Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Y2cRkKKfBjhlRNO_XfSgLHz7lg8.roa
File: Y2cRkKKfBjhlRNO_XfSgLHz7lg8.roa (raw, json)
Hash identifier: /G3PEeNG6EtYt1G68b/Af4G7FYF8esJ8+J2AmCPgOkI=
Subject key identifier: 63:67:11:90:A2:9F:06:38:65:44:D3:BF:5D:F4:A0:2C:7C:FB:96:0F
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 01951898D097FA56C3281AF758D7391C13AB
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Y2cRkKKfBjhlRNO_XfSgLHz7lg8.roa
Signing time: Tue 18 Feb 2025 10:27:02 +0000
ROA not before: Tue 18 Feb 2025 10:27:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.5.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
152.53.44.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.64.0/22 maxlen: 24
152.53.84.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 18 Mar 2025 08:15:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:18:98:d0:97:fa:56:c3:28:1a:f7:58:d7:39:1c:13:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Feb 18 10:27:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63671190a29f06386544d3bf5df4a02c7cfb960f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e4:c9:3b:3b:46:24:10:18:67:f5:a3:f2:ee:
f7:c3:6b:3c:59:e6:43:0d:c0:bc:48:28:7d:55:bb:
dd:0d:88:ff:0a:f1:e1:a0:4e:36:2f:bc:8d:3a:71:
ea:4e:9b:b5:84:40:5a:bc:7f:a2:47:33:6f:ff:64:
60:3b:9a:8d:1a:43:02:aa:d0:42:41:2c:ec:15:1e:
f8:40:67:68:25:c2:35:12:d4:b7:3f:c7:c9:bb:7a:
44:dc:02:bd:1c:d8:f9:a5:3f:0d:65:05:f3:7e:f5:
61:16:32:22:d2:19:6e:ea:ba:95:d9:ae:c5:e7:0a:
d7:a7:cb:60:5a:77:d4:df:7d:a6:2d:d6:bc:6a:9a:
03:05:01:b4:f2:55:34:8a:c1:f2:4c:03:4d:7a:3d:
64:66:9c:b2:9c:34:ff:ce:f4:c8:9d:b1:48:26:81:
e8:8f:89:28:c7:94:bb:4e:53:f1:9f:e5:10:05:17:
7b:12:29:e0:f9:40:d7:33:78:58:80:d3:b7:aa:89:
a0:6e:d5:00:54:19:e6:4f:5f:4d:3e:1a:20:05:84:
9b:76:f5:de:7b:01:5d:4f:53:b4:df:a3:c6:74:22:
68:90:e7:30:d8:84:90:58:69:71:c7:81:2b:3a:53:
63:b1:56:31:0e:8b:b8:49:7d:2b:53:96:33:9a:20:
c5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:67:11:90:A2:9F:06:38:65:44:D3:BF:5D:F4:A0:2C:7C:FB:96:0F
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Y2cRkKKfBjhlRNO_XfSgLHz7lg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:2f:6a:54:48:a5:15:d2:ab:3b:5e:38:32:de:7f:6b:c4:21:
99:cf:4b:b9:1a:52:c0:04:31:73:5a:1a:81:d8:8b:94:7e:75:
c4:01:da:e9:cb:4b:d7:9a:a4:17:56:b2:99:bf:68:81:0e:aa:
51:d5:ed:7f:3b:e1:ae:e1:be:a2:d1:e8:4d:54:e5:fd:9d:18:
ab:12:b3:33:ee:76:25:32:c1:82:39:39:80:c4:81:60:a0:c0:
b6:64:40:c1:b2:31:e0:5d:2d:3d:e2:81:8d:f5:cd:89:b5:f7:
f0:c9:a7:3f:5a:4c:b9:a5:d5:7f:0d:d1:e1:f7:27:19:ee:41:
20:af:09:44:4e:91:ab:b7:5d:f5:d2:b2:e5:75:4d:ee:40:41:
f6:fe:02:04:16:82:71:13:14:d4:ef:9a:37:b4:42:1c:68:8d:
2d:82:ac:d0:0b:d1:80:6f:59:12:d9:5b:48:ea:a9:5e:0d:98:
a2:66:0e:e5:a0:0f:26:87:88:81:47:9f:b6:31:b1:5b:ed:c9:
49:a6:10:20:ff:52:3c:65:50:ab:7a:18:20:66:ba:91:77:28:
86:88:69:44:0d:28:3c:6e:1a:8f:a0:a0:d7:b2:4a:5f:4d:1c:
ed:f9:86:30:fd:4a:09:77:58:61:5b:e4:a6:00:2a:3e:a6:45:
18:44:e7:78
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZUYmNCX+lbDKBr3WNc5HBOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwMjE4MTAyNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzY3MTE5MGEyOWYwNjM4NjU0NGQzYmY1ZGY0YTAyYzdjZmI5NjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOTJOztGJBAYZ/Wj8u73w2s8WeZD
DcC8SCh9VbvdDYj/CvHhoE42L7yNOnHqTpu1hEBavH+iRzNv/2RgO5qNGkMCqtBC
QSzsFR74QGdoJcI1EtS3P8fJu3pE3AK9HNj5pT8NZQXzfvVhFjIi0hlu6rqV2a7F
5wrXp8tgWnfU332mLda8apoDBQG08lU0isHyTANNej1kZpyynDT/zvTInbFIJoHo
j4kox5S7TlPxn+UQBRd7Eing+UDXM3hYgNO3qomgbtUAVBnmT19NPhogBYSbdvXe
ewFdT1O036PGdCJokOcw2ISQWGlxx4ErOlNjsVYxDou4SX0rU5YzmiDFOwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGNnEZCinwY4ZUTTv130oCx8+5YPMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvWTJjUmtLS2ZCamhsUk5PX1hmU2dMSHo3bGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAAQvalRIpRXSqzteODLef2vEIZnPS7kaUsAEMXNaGoHY
i5R+dcQB2unLS9eapBdWspm/aIEOqlHV7X874a7hvqLR6E1U5f2dGKsSszPudiUy
wYI5OYDEgWCgwLZkQMGyMeBdLT3igY31zYm19/DJpz9aTLml1X8N0eH3JxnuQSCv
CUROkau3XfXSsuV1Te5AQfb+AgQWgnETFNTvmje0QhxojS2CrNAL0YBvWRLZW0jq
qV4NmKJmDuWgDyaHiIFHn7YxsVvtyUmmECD/UjxlUKt6GCBmupF3KIaIaUQNKDxu
Go+goNeySl9NHO35hjD9Sgl3WGFb5KYAKj6mRRhE53g=
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:21:09 2025 by rpki-client