Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/ffAI0VmqF06-hl6MdbWcLu-rsvM.roa
File: ffAI0VmqF06-hl6MdbWcLu-rsvM.roa (raw, json)
Hash identifier: kKWQyTpSNnE8TNhfCO/1QpyAJlcF/yWr495Ql54x7zk=
Subject key identifier: 7D:F0:08:D1:59:AA:17:4E:BE:86:5E:8C:75:B5:9C:2E:EF:AB:B2:F3
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0194DFD0912D788337CCB3BD61A9DE287DBC
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/ffAI0VmqF06-hl6MdbWcLu-rsvM.roa
Signing time: Fri 07 Feb 2025 09:49:35 +0000
ROA not before: Fri 07 Feb 2025 09:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.6.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.8.0/24 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.25.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.63.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.79.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.84.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.98.0/24 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
Validation: Failed, certificate revoked on Tue 18 Feb 2025 10:27:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:d0:91:2d:78:83:37:cc:b3:bd:61:a9:de:28:7d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Feb 7 09:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7df008d159aa174ebe865e8c75b59c2eefabb2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5c:65:67:52:78:1d:bc:9e:28:5d:fc:f3:34:
90:4e:26:f8:76:f8:79:04:ec:49:ae:57:c8:f5:60:
70:71:cf:73:67:3c:03:0f:1f:42:88:c1:32:de:ae:
ee:1f:d8:b4:23:7c:67:41:23:8b:56:17:80:c9:f2:
2c:64:0e:83:1d:69:d6:f2:0d:38:df:58:c0:41:4e:
77:fc:18:7e:64:ab:30:81:31:ed:15:a7:f9:59:1b:
80:c9:5b:29:ae:fc:b3:82:00:f1:ec:2a:66:9b:28:
71:39:67:d6:1a:00:3f:08:6a:bf:6c:e1:b9:89:2c:
4a:4f:68:25:56:92:b2:a3:cf:a0:f8:5b:12:e6:51:
5a:aa:4f:67:df:df:f0:1e:34:b9:08:4f:b1:e7:72:
0a:dc:4f:08:a8:5a:b4:1d:9a:15:96:8a:ff:c6:a2:
97:63:95:1d:24:8d:ee:a6:81:ae:5f:87:7e:ed:a9:
a0:f1:78:81:0b:87:c6:37:8f:04:4f:78:13:1f:47:
9f:90:04:c1:ed:58:c2:49:14:4c:c1:02:a7:30:39:
68:fa:fa:64:3b:ec:0d:77:67:ec:3e:0c:83:0a:94:
3c:ce:13:7c:ee:74:ce:62:95:33:32:8b:17:a2:bc:
a3:fc:1e:2f:f6:96:17:1d:e3:eb:a7:89:2b:1f:fb:
36:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F0:08:D1:59:AA:17:4E:BE:86:5E:8C:75:B5:9C:2E:EF:AB:B2:F3
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/ffAI0VmqF06-hl6MdbWcLu-rsvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:62:23:9a:84:c3:be:34:bc:19:1b:61:25:50:b9:16:b4:c6:
e2:8a:61:21:7f:4a:0a:8e:d3:48:4f:62:32:64:02:48:8c:6b:
0a:b0:db:b4:5d:f1:84:d4:4d:e3:f1:80:6d:7b:88:58:cf:94:
fc:b8:57:7b:8b:b0:bd:fd:a6:b4:8b:4d:84:f8:47:f8:27:68:
b9:82:a4:56:0a:c9:62:dc:f0:d3:88:de:13:1f:9b:62:3e:13:
50:ae:df:58:ef:70:e5:33:bf:e8:db:f3:ae:61:40:76:2c:00:
72:09:ec:17:e4:56:b5:d8:3a:3e:7d:1d:69:75:62:87:8d:50:
b8:b2:f9:a7:aa:35:83:d2:72:15:48:5a:2b:1f:61:29:08:e4:
f0:75:03:da:16:80:11:33:ee:2a:9d:2b:fe:62:80:26:5e:ad:
59:8a:70:6e:ec:32:84:2f:e8:b2:ad:f6:41:4e:21:d5:5b:86:
dd:1c:4d:69:b7:13:13:94:71:6d:28:e2:46:99:36:19:46:20:
3b:b3:3d:ab:ea:13:d9:f9:cb:13:58:ed:12:89:6f:1f:9e:21:
41:fd:8e:83:13:9f:e0:ea:a9:64:41:66:5a:c7:f8:78:a7:85:
30:ec:e5:02:16:78:3d:3c:77:2c:a5:3a:b9:5b:a4:12:2f:58:
a4:f7:08:86
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZTf0JEteIM3zLO9YaneKH28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwMjA3MDk0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGYwMDhkMTU5YWExNzRlYmU4NjVlOGM3NWI1OWMyZWVmYWJiMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1xlZ1J4HbyeKF388zSQTib4dvh5
BOxJrlfI9WBwcc9zZzwDDx9CiMEy3q7uH9i0I3xnQSOLVheAyfIsZA6DHWnW8g04
31jAQU53/Bh+ZKswgTHtFaf5WRuAyVsprvyzggDx7CpmmyhxOWfWGgA/CGq/bOG5
iSxKT2glVpKyo8+g+FsS5lFaqk9n39/wHjS5CE+x53IK3E8IqFq0HZoVlor/xqKX
Y5UdJI3upoGuX4d+7amg8XiBC4fGN48ET3gTH0efkATB7VjCSRRMwQKnMDlo+vpk
O+wNd2fsPgyDCpQ8zhN87nTOYpUzMosXoryj/B4v9pYXHePrp4krH/s2HQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFH3wCNFZqhdOvoZejHW1nC7vq7LzMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvZmZBSTBWbXFGMDYtaGw2TWRiV2NMdS1yc3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAHxiI5qEw740vBkbYSVQuRa0xuKKYSF/SgqO00hPYjJk
AkiMawqw27Rd8YTUTePxgG17iFjPlPy4V3uLsL39prSLTYT4R/gnaLmCpFYKyWLc
8NOI3hMfm2I+E1Cu31jvcOUzv+jb865hQHYsAHIJ7BfkVrXYOj59HWl1YoeNULiy
+aeqNYPSchVIWisfYSkI5PB1A9oWgBEz7iqdK/5igCZerVmKcG7sMoQv6LKt9kFO
IdVbht0cTWm3ExOUcW0o4kaZNhlGIDuzPavqE9n5yxNY7RKJbx+eIUH9joMTn+Dq
qWRBZlrH+HinhTDs5QIWeD08dyylOrlbpBIvWKT3CIY=
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:23:27 2025 by rpki-client