Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/jTgPM5jJ_Y575KjwViaQUDXA-jc.roa
File: jTgPM5jJ_Y575KjwViaQUDXA-jc.roa (raw, json)
Hash identifier: wcYh4tA9Pv9XkZ45I/CVQKjJ5UE8fNQ/SK1jwRy5lAY=
Subject key identifier: 8D:38:0F:33:98:C9:FD:8E:7B:E4:A8:F0:56:26:90:50:35:C0:FA:37
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0190451BE57524D59ED14FB73EFC0321B61F
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/jTgPM5jJ_Y575KjwViaQUDXA-jc.roa
Signing time: Sun 23 Jun 2024 12:39:34 +0000
ROA not before: Sun 23 Jun 2024 12:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 11:21:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:45:1b:e5:75:24:d5:9e:d1:4f:b7:3e:fc:03:21:b6:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Jun 23 12:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d380f3398c9fd8e7be4a8f05626905035c0fa37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:06:92:11:dd:cf:8b:ca:20:e6:35:c6:de:62:
2f:a0:78:71:c1:01:00:d8:48:eb:88:2f:a0:f3:12:
94:b3:30:88:18:8d:91:31:5b:f2:de:18:18:ef:9b:
ad:a3:cc:c6:b2:c9:9c:04:a0:cb:42:56:f5:e0:40:
41:86:2a:11:c5:62:8f:c5:16:84:a1:0c:ca:fe:ae:
63:f8:0b:16:27:4e:8c:c6:dd:f2:a7:84:19:9f:aa:
e7:1a:1b:93:53:a6:a8:1a:4e:6b:e9:95:65:12:8f:
a7:fe:ae:5f:0d:1e:10:72:e0:53:85:3d:df:75:65:
0d:3a:d3:64:33:06:46:5e:8c:0d:e4:48:b6:f9:5b:
aa:01:f7:bb:c8:29:7e:6c:c6:dc:9c:f1:ef:f8:0a:
c3:b4:eb:1c:f9:da:89:56:2a:cb:2d:98:98:45:b6:
c3:66:4d:06:c0:c1:57:f2:bc:da:52:b8:37:9b:02:
c1:14:d5:a6:31:9b:50:34:0c:3d:cb:73:93:2b:29:
82:a8:52:85:dc:36:08:c0:70:34:0c:39:9d:fb:6a:
35:31:53:a7:02:82:b9:ff:7e:39:b1:43:da:05:fb:
9c:b4:29:36:7d:05:48:b3:6b:05:ed:7c:9a:e7:29:
29:be:73:b3:48:c2:3f:40:f4:a0:b7:18:db:49:5d:
77:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:38:0F:33:98:C9:FD:8E:7B:E4:A8:F0:56:26:90:50:35:C0:FA:37
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/jTgPM5jJ_Y575KjwViaQUDXA-jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:c9:80:f3:96:63:5c:bf:c1:1d:2c:05:7d:ef:b1:5f:de:1e:
4e:6f:a1:1f:b3:b1:4b:48:03:cf:07:bd:09:10:59:c3:c8:43:
68:fa:5d:7d:56:83:61:8d:d9:38:c5:b2:7a:73:a4:94:c5:ee:
47:d1:49:8e:02:22:69:82:aa:56:d8:67:bd:2f:7b:e0:73:f7:
a6:b5:f7:19:58:01:77:3b:a6:40:03:b4:29:3b:81:39:00:e9:
fe:19:ce:3a:25:72:19:1f:97:52:c2:ac:e4:8f:c8:4c:4b:3a:
2c:d1:23:4c:96:81:b8:10:2a:fb:28:d1:f4:7e:db:91:a3:3c:
98:9d:ae:94:94:ed:44:2b:67:dc:d0:fc:7e:bd:12:b8:4d:5f:
34:6a:36:64:80:90:e3:27:25:4a:74:ae:32:f2:ac:32:0f:22:
1f:ce:88:2b:e5:f6:c3:9b:f1:96:4f:45:36:3a:f0:29:d4:00:
72:ea:fb:e2:69:e9:90:88:38:97:b9:62:73:58:04:82:36:ef:
e5:48:f2:35:1d:69:24:57:59:09:c9:46:eb:3b:ed:be:16:58:
bc:53:aa:1a:e8:b1:2e:ad:e6:f4:6c:a5:cf:67:9f:58:21:a2:
57:49:ed:86:84:6a:81:84:8e:da:52:0b:67:46:fa:a8:40:d3:
0a:fc:d4:86
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZBFG+V1JNWe0U+3PvwDIbYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwNjIzMTIzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDM4MGYzMzk4YzlmZDhlN2JlNGE4ZjA1NjI2OTA1MDM1YzBmYTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2waSEd3Pi8og5jXG3mIvoHhxwQEA
2EjriC+g8xKUszCIGI2RMVvy3hgY75uto8zGssmcBKDLQlb14EBBhioRxWKPxRaE
oQzK/q5j+AsWJ06Mxt3yp4QZn6rnGhuTU6aoGk5r6ZVlEo+n/q5fDR4QcuBThT3f
dWUNOtNkMwZGXowN5Ei2+VuqAfe7yCl+bMbcnPHv+ArDtOsc+dqJVirLLZiYRbbD
Zk0GwMFX8rzaUrg3mwLBFNWmMZtQNAw9y3OTKymCqFKF3DYIwHA0DDmd+2o1MVOn
AoK5/345sUPaBfuctCk2fQVIs2sF7Xya5ykpvnOzSMI/QPSgtxjbSV13RwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFI04DzOYyf2Oe+So8FYmkFA1wPo3MB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvalRnUE01akpfWTU3NUtqd1ZpYVFVRFhBLWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAFvJgPOWY1y/wR0sBX3vsV/eHk5voR+zsUtIA88HvQkQ
WcPIQ2j6XX1Wg2GN2TjFsnpzpJTF7kfRSY4CImmCqlbYZ70ve+Bz96a19xlYAXc7
pkADtCk7gTkA6f4Zzjolchkfl1LCrOSPyExLOizRI0yWgbgQKvso0fR+25GjPJid
rpSU7UQrZ9zQ/H69ErhNXzRqNmSAkOMnJUp0rjLyrDIPIh/OiCvl9sOb8ZZPRTY6
8CnUAHLq++Jp6ZCIOJe5YnNYBII27+VI8jUdaSRXWQnJRus77b4WWLxTqhrosS6t
5vRspc9nn1gholdJ7YaEaoGEjtpSC2dG+qhA0wr81IY=
-----END CERTIFICATE-----
Generated at Mon Jul 1 13:01:25 2024 by rpki-client on console-fra.rpki-client.org