Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/THgAxDIy9pndx-NjBIx1QCy0pnY.roa
File: THgAxDIy9pndx-NjBIx1QCy0pnY.roa (raw, json)
Hash identifier: cWYkrCsl6/yU+qBCm/GCGgyg1+6Z6UcUFG3ayOrzULM=
Subject key identifier: 4C:78:00:C4:32:32:F6:99:DD:C7:E3:63:04:8C:75:40:2C:B4:A6:76
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 01938B6E1EF692C882CB7096D5D0EE67F20F
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/THgAxDIy9pndx-NjBIx1QCy0pnY.roa
Signing time: Tue 03 Dec 2024 07:31:10 +0000
ROA not before: Tue 03 Dec 2024 07:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47147
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.128.0/20 maxlen: 22
Validation: Failed, certificate revoked on Tue 03 Dec 2024 09:14:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:6e:1e:f6:92:c8:82:cb:70:96:d5:d0:ee:67:f2:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Dec 3 07:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c7800c43232f699ddc7e363048c75402cb4a676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:63:d3:a2:d0:71:44:7b:6e:7c:86:c6:93:f5:
1b:b3:02:6d:00:a6:cd:af:3d:30:44:b6:d8:8c:46:
05:6b:16:c5:4c:34:e3:c4:95:b4:70:97:a9:99:99:
14:a0:cc:66:02:9c:84:58:12:fd:b0:d0:81:4f:64:
d1:6d:6d:80:a0:99:de:3e:ef:ec:ad:3a:87:39:40:
9f:be:0b:48:48:5f:ae:40:3f:26:30:ca:ad:c5:d6:
c4:d8:13:4e:e3:2d:18:5f:3b:6d:fb:3d:ce:9e:ed:
04:a3:ea:10:65:1c:58:89:17:2f:01:5e:58:69:eb:
6f:cf:51:0e:4a:6f:c0:cc:38:c4:8c:ac:e2:15:9f:
a5:9c:52:b4:8c:5e:b1:74:af:2b:6d:be:c0:66:5e:
d6:a4:f6:1b:e6:dc:e9:a9:50:44:3a:64:a8:f0:0a:
f6:06:e6:34:a7:19:f0:3d:71:b0:6e:13:ca:26:81:
4c:b9:62:3b:00:70:4e:30:a1:3f:93:8a:bc:52:f5:
1d:04:5f:cf:7e:2b:42:ce:1b:f9:cd:85:29:d8:75:
a8:85:83:b9:d0:7a:c7:e2:9d:36:27:95:1f:8d:2a:
f5:b2:f5:9f:c1:c8:b6:01:2f:d3:c0:d4:08:65:8b:
0f:53:84:38:34:93:05:3e:e8:c0:46:af:2a:2d:2a:
a0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:78:00:C4:32:32:F6:99:DD:C7:E3:63:04:8C:75:40:2C:B4:A6:76
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/THgAxDIy9pndx-NjBIx1QCy0pnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:87:4a:26:60:10:ad:6d:8b:98:fe:d9:ae:e4:42:1c:97:b4:
bd:ad:87:41:0e:d3:96:13:5f:f7:df:4b:00:4f:1b:8e:32:19:
ff:18:1b:a3:54:74:c2:0a:bc:80:6b:f2:c0:61:2d:46:ed:fd:
34:81:68:2f:67:1b:ed:91:b4:92:86:22:25:cb:90:c7:4b:b2:
f8:2d:75:05:c1:43:79:5e:3f:19:b9:62:a4:73:c9:3a:74:31:
85:51:4c:b3:52:ab:92:be:80:2e:f2:e3:c7:e1:df:ab:be:ef:
c4:61:6d:a3:9d:fd:fc:77:99:e0:e1:ef:d5:3d:09:3b:a3:7b:
e9:fb:fe:ee:81:dc:04:5f:86:f1:63:d5:87:50:da:bf:62:1c:
8c:86:5a:c0:ca:28:85:48:0b:e8:88:47:ba:15:de:8c:62:26:
95:a7:c2:e2:ad:69:dd:f7:59:58:b8:6a:7d:4b:eb:63:81:20:
fe:52:b5:55:d4:cf:56:c0:30:bc:c8:37:ec:89:6b:6e:02:51:
1a:52:5f:b2:16:f3:b7:5b:25:9e:fa:0b:9c:20:f6:16:47:8a:
97:de:a9:9c:d3:ce:45:83:5c:a3:79:5e:ab:22:8b:07:ca:fc:
d4:74:74:04:89:3c:4c:0b:54:a3:ff:7d:eb:cb:90:1c:10:67:
63:13:0b:8a
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZOLbh72ksiCy3CW1dDuZ/IPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQxMjAzMDczMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzc4MDBjNDMyMzJmNjk5ZGRjN2UzNjMwNDhjNzU0MDJjYjRhNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2PTotBxRHtufIbGk/UbswJtAKbN
rz0wRLbYjEYFaxbFTDTjxJW0cJepmZkUoMxmApyEWBL9sNCBT2TRbW2AoJnePu/s
rTqHOUCfvgtISF+uQD8mMMqtxdbE2BNO4y0YXztt+z3Onu0Eo+oQZRxYiRcvAV5Y
aetvz1EOSm/AzDjEjKziFZ+lnFK0jF6xdK8rbb7AZl7WpPYb5tzpqVBEOmSo8Ar2
BuY0pxnwPXGwbhPKJoFMuWI7AHBOMKE/k4q8UvUdBF/PfitCzhv5zYUp2HWohYO5
0HrH4p02J5UfjSr1svWfwci2AS/TwNQIZYsPU4Q4NJMFPujARq8qLSqgHQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEx4AMQyMvaZ3cfjYwSMdUAstKZ2MB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvVEhnQXhESXk5cG5keC1OakJJeDFRQ3kwcG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAFSHSiZgEK1ti5j+2a7kQhyXtL2th0EO05YTX/ffSwBP
G44yGf8YG6NUdMIKvIBr8sBhLUbt/TSBaC9nG+2RtJKGIiXLkMdLsvgtdQXBQ3le
Pxm5YqRzyTp0MYVRTLNSq5K+gC7y48fh36u+78RhbaOd/fx3meDh79U9CTuje+n7
/u6B3ARfhvFj1YdQ2r9iHIyGWsDKKIVIC+iIR7oV3oxiJpWnwuKtad33WVi4an1L
62OBIP5StVXUz1bAMLzIN+yJa24CURpSX7IW87dbJZ76C5wg9hZHipfeqZzTzkWD
XKN5XqsiiwfK/NR0dASJPEwLVKP/fevLkBwQZ2MTC4o=
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:41:40 2025 by rpki-client