Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/bYHVWBsDg7ca7d9VPNBthTx0UOY.roa
File: bYHVWBsDg7ca7d9VPNBthTx0UOY.roa (raw, json)
Hash identifier: 9TDZXutqvGTze3JjqlRf2YwRSgp/LoJwzlEU83kNxCk=
Subject key identifier: 6D:81:D5:58:1B:03:83:B7:1A:ED:DF:55:3C:D0:6D:85:3C:74:50:E6
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 01906E071DDAB3D5334CAFB65A1CF972B550
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/bYHVWBsDg7ca7d9VPNBthTx0UOY.roa
Signing time: Mon 01 Jul 2024 11:21:18 +0000
ROA not before: Mon 01 Jul 2024 11:21:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Aug 2024 12:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:07:1d:da:b3:d5:33:4c:af:b6:5a:1c:f9:72:b5:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Jul 1 11:21:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d81d5581b0383b71aeddf553cd06d853c7450e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b7:8e:b1:72:ac:ca:a5:54:70:45:ea:a8:8e:
ff:64:4a:c4:af:37:50:36:2c:fe:53:ee:21:4a:a9:
76:c0:0f:ae:c2:a9:71:11:53:f7:f0:dc:5b:e7:d6:
65:bc:a8:65:06:52:db:a8:d7:ba:12:f1:83:b6:0a:
8a:99:3d:02:06:4c:da:0f:30:b0:33:9d:75:1f:28:
7e:bd:c0:d1:b9:ab:83:be:c4:b3:d5:8b:9b:92:1d:
e6:93:12:77:19:2f:fd:c0:db:e5:64:35:c2:a7:b9:
af:3e:e4:79:59:67:52:20:a0:5f:99:d9:78:06:d2:
39:61:80:e9:53:68:9a:97:d3:be:e7:23:f2:3d:94:
d5:fa:96:3a:d8:6c:18:ce:f6:4c:52:c9:f2:6a:c2:
66:ad:cf:8a:c0:5d:9f:5d:06:7f:78:e1:a6:cb:cc:
50:9a:95:cf:fc:27:00:51:a6:9c:f0:94:6a:36:9a:
b6:08:c9:e5:b5:38:16:c4:69:ee:9b:24:e6:d5:81:
ed:de:c2:e6:ee:53:c0:fe:47:ad:b4:c6:ab:01:18:
bc:56:29:dd:8a:ec:fb:cc:02:47:e0:05:61:b6:ae:
24:16:bf:64:30:80:b7:47:e3:58:26:b7:1e:f8:76:
82:ea:f3:ef:dc:f8:31:c9:c9:da:a3:54:c4:13:cd:
df:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:81:D5:58:1B:03:83:B7:1A:ED:DF:55:3C:D0:6D:85:3C:74:50:E6
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/bYHVWBsDg7ca7d9VPNBthTx0UOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:ac:39:59:e9:20:37:8e:34:1e:d6:f8:d4:b2:5b:80:c3:d4:
7d:e7:1b:e9:fc:de:72:fb:dd:d4:3c:d1:18:19:ed:db:da:2c:
23:4f:a3:e1:b1:32:b4:7e:e7:bf:b1:60:00:7e:f5:c3:bd:69:
d4:cc:de:cc:14:5d:15:81:a2:6a:7b:96:44:67:82:97:fb:58:
c3:d9:0b:5f:d3:21:c0:66:ad:f8:fa:50:e7:fa:65:55:be:65:
54:2e:ed:cd:31:14:a5:a9:dd:a0:4a:43:94:37:15:03:66:86:
db:73:0c:7d:50:52:79:b3:61:24:0f:6d:ea:b3:64:5b:84:95:
30:71:ac:c5:cd:d2:5b:39:cc:95:11:94:bb:7e:1b:b6:ff:ed:
41:5f:0c:36:c0:9c:48:c9:f0:e7:0c:cf:73:fe:d4:94:05:99:
86:63:b1:3b:b7:03:8a:82:24:f0:b9:a1:9f:37:4a:4e:e6:0b:
3c:00:cc:20:c8:fd:8f:67:62:5e:1a:2a:82:12:42:b3:15:0a:
29:5b:40:86:90:e6:e9:e7:da:8e:9e:2d:c6:fc:4f:ee:d8:dd:
a3:47:93:24:b8:2e:ad:71:44:aa:63:13:e4:3c:36:dc:b7:d3:
7a:b7:26:74:cd:1e:3f:c3:2b:4b:53:9b:cf:11:78:5b:6a:31:
43:a8:2e:93
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZBuBx3as9UzTK+2Whz5crVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwNzAxMTEyMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDgxZDU1ODFiMDM4M2I3MWFlZGRmNTUzY2QwNmQ4NTNjNzQ1MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7eOsXKsyqVUcEXqqI7/ZErErzdQ
Niz+U+4hSql2wA+uwqlxEVP38Nxb59ZlvKhlBlLbqNe6EvGDtgqKmT0CBkzaDzCw
M511Hyh+vcDRuauDvsSz1Yubkh3mkxJ3GS/9wNvlZDXCp7mvPuR5WWdSIKBfmdl4
BtI5YYDpU2ial9O+5yPyPZTV+pY62GwYzvZMUsnyasJmrc+KwF2fXQZ/eOGmy8xQ
mpXP/CcAUaac8JRqNpq2CMnltTgWxGnumyTm1YHt3sLm7lPA/kettMarARi8Vind
iuz7zAJH4AVhtq4kFr9kMIC3R+NYJrce+HaC6vPv3Pgxycnao1TEE83f9wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFG2B1VgbA4O3Gu3fVTzQbYU8dFDmMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvYllIVldCc0RnN2NhN2Q5VlBOQnRoVHgwVU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAK6sOVnpIDeONB7W+NSyW4DD1H3nG+n83nL73dQ80RgZ
7dvaLCNPo+GxMrR+57+xYAB+9cO9adTM3swUXRWBomp7lkRngpf7WMPZC1/TIcBm
rfj6UOf6ZVW+ZVQu7c0xFKWp3aBKQ5Q3FQNmhttzDH1QUnmzYSQPbeqzZFuElTBx
rMXN0ls5zJURlLt+G7b/7UFfDDbAnEjJ8OcMz3P+1JQFmYZjsTu3A4qCJPC5oZ83
Sk7mCzwAzCDI/Y9nYl4aKoISQrMVCilbQIaQ5unn2o6eLcb8T+7Y3aNHkyS4Lq1x
RKpjE+Q8Nty303q3JnTNHj/DK0tTm88ReFtqMUOoLpM=
-----END CERTIFICATE-----
Generated at Fri Aug 23 17:38:59 2024 by rpki-client on console-fra.rpki-client.org