Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/_AGGJxZlRCeKt2jsLkcRt2HbvZI.roa
File: _AGGJxZlRCeKt2jsLkcRt2HbvZI.roa (raw, json)
Hash identifier: 3q6Qbfva7Iqp5uyQS7oaAmp+YJu5XT5M110IZSmaOhM=
Subject key identifier: FC:01:86:27:16:65:44:27:8A:B7:68:EC:2E:47:11:B7:61:DB:BD:92
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0191B6AD656E642819950D32AEFDEC5E535C
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/_AGGJxZlRCeKt2jsLkcRt2HbvZI.roa
Signing time: Tue 03 Sep 2024 06:58:22 +0000
ROA not before: Tue 03 Sep 2024 06:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 24 Sep 2024 12:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:ad:65:6e:64:28:19:95:0d:32:ae:fd:ec:5e:53:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Sep 3 06:58:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc018627166544278ab768ec2e4711b761dbbd92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2c:f5:5f:b5:fe:ce:4e:e6:f5:40:4f:57:a0:
4a:63:ad:f4:b4:d3:ab:d7:ae:2b:95:14:ce:80:5f:
38:81:f3:7b:9e:c6:4e:07:3b:c1:03:a6:49:b6:65:
05:b1:81:be:0b:4c:73:f5:9a:eb:6b:39:81:ca:9d:
53:8c:fe:24:ac:3d:75:49:1a:66:2a:bc:4e:0c:c4:
d8:8c:88:4f:7a:e1:d0:75:e8:05:94:54:bc:5f:04:
b4:9e:d6:c9:48:b6:59:d0:3e:c9:80:36:24:31:d1:
e6:2b:94:9b:81:5b:46:59:d2:37:76:85:dd:98:e9:
82:b1:cf:17:9a:48:1f:65:22:60:a1:cf:62:03:85:
48:b6:66:31:8c:4c:85:47:28:a2:c4:e2:60:56:85:
a9:1b:14:12:3e:49:96:ef:02:7c:16:2f:ac:1b:a1:
c0:9b:36:93:7b:55:85:85:0a:05:db:65:d6:0d:6e:
66:b9:42:aa:52:cb:89:e0:80:f6:36:9e:a7:c1:fc:
d9:cc:4e:52:48:f5:da:64:8c:c6:c6:0c:09:ba:68:
e3:08:8c:dc:5d:b9:43:d0:ab:19:08:a4:bf:d2:5b:
1c:56:e2:25:15:01:b0:d8:f7:fa:6f:5d:5e:76:0e:
37:92:e7:13:db:2b:ef:7d:e9:61:90:6d:f3:79:f8:
5b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:01:86:27:16:65:44:27:8A:B7:68:EC:2E:47:11:B7:61:DB:BD:92
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/_AGGJxZlRCeKt2jsLkcRt2HbvZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:68:66:71:f6:96:bf:0f:3b:0c:ec:4e:66:83:cc:a3:d6:72:
b9:fc:88:2a:a6:3c:9b:3d:bb:f8:d4:60:9c:3d:e9:76:96:bc:
69:86:53:df:4d:cf:04:7a:6d:68:b9:a5:fb:a1:ce:b5:bf:5b:
5a:7a:c6:85:08:6d:3a:9c:e9:ae:d1:fb:67:75:9c:22:db:74:
e7:a5:0d:84:91:72:29:b2:95:79:c6:f8:65:aa:f6:bf:0a:22:
22:10:64:3d:aa:f0:0f:ab:c6:86:f6:01:f2:15:29:ca:e0:3e:
aa:85:cc:0c:d5:57:43:84:8f:db:5a:43:a8:28:ff:32:b7:36:
3f:b4:4c:44:1c:11:c0:e1:b5:28:8b:99:ef:0f:23:3a:39:da:
00:c1:29:46:59:7a:6a:4c:8a:45:09:52:64:d9:16:67:16:32:
85:e2:90:fd:f8:7c:01:8d:52:de:aa:ed:44:71:21:10:61:4b:
d4:f2:45:12:dd:3a:82:73:8a:07:ad:bd:c3:96:70:fb:82:e7:
93:07:40:91:9b:f5:21:b1:ef:da:4f:74:59:b9:da:71:35:f5:
97:12:d0:00:70:2e:26:b5:44:d0:27:0d:06:81:57:38:1b:8b:
dd:b6:02:e1:09:8d:63:e9:ee:08:58:92:5e:39:d7:85:5b:d0:
4c:b9:de:20
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZG2rWVuZCgZlQ0yrv3sXlNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwOTAzMDY1ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzAxODYyNzE2NjU0NDI3OGFiNzY4ZWMyZTQ3MTFiNzYxZGJiZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiz1X7X+zk7m9UBPV6BKY630tNOr
164rlRTOgF84gfN7nsZOBzvBA6ZJtmUFsYG+C0xz9ZrrazmByp1TjP4krD11SRpm
KrxODMTYjIhPeuHQdegFlFS8XwS0ntbJSLZZ0D7JgDYkMdHmK5SbgVtGWdI3doXd
mOmCsc8XmkgfZSJgoc9iA4VItmYxjEyFRyiixOJgVoWpGxQSPkmW7wJ8Fi+sG6HA
mzaTe1WFhQoF22XWDW5muUKqUsuJ4ID2Np6nwfzZzE5SSPXaZIzGxgwJumjjCIzc
XblD0KsZCKS/0lscVuIlFQGw2Pf6b11edg43kucT2yvvfelhkG3zefhbVwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFPwBhicWZUQnirdo7C5HEbdh272SMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvX0FHR0p4WmxSQ2VLdDJqc0xrY1J0MkhidlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAFVoZnH2lr8POwzsTmaDzKPWcrn8iCqmPJs9u/jUYJw9
6XaWvGmGU99NzwR6bWi5pfuhzrW/W1p6xoUIbTqc6a7R+2d1nCLbdOelDYSRcimy
lXnG+GWq9r8KIiIQZD2q8A+rxob2AfIVKcrgPqqFzAzVV0OEj9taQ6go/zK3Nj+0
TEQcEcDhtSiLme8PIzo52gDBKUZZempMikUJUmTZFmcWMoXikP34fAGNUt6q7URx
IRBhS9TyRRLdOoJzigetvcOWcPuC55MHQJGb9SGx79pPdFm52nE19ZcS0ABwLia1
RNAnDQaBVzgbi922AuEJjWPp7ghYkl4514Vb0Ey53iA=
-----END CERTIFICATE-----
Generated at Tue Sep 24 14:45:34 2024 by rpki-client on console-fra.rpki-client.org