Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/YRhHfjOVDBggX7UfMxsCKF1vV6A.roa
File: YRhHfjOVDBggX7UfMxsCKF1vV6A.roa (raw, json)
Hash identifier: VVd864HT6DF+B6Hg3K6LRpLqYNV8faeNUfdf+mh8WO4=
Subject key identifier: 61:18:47:7E:33:95:0C:18:20:5F:B5:1F:33:1B:02:28:5D:6F:57:A0
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 018CC94E4C1CFEC4C50C8510C16D4791AEA9
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/YRhHfjOVDBggX7UfMxsCKF1vV6A.roa
Signing time: Tue 02 Jan 2024 08:33:20 +0000
ROA not before: Tue 02 Jan 2024 08:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 09:08:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4c:1c:fe:c4:c5:0c:85:10:c1:6d:47:91:ae:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Jan 2 08:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6118477e33950c18205fb51f331b02285d6f57a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c2:06:d2:ae:de:3d:9b:81:39:ff:ec:56:ce:
13:d3:73:20:9a:f3:21:57:2c:82:22:b1:5e:de:dd:
85:f2:01:f0:bb:54:fc:03:0b:50:3b:08:2d:24:5a:
45:6a:0d:f5:a5:6b:5c:64:ba:80:4b:68:79:79:e4:
e2:7b:4c:4b:f6:82:c4:cb:88:32:f8:d4:46:c9:a5:
24:3c:44:19:94:0a:8c:01:2c:fb:36:58:a7:3f:91:
b2:c3:e5:02:0c:b5:44:0a:2c:e6:7b:ac:5d:69:4b:
54:bc:25:e5:29:2d:73:cf:bc:1a:48:3d:01:a4:27:
f0:3d:bf:1f:ef:98:d9:88:76:a4:6b:4f:4c:58:20:
97:b1:86:d8:09:9b:d8:b8:53:07:a2:2b:4c:0e:21:
bc:fc:48:0c:a3:5a:a4:7a:18:3e:7d:7e:8d:fd:20:
b3:57:77:42:32:56:68:48:65:0e:54:5e:33:2c:4f:
4a:be:cc:1f:2a:fd:bc:9b:0b:f2:27:4c:99:c5:ed:
d0:9b:4c:cf:30:5a:98:24:77:80:22:e0:2d:0f:61:
7c:41:e7:22:fe:07:8e:67:d7:dd:43:4c:8d:4e:b4:
bb:c4:41:7e:bc:7e:36:ee:3c:b2:4c:ec:2d:60:d7:
55:fb:0c:0f:7f:a1:18:86:29:4d:8b:6f:a4:da:05:
76:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:18:47:7E:33:95:0C:18:20:5F:B5:1F:33:1B:02:28:5D:6F:57:A0
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/YRhHfjOVDBggX7UfMxsCKF1vV6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:b8:73:b1:1b:33:4a:0b:3c:9b:e4:26:e7:d3:c0:9a:88:0b:
85:ee:14:d2:b7:59:17:24:e5:62:32:5d:56:37:6b:7b:6f:41:
a4:fa:fa:5f:0c:a2:81:91:d8:eb:2b:3d:99:32:01:07:8f:de:
7b:af:49:3a:a2:a2:69:dd:3c:24:f5:66:df:3b:4d:ea:89:c6:
23:db:de:08:ae:f8:32:e0:1f:23:9b:04:65:00:18:df:37:92:
a3:67:1c:cb:98:ab:a3:1d:27:7c:e8:7a:3d:46:f4:b3:de:89:
c1:c8:57:bd:31:55:0c:d2:4e:23:bf:c5:49:20:e6:53:f1:5b:
11:aa:c9:66:08:af:8b:70:ad:b5:f8:2d:aa:72:49:41:a9:67:
9f:80:2b:e4:65:a9:04:5d:65:fc:aa:77:93:dd:9d:06:9f:75:
d1:4e:eb:c7:bb:b0:d3:f9:f8:0a:f1:ca:9a:c7:e4:df:46:18:
e0:25:4b:20:f4:56:0a:fd:5d:fb:ee:9c:ea:e0:4c:45:13:de:
db:a6:9d:7a:3d:ab:c2:a1:70:31:73:68:a5:3e:e6:13:24:ee:
6e:42:d9:ce:24:55:47:e2:41:ff:3f:da:e0:68:75:e3:17:4f:
e6:38:cc:2b:03:3c:62:2c:32:67:2b:a9:58:97:ec:eb:2b:6d:
07:da:d5:dc
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzJTkwc/sTFDIUQwW1Hka6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwMTAyMDgzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTE4NDc3ZTMzOTUwYzE4MjA1ZmI1MWYzMzFiMDIyODVkNmY1N2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMIG0q7ePZuBOf/sVs4T03MgmvMh
VyyCIrFe3t2F8gHwu1T8AwtQOwgtJFpFag31pWtcZLqAS2h5eeTie0xL9oLEy4gy
+NRGyaUkPEQZlAqMASz7NlinP5Gyw+UCDLVECizme6xdaUtUvCXlKS1zz7waSD0B
pCfwPb8f75jZiHaka09MWCCXsYbYCZvYuFMHoitMDiG8/EgMo1qkehg+fX6N/SCz
V3dCMlZoSGUOVF4zLE9KvswfKv28mwvyJ0yZxe3Qm0zPMFqYJHeAIuAtD2F8Qeci
/geOZ9fdQ0yNTrS7xEF+vH427jyyTOwtYNdV+wwPf6EYhilNi2+k2gV2jwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGEYR34zlQwYIF+1HzMbAihdb1egMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvWVJoSGZqT1ZEQmdnWDdVZk14c0NLRjF2VjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAHS4c7EbM0oLPJvkJufTwJqIC4XuFNK3WRck5WIyXVY3
a3tvQaT6+l8MooGR2OsrPZkyAQeP3nuvSTqiomndPCT1Zt87TeqJxiPb3giu+DLg
HyObBGUAGN83kqNnHMuYq6MdJ3zoej1G9LPeicHIV70xVQzSTiO/xUkg5lPxWxGq
yWYIr4twrbX4LapySUGpZ5+AK+RlqQRdZfyqd5PdnQafddFO68e7sNP5+ArxyprH
5N9GGOAlSyD0Vgr9XfvunOrgTEUT3tumnXo9q8KhcDFzaKU+5hMk7m5C2c4kVUfi
Qf8/2uBodeMXT+Y4zCsDPGIsMmcrqViX7OsrbQfa1dw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:28 2024 by rpki-client on console-ams.rpki-client.org