Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/PCBZD6z9Ocf0AFHQwVJkCEcys5I.roa
File: PCBZD6z9Ocf0AFHQwVJkCEcys5I.roa (raw, json)
Hash identifier: FaaLBtMbGY8ZkBw8KRGav7yFTiy6ofhB+nzkFDATTnI=
Subject key identifier: 3C:20:59:0F:AC:FD:39:C7:F4:00:51:D0:C1:52:64:08:47:32:B3:92
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 019425FDD8C7FE90A700B05C1857437AA190
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/PCBZD6z9Ocf0AFHQwVJkCEcys5I.roa
Signing time: Thu 02 Jan 2025 07:49:40 +0000
ROA not before: Thu 02 Jan 2025 07:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.84.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.98.0/24 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
Validation: Failed, certificate revoked on Fri 17 Jan 2025 11:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d8:c7:fe:90:a7:00:b0:5c:18:57:43:7a:a1:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Jan 2 07:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c20590facfd39c7f40051d0c15264084732b392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:49:31:4a:12:4f:23:a0:e8:2c:11:ed:b3:ce:
4f:43:1f:ad:30:e1:33:70:44:c3:1c:a1:6e:1c:e9:
ef:ff:34:71:6c:66:0e:d0:61:56:5f:32:06:1d:10:
c7:87:91:a8:67:74:52:54:4f:6e:b2:44:49:13:d6:
e0:21:1b:aa:38:80:97:be:3e:0c:b1:43:88:fd:a4:
00:b5:0c:5b:f4:06:9a:4b:ac:66:ca:6d:13:b2:c0:
69:60:89:2a:27:e1:31:34:fa:1b:ca:b4:9e:d5:c6:
51:eb:bb:26:41:9c:8f:a0:a6:fe:64:41:67:ef:4f:
f0:9e:6d:15:2f:52:be:f2:fd:70:5f:17:42:79:c7:
62:98:78:c8:b9:29:93:f3:c8:ac:53:01:bf:ac:8d:
ce:1c:4c:e4:e9:e7:0c:cd:3d:a5:8f:05:e3:e0:cb:
15:a9:35:6f:e6:58:1e:31:03:fc:b9:01:f2:c8:62:
05:32:ee:96:f8:42:b0:98:a9:1b:8a:27:97:1c:91:
15:c9:4e:a5:7b:6b:21:24:72:1a:d8:04:87:9a:45:
83:aa:da:d4:a3:52:8c:00:ce:64:af:5f:1e:9c:77:
c2:fd:a4:49:b8:1a:07:a8:0f:f7:99:91:f7:20:79:
10:83:d4:9c:c9:cd:dd:22:bd:e3:2f:2d:9f:d6:f1:
e3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:20:59:0F:AC:FD:39:C7:F4:00:51:D0:C1:52:64:08:47:32:B3:92
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/PCBZD6z9Ocf0AFHQwVJkCEcys5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:ee:a6:e6:6d:57:4c:32:0c:f1:5f:a6:3a:c5:1e:f9:69:78:
2b:cf:b2:36:09:81:6b:b3:01:90:38:16:ac:35:6a:c6:d2:ef:
96:2e:20:98:83:c0:8b:43:46:8e:92:19:24:e0:7e:8c:f9:dd:
a7:6b:4f:6b:01:22:6e:26:c1:12:31:65:56:98:d2:16:a3:93:
04:0f:b0:88:11:85:ee:15:10:8a:21:66:8d:68:a8:8b:99:a7:
83:02:f0:22:01:2b:ed:8e:db:e7:fe:f3:45:ce:f3:e7:eb:9b:
f2:81:63:72:0b:7e:42:ad:ca:84:31:8e:c8:85:48:fd:98:92:
66:c6:a7:2a:3a:f3:a2:71:c1:67:0a:d3:ce:02:a3:75:2a:58:
b7:ae:a9:78:0d:7f:aa:6f:e9:13:b4:33:e1:79:8d:b8:c1:5c:
e0:60:56:18:a4:46:d4:b6:31:e1:ac:a2:6f:b9:4d:40:8f:49:
8f:5c:3e:0b:b6:e0:c7:fe:2d:c6:e5:4f:17:42:98:6d:fa:fd:
b2:6b:07:06:b5:32:e0:92:b0:9e:2c:00:06:d0:61:a2:b9:88:
4b:3d:f2:45:45:fe:70:3d:a9:ea:16:61:68:89:f2:e7:e1:13:
1f:35:b1:49:4a:05:ad:9e:35:d5:78:be:ed:80:b1:f1:c6:b3:
7e:1b:4e:6d
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQl/djH/pCnALBcGFdDeqGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwMTAyMDc0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzIwNTkwZmFjZmQzOWM3ZjQwMDUxZDBjMTUyNjQwODQ3MzJiMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUkxShJPI6DoLBHts85PQx+tMOEz
cETDHKFuHOnv/zRxbGYO0GFWXzIGHRDHh5GoZ3RSVE9uskRJE9bgIRuqOICXvj4M
sUOI/aQAtQxb9AaaS6xmym0TssBpYIkqJ+ExNPobyrSe1cZR67smQZyPoKb+ZEFn
70/wnm0VL1K+8v1wXxdCecdimHjIuSmT88isUwG/rI3OHEzk6ecMzT2ljwXj4MsV
qTVv5lgeMQP8uQHyyGIFMu6W+EKwmKkbiieXHJEVyU6le2shJHIa2ASHmkWDqtrU
o1KMAM5kr18enHfC/aRJuBoHqA/3mZH3IHkQg9Scyc3dIr3jLy2f1vHj4QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDwgWQ+s/TnH9ABR0MFSZAhHMrOSMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvUENCWkQ2ejlPY2YwQUZIUXdWSmtDRWN5czVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBALfupuZtV0wyDPFfpjrFHvlpeCvPsjYJgWuzAZA4Fqw1
asbS75YuIJiDwItDRo6SGSTgfoz53adrT2sBIm4mwRIxZVaY0hajkwQPsIgRhe4V
EIohZo1oqIuZp4MC8CIBK+2O2+f+80XO8+frm/KBY3ILfkKtyoQxjsiFSP2YkmbG
pyo686JxwWcK084Co3UqWLeuqXgNf6pv6RO0M+F5jbjBXOBgVhikRtS2MeGsom+5
TUCPSY9cPgu24Mf+LcblTxdCmG36/bJrBwa1MuCSsJ4sAAbQYaK5iEs98kVF/nA9
qeoWYWiJ8ufhEx81sUlKBa2eNdV4vu2AsfHGs34bTm0=
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:31:16 2025 by rpki-client