Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/FTe2dW9zlddsYM9hwZN6m_zbXOo.roa
File: FTe2dW9zlddsYM9hwZN6m_zbXOo.roa (raw, json)
Hash identifier: O0kxmoFTB11+y2GV7VrCl+EjmDmifVpwW0Yr6x/ewnQ=
Subject key identifier: 15:37:B6:75:6F:73:95:D7:6C:60:CF:61:C1:93:7A:9B:FC:DB:5C:EA
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 01906DE7FDDCD0D7777AD79586105983DDF6
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/FTe2dW9zlddsYM9hwZN6m_zbXOo.roa
Signing time: Mon 01 Jul 2024 10:47:18 +0000
ROA not before: Mon 01 Jul 2024 10:47:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214996
IP address blocks: 152.53.31.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.52.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 04 Oct 2024 14:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:e7:fd:dc:d0:d7:77:7a:d7:95:86:10:59:83:dd:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Jul 1 10:47:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1537b6756f7395d76c60cf61c1937a9bfcdb5cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:80:36:d1:b8:4d:25:2f:50:c8:96:31:3e:8a:
c5:1d:9c:68:e6:b5:db:4a:56:d4:79:58:2a:fc:59:
24:68:6c:45:ee:10:90:d0:1f:64:71:72:5a:c3:12:
19:28:d3:2f:ac:75:10:33:bc:2b:03:09:36:7c:56:
1f:d6:55:97:ec:07:40:b5:ec:85:21:fc:6b:93:71:
c5:e9:79:fb:3d:f1:67:27:6e:17:b4:46:ed:e9:79:
8b:d3:3b:a7:fb:c3:58:e9:ea:6e:a7:c3:2c:54:9c:
28:15:7f:25:fe:95:74:5b:0b:64:08:f4:c9:f5:ec:
d6:d2:c4:75:11:1a:05:99:31:9a:9e:08:56:1c:cc:
08:b5:16:6c:a0:50:80:28:82:b9:f6:94:b4:b9:49:
77:3d:e2:3d:74:5e:96:c0:3c:71:36:67:b9:9a:7d:
9a:18:56:53:f4:9b:2d:aa:b8:0c:54:3f:95:f1:36:
62:15:c6:a2:64:f7:87:82:bc:57:60:db:6a:50:a4:
be:61:67:22:de:10:83:eb:e8:74:ac:31:82:7b:09:
d4:d2:b5:3f:c1:e9:9d:16:64:5d:75:1b:e1:cb:fa:
51:d6:dc:0b:8c:63:8e:61:aa:32:07:7b:6a:9e:04:
a0:4f:47:e1:19:1e:be:b2:e1:ea:6a:6b:0f:c2:48:
59:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:37:B6:75:6F:73:95:D7:6C:60:CF:61:C1:93:7A:9B:FC:DB:5C:EA
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/FTe2dW9zlddsYM9hwZN6m_zbXOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.31.0/24
152.53.36.0/22
152.53.52.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:dc:b3:55:4a:fb:b1:0b:c0:07:dd:60:de:e9:74:a2:1b:26:
c2:b1:98:a7:74:18:a0:29:d0:b7:fe:13:13:3e:a3:a8:3c:61:
0a:7b:80:86:27:b0:b8:67:c5:94:96:59:d5:ab:51:17:c6:b4:
f4:06:e9:6d:64:b9:47:82:90:0e:8e:04:61:8c:d4:fb:25:7a:
7a:92:4b:47:42:4c:db:35:f2:11:8d:c4:3d:8c:f1:27:aa:40:
fc:de:ec:86:02:9d:50:a2:eb:63:17:8a:20:54:c0:1a:dc:7b:
ae:29:d9:71:a3:6e:86:3d:ac:2c:9d:9b:4c:a0:68:a9:d6:ab:
04:43:40:50:70:76:30:25:6b:46:4f:90:d4:9b:a9:e6:56:45:
96:37:92:6a:ab:30:d6:8b:f9:fb:cc:ad:7f:78:27:b0:4b:0c:
56:7a:5e:df:cc:58:7f:de:c5:21:aa:47:3e:79:4d:4f:0b:64:
e5:9a:ba:74:d5:9e:5e:be:88:40:75:66:d7:ba:f4:60:36:3b:
2a:5a:c9:f7:2d:f6:67:57:f8:fe:66:ea:0f:f9:ef:e5:2b:16:
77:bf:d7:b4:a5:8d:5d:9d:c7:8f:e4:68:56:75:ac:d6:fa:c1:
32:44:04:53:e7:71:68:33:89:24:0d:4f:26:d3:d9:99:57:17:
52:79:34:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBt5/3c0Nd3eteVhhBZg932MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwNzAxMTA0NzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTM3YjY3NTZmNzM5NWQ3NmM2MGNmNjFjMTkzN2E5YmZjZGI1Y2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYA20bhNJS9QyJYxPorFHZxo5rXb
SlbUeVgq/FkkaGxF7hCQ0B9kcXJawxIZKNMvrHUQM7wrAwk2fFYf1lWX7AdAteyF
Ifxrk3HF6Xn7PfFnJ24XtEbt6XmL0zun+8NY6epup8MsVJwoFX8l/pV0WwtkCPTJ
9ezW0sR1ERoFmTGanghWHMwItRZsoFCAKIK59pS0uUl3PeI9dF6WwDxxNme5mn2a
GFZT9JstqrgMVD+V8TZiFcaiZPeHgrxXYNtqUKS+YWci3hCD6+h0rDGCewnU0rU/
wemdFmRddRvhy/pR1twLjGOOYaoyB3tqngSgT0fhGR6+suHqamsPwkhZ1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBU3tnVvc5XXbGDPYcGTepv821zqMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvRlRlMmRXOXpsZGRzWU05aHdaTjZtX3piWE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmDUfAwQC
mDUkAwQCmDU0MA0GCSqGSIb3DQEBCwUAA4IBAQBd3LNVSvuxC8AH3WDe6XSiGybC
sZindBigKdC3/hMTPqOoPGEKe4CGJ7C4Z8WUllnVq1EXxrT0BultZLlHgpAOjgRh
jNT7JXp6kktHQkzbNfIRjcQ9jPEnqkD83uyGAp1QoutjF4ogVMAa3HuuKdlxo26G
PawsnZtMoGip1qsEQ0BQcHYwJWtGT5DUm6nmVkWWN5JqqzDWi/n7zK1/eCewSwxW
el7fzFh/3sUhqkc+eU1PC2Tlmrp01Z5evohAdWbXuvRgNjsqWsn3LfZnV/j+ZuoP
+e/lKxZ3v9e0pY1dnceP5GhWdazW+sEyRART53FoM4kkDU8m09mZVxdSeTRW
-----END CERTIFICATE-----
Generated at Fri Oct 4 18:58:31 2024 by rpki-client on console-ams.rpki-client.org