Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/OjYDA-LP3tElYxftwwgsMTMc4ow.roa
File: OjYDA-LP3tElYxftwwgsMTMc4ow.roa (raw, json)
Hash identifier: 5S6jCuwtgQQqVSb8XgwrN/fFJ5JclEACBRqSN45GNPU=
Subject key identifier: 3A:36:03:03:E2:CF:DE:D1:25:63:17:ED:C3:08:2C:31:33:1C:E2:8C
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 01953CC29F923D8257100CD7CA390B63C093
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/OjYDA-LP3tElYxftwwgsMTMc4ow.roa
Signing time: Tue 25 Feb 2025 10:59:02 +0000
ROA not before: Tue 25 Feb 2025 10:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.6.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.8.0/24 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.25.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.63.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.79.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.84.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.98.0/24 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
152.53.240.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 18 Mar 2025 08:15:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:c2:9f:92:3d:82:57:10:0c:d7:ca:39:0b:63:c0:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Feb 25 10:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a360303e2cfded1256317edc3082c31331ce28c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:66:a7:a3:b5:28:c1:9a:f8:08:f5:e5:9b:6c:
28:57:13:cb:b4:3e:34:86:a6:f8:25:b1:63:6a:30:
b2:bd:d2:4b:f0:95:e3:d6:3d:af:06:f1:d9:87:93:
66:da:4f:6a:65:59:fc:34:9e:30:29:4a:ad:d0:d2:
24:0a:5c:58:e8:b3:69:89:ff:e4:e1:9a:c2:1a:3b:
31:93:6f:93:f7:89:c9:b8:3d:21:33:37:68:44:70:
0d:6f:6d:ab:64:66:c0:ad:db:c5:30:21:90:7e:54:
d7:32:a8:01:28:b5:50:92:5a:93:50:92:72:48:ca:
cf:e6:a0:83:45:d8:3d:38:b8:17:ce:7d:e7:c0:a2:
5f:f4:06:84:3f:3f:9e:f1:ae:8a:60:00:4f:e0:59:
02:8c:77:7d:4a:c0:0c:75:35:16:b5:89:95:48:0f:
6d:58:c6:da:a6:1e:ca:c7:e5:09:b6:da:e6:04:38:
56:d7:88:77:e8:1b:a1:dc:01:63:67:c0:0e:d4:f4:
43:54:7b:eb:23:51:94:4f:6d:7f:e4:22:e5:5e:6a:
0a:f1:8b:3c:28:91:db:7d:e8:67:7e:ea:9d:7b:2d:
2c:fe:d0:dd:ac:17:28:9a:62:68:f6:16:5b:0c:76:
3f:87:ba:31:33:f1:0b:e9:50:48:0f:35:6d:c6:3b:
c2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:36:03:03:E2:CF:DE:D1:25:63:17:ED:C3:08:2C:31:33:1C:E2:8C
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/OjYDA-LP3tElYxftwwgsMTMc4ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cc:a1:65:9f:dd:a6:b9:85:24:8f:2f:64:a2:2d:f6:4e:d2:c6:
1f:12:1f:ad:20:3f:86:f6:99:a6:6e:6f:74:40:e0:40:e7:d9:
a7:b6:49:e8:c5:e9:c2:cd:f0:35:c3:0b:fc:e7:55:88:27:12:
04:c8:96:a1:31:86:dc:93:c0:41:e5:e0:2e:3b:e8:8b:3f:04:
94:14:21:53:3b:10:2e:27:69:df:86:90:01:96:24:d1:df:14:
51:2d:fe:d5:4a:4e:21:bb:fb:19:fa:83:5a:9d:4f:4d:ff:cc:
0b:ab:bd:57:f1:f6:d1:b6:aa:a5:7b:a0:c5:63:b5:48:51:02:
4e:88:82:37:42:2d:a8:9f:ce:a8:86:77:1d:b8:85:2d:b1:13:
9f:89:28:97:87:b6:04:45:9e:42:29:c1:73:7d:44:1a:15:4b:
02:fc:82:ec:2f:be:de:d0:99:51:5b:7b:dd:02:9f:85:77:f7:
11:11:aa:05:9a:92:04:9c:0f:51:f8:d4:e3:44:37:b6:00:ff:
2d:bf:08:42:4f:4d:5c:6f:4b:4c:df:52:05:1c:ec:6c:39:ba:
d7:78:7f:d2:45:6f:0d:87:16:c5:dc:ac:a9:ce:68:60:47:b6:
a4:fc:4a:b0:9f:36:fc:16:f1:7b:2a:2a:94:29:46:19:b2:30:
78:98:bd:25
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZU8wp+SPYJXEAzXyjkLY8CTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwMjI1MTA1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM2MDMwM2UyY2ZkZWQxMjU2MzE3ZWRjMzA4MmMzMTMzMWNlMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmano7UowZr4CPXlm2woVxPLtD40
hqb4JbFjajCyvdJL8JXj1j2vBvHZh5Nm2k9qZVn8NJ4wKUqt0NIkClxY6LNpif/k
4ZrCGjsxk2+T94nJuD0hMzdoRHANb22rZGbArdvFMCGQflTXMqgBKLVQklqTUJJy
SMrP5qCDRdg9OLgXzn3nwKJf9AaEPz+e8a6KYABP4FkCjHd9SsAMdTUWtYmVSA9t
WMbaph7Kx+UJttrmBDhW14h36Buh3AFjZ8AO1PRDVHvrI1GUT21/5CLlXmoK8Ys8
KJHbfehnfuqdey0s/tDdrBcommJo9hZbDHY/h7oxM/EL6VBIDzVtxjvCjQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDo2AwPiz97RJWMX7cMILDEzHOKMMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvT2pZREEtTFAzdEVsWXhmdHd3Z3NNVE1jNG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAMyhZZ/dprmFJI8vZKIt9k7Sxh8SH60gP4b2maZub3RA
4EDn2ae2SejF6cLN8DXDC/znVYgnEgTIlqExhtyTwEHl4C476Is/BJQUIVM7EC4n
ad+GkAGWJNHfFFEt/tVKTiG7+xn6g1qdT03/zAurvVfx9tG2qqV7oMVjtUhRAk6I
gjdCLaifzqiGdx24hS2xE5+JKJeHtgRFnkIpwXN9RBoVSwL8guwvvt7QmVFbe90C
n4V39xERqgWakgScD1H41ONEN7YA/y2/CEJPTVxvS0zfUgUc7Gw5utd4f9JFbw2H
FsXcrKnOaGBHtqT8SrCfNvwW8XsqKpQpRhmyMHiYvSU=
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:00:48 2025 by rpki-client