Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/VMa7pdi6WcGAXujz9Iuy5jBgI2g.roa
File: VMa7pdi6WcGAXujz9Iuy5jBgI2g.roa (raw, json)
Hash identifier: OJHKhgSN1Mx63kyv7zmjoKbok411oJuZg+ikGqC8tVo=
Subject key identifier: 54:C6:BB:A5:D8:BA:59:C1:80:5E:E8:F3:F4:8B:B2:E6:30:60:23:68
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 019474070BF9316797E0FBEA19640DD00376
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/VMa7pdi6WcGAXujz9Iuy5jBgI2g.roa
Signing time: Fri 17 Jan 2025 11:30:06 +0000
ROA not before: Fri 17 Jan 2025 11:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.63.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.84.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.98.0/24 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
Validation: Failed, certificate revoked on Mon 27 Jan 2025 12:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:74:07:0b:f9:31:67:97:e0:fb:ea:19:64:0d:d0:03:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Jan 17 11:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54c6bba5d8ba59c1805ee8f3f48bb2e630602368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3b:f4:75:d9:0a:d7:d2:ee:cb:6b:31:77:01:
4b:33:34:05:29:ab:b4:57:f4:21:12:d0:67:f6:d2:
5a:e3:44:66:37:af:ff:42:c8:b7:7f:67:3a:13:3b:
7e:e3:47:b9:03:5c:f6:61:e6:e1:fa:01:54:0f:1a:
c3:32:fe:f8:13:5d:a9:24:14:24:da:38:17:8d:ba:
d2:59:bf:5d:fc:c4:aa:77:f9:2d:a0:f5:38:c5:0d:
bb:3f:6c:f4:c6:28:6e:c1:34:13:f3:1b:bf:04:70:
4b:1a:9d:b5:b7:a5:f7:01:6f:15:20:1b:d8:44:e2:
ee:b8:ed:7f:04:b1:c1:9d:47:af:b7:62:fd:be:d1:
e4:2d:e9:5c:69:5f:e9:c4:81:4d:0b:63:c8:32:c3:
aa:ad:ca:65:59:90:2b:88:7d:de:cd:4b:5c:3d:e8:
6b:2c:ec:a9:d4:96:19:16:c2:7a:eb:4a:3b:67:cf:
0b:38:17:a1:b7:4a:45:91:3e:2e:d0:c1:05:58:75:
81:a2:ed:60:2a:3e:f9:3d:1f:23:40:6f:89:90:ff:
f1:08:6d:a8:aa:6a:51:35:c8:89:2e:68:90:14:d0:
2b:26:7c:5c:27:33:e4:15:f6:ff:98:ad:61:b0:f7:
03:a1:b5:0f:70:10:6c:b8:a1:70:44:93:72:c2:fd:
aa:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:C6:BB:A5:D8:BA:59:C1:80:5E:E8:F3:F4:8B:B2:E6:30:60:23:68
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/VMa7pdi6WcGAXujz9Iuy5jBgI2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:5a:7a:e1:5c:44:1e:c7:f1:b5:8a:a9:6b:c7:b0:08:b0:c8:
bb:ad:72:20:c5:85:8e:b0:35:34:a5:71:ff:bd:7f:88:a4:b6:
ea:a7:ab:7a:3f:43:9f:a3:e2:e2:4d:1a:13:51:ee:3e:20:be:
ae:f3:0a:5b:ca:96:6a:72:62:bd:19:48:6b:50:8f:3e:75:8b:
13:2e:e0:8e:7d:bb:00:2e:50:c1:62:a5:e0:c5:a9:d3:72:70:
3d:58:a6:95:6c:c0:c2:5f:cc:4a:1b:12:8c:40:51:1a:7f:4f:
a6:c4:54:f1:54:92:f7:67:d3:03:69:92:ec:e7:44:f6:8b:58:
d6:be:9f:1c:b7:ee:57:67:44:d3:ed:1e:f7:e9:b6:f8:3d:18:
f7:49:6d:cd:86:b6:46:dc:bd:23:48:c3:1d:2f:33:45:c4:db:
9a:d8:99:87:6f:c9:d3:2c:3e:23:e2:f9:98:1b:d4:72:da:02:
36:6a:34:ce:87:2d:e5:1f:27:2c:a4:0d:2e:2e:0a:d7:6e:f3:
72:50:d9:f5:f7:23:ca:1e:33:6b:83:e0:0e:17:56:1e:97:11:
e8:e3:89:40:93:71:3f:02:b8:9e:86:66:c8:16:69:19:89:34:
92:6c:02:a2:4c:05:64:2c:23:d3:00:8a:0d:a0:cc:37:a0:12:
80:d9:79:da
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZR0Bwv5MWeX4PvqGWQN0AN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwMTE3MTEzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGM2YmJhNWQ4YmE1OWMxODA1ZWU4ZjNmNDhiYjJlNjMwNjAyMzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTv0ddkK19Luy2sxdwFLMzQFKau0
V/QhEtBn9tJa40RmN6//Qsi3f2c6Ezt+40e5A1z2Yebh+gFUDxrDMv74E12pJBQk
2jgXjbrSWb9d/MSqd/ktoPU4xQ27P2z0xihuwTQT8xu/BHBLGp21t6X3AW8VIBvY
ROLuuO1/BLHBnUevt2L9vtHkLelcaV/pxIFNC2PIMsOqrcplWZAriH3ezUtcPehr
LOyp1JYZFsJ660o7Z88LOBeht0pFkT4u0MEFWHWBou1gKj75PR8jQG+JkP/xCG2o
qmpRNciJLmiQFNArJnxcJzPkFfb/mK1hsPcDobUPcBBsuKFwRJNywv2q3wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFFTGu6XYulnBgF7o8/SLsuYwYCNoMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvVk1hN3BkaTZXY0dBWHVqejlJdXk1akJnSTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAJ5aeuFcRB7H8bWKqWvHsAiwyLutciDFhY6wNTSlcf+9
f4iktuqnq3o/Q5+j4uJNGhNR7j4gvq7zClvKlmpyYr0ZSGtQjz51ixMu4I59uwAu
UMFipeDFqdNycD1YppVswMJfzEobEoxAURp/T6bEVPFUkvdn0wNpkuznRPaLWNa+
nxy37ldnRNPtHvfptvg9GPdJbc2GtkbcvSNIwx0vM0XE25rYmYdvydMsPiPi+Zgb
1HLaAjZqNM6HLeUfJyykDS4uCtdu83JQ2fX3I8oeM2uD4A4XVh6XEejjiUCTcT8C
uJ6GZsgWaRmJNJJsAqJMBWQsI9MAig2gzDegEoDZedo=
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:13:58 2025 by rpki-client