIjEImhtKC0ugK14z9nD3icSqdD82oQmTMz37U=
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:44:18 2025 by rpki-client