Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/IUuUswT9PqE4fvWmUmVP0IoJdRk.roa
File: IUuUswT9PqE4fvWmUmVP0IoJdRk.roa (raw, json)
Hash identifier: WwpjxVObGWlQWIOiwu6/GsAMT7CP+YGL/2U5pLpepLo=
Subject key identifier: 21:4B:94:B3:04:FD:3E:A1:38:7E:F5:A6:52:65:4F:D0:8A:09:75:19
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 018C01D4F09775E85A9881D893581218E842
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/IUuUswT9PqE4fvWmUmVP0IoJdRk.roa
Signing time: Fri 24 Nov 2023 14:56:21 +0000
ROA not before: Fri 24 Nov 2023 14:56:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:01:d4:f0:97:75:e8:5a:98:81:d8:93:58:12:18:e8:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Nov 24 14:56:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=214b94b304fd3ea1387ef5a652654fd08a097519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:96:27:c3:88:24:91:af:a0:83:45:a9:6f:1b:
b8:37:8f:ea:1f:6d:3d:79:29:ae:06:6e:62:06:ff:
80:4b:9c:b4:b1:d9:0b:05:d8:48:94:56:0e:a8:ae:
b6:1c:1c:b9:27:08:b5:f1:ab:ec:e5:88:b3:19:ac:
a1:b6:3f:84:e5:53:df:3c:58:eb:7c:38:49:0d:c2:
e0:14:2a:9b:2c:a0:4b:49:80:4f:97:02:08:69:79:
d7:b7:28:bf:c0:c9:53:e2:06:20:a9:50:66:a1:89:
4c:c0:5d:d2:2b:40:26:95:47:e8:db:d3:a6:10:38:
47:e8:66:38:3a:ae:a2:19:e1:c6:80:2f:be:c2:78:
04:d3:d8:37:be:1c:22:0d:3a:5b:ce:47:ce:6b:ab:
9c:4b:60:13:20:0c:46:bb:43:f0:2c:57:7c:dd:a5:
86:3e:0f:80:75:35:eb:01:73:1b:4c:18:61:05:31:
08:6a:9f:6f:f6:a5:d8:c0:af:3c:ab:b5:a3:76:22:
24:28:50:11:94:fc:4b:21:9e:1f:ed:dc:72:00:e5:
07:59:83:63:e7:8c:eb:6d:6c:6a:e4:2a:97:d0:ae:
3c:66:14:fd:fc:9f:c3:fa:46:96:f7:ac:e7:da:2d:
d5:6c:86:b3:d7:b7:8d:fc:a1:e4:c2:80:01:a3:03:
4a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4B:94:B3:04:FD:3E:A1:38:7E:F5:A6:52:65:4F:D0:8A:09:75:19
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/IUuUswT9PqE4fvWmUmVP0IoJdRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:34:c6:54:cc:9f:99:13:25:8f:ba:d3:ea:1c:b0:b7:da:c5:
5b:a8:69:16:75:07:45:69:83:a4:b0:61:c1:00:ef:41:f5:7d:
a7:70:31:db:a3:be:fe:68:c4:6b:9d:b7:a3:09:2b:22:6d:c1:
1d:ba:91:0e:f3:ac:0a:86:06:74:83:85:3f:16:01:5c:73:39:
75:56:2c:80:48:63:6d:ee:15:01:4e:14:6d:dc:7e:c1:c7:1e:
75:a6:b4:b9:b2:0c:4b:d0:18:ec:c8:92:9f:78:53:87:f5:c1:
b5:30:34:31:7c:63:53:f5:90:5b:bb:ad:61:0e:3f:ce:07:fd:
92:ef:06:cc:1b:7c:b2:00:df:15:dd:63:b4:4d:92:9d:0d:ef:
46:c4:37:9d:1b:45:38:77:6c:ab:b4:8a:df:a3:42:6e:12:6a:
ca:b6:cf:48:a2:4f:c0:78:e2:5a:08:f7:79:4e:64:b9:08:a4:
70:e1:0b:03:73:5f:61:9d:ef:40:e9:33:aa:4d:c8:6e:1c:58:
43:47:7a:d4:76:93:25:fa:9d:9b:46:30:6e:01:05:1b:1c:43:
32:6b:24:7d:05:0d:42:8d:cd:82:9d:e5:7f:88:d7:b9:6d:6d:
26:d2:7a:7e:56:0d:5f:fc:06:18:56:ae:a7:a3:76:80:b9:c6:
13:7f:8c:57
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYwB1PCXdehamIHYk1gSGOhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjMxMTI0MTQ1NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRiOTRiMzA0ZmQzZWExMzg3ZWY1YTY1MjY1NGZkMDhhMDk3NTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupYnw4gkka+gg0Wpbxu4N4/qH209
eSmuBm5iBv+AS5y0sdkLBdhIlFYOqK62HBy5Jwi18avs5YizGayhtj+E5VPfPFjr
fDhJDcLgFCqbLKBLSYBPlwIIaXnXtyi/wMlT4gYgqVBmoYlMwF3SK0AmlUfo29Om
EDhH6GY4Oq6iGeHGgC++wngE09g3vhwiDTpbzkfOa6ucS2ATIAxGu0PwLFd83aWG
Pg+AdTXrAXMbTBhhBTEIap9v9qXYwK88q7WjdiIkKFARlPxLIZ4f7dxyAOUHWYNj
54zrbWxq5CqX0K48ZhT9/J/D+kaW96zn2i3VbIaz17eN/KHkwoABowNKCwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFCFLlLME/T6hOH71plJlT9CKCXUZMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvSVV1VXN3VDlQcUU0ZnZXbVVtVlAwSW9KZFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAAI0xlTMn5kTJY+60+ocsLfaxVuoaRZ1B0Vpg6SwYcEA
70H1fadwMdujvv5oxGudt6MJKyJtwR26kQ7zrAqGBnSDhT8WAVxzOXVWLIBIY23u
FQFOFG3cfsHHHnWmtLmyDEvQGOzIkp94U4f1wbUwNDF8Y1P1kFu7rWEOP84H/ZLv
BswbfLIA3xXdY7RNkp0N70bEN50bRTh3bKu0it+jQm4Sasq2z0iiT8B44loI93lO
ZLkIpHDhCwNzX2Gd70DpM6pNyG4cWENHetR2kyX6nZtGMG4BBRscQzJrJH0FDUKN
zYKd5X+I17ltbSbSen5WDV/8BhhWrqejdoC5xhN/jFc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org