Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/px0l9_SKUwUfIoYgJYZ0PfbfXnA.roa
File: px0l9_SKUwUfIoYgJYZ0PfbfXnA.roa (raw, json)
Hash identifier: aP+msWQQOp6yzqy1f3O2zdwSm8MnjDLoWl+FyKqtz4o=
Subject key identifier: A7:1D:25:F7:F4:8A:53:05:1F:22:86:20:25:86:74:3D:F6:DF:5E:70
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0190451BE60C31FA4FC92BE28360137BEC9D
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/px0l9_SKUwUfIoYgJYZ0PfbfXnA.roa
Signing time: Sun 23 Jun 2024 12:39:34 +0000
ROA not before: Sun 23 Jun 2024 12:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
152.53.44.0/22 maxlen: 24
152.53.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 11:21:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:45:1b:e6:0c:31:fa:4f:c9:2b:e2:83:60:13:7b:ec:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Jun 23 12:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a71d25f7f48a53051f2286202586743df6df5e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5b:d3:0d:a3:c6:9e:d8:49:48:4b:5d:34:a1:
70:62:5b:f8:87:09:47:98:9b:81:26:97:de:1d:a8:
96:94:78:13:d0:61:f4:6b:15:32:06:ad:1d:03:60:
69:5f:0a:c9:f6:35:e3:88:0c:0d:82:d6:7a:2b:60:
52:d7:31:8f:1e:d3:8b:87:72:ce:f2:a2:a9:51:3c:
7a:7d:1e:95:88:83:d5:9a:3f:7c:36:3f:48:b8:16:
99:ce:f9:40:a1:4f:72:0f:e0:f9:d2:f8:ec:1f:8e:
96:9f:7e:6d:05:ff:e6:5f:d6:96:b4:d1:da:42:cb:
f4:52:92:90:81:77:85:10:1f:53:53:e5:c6:38:e8:
92:e9:f4:3e:6c:04:07:e6:48:7b:44:cc:63:36:64:
1f:f0:8c:21:8a:16:43:f1:b6:83:a5:74:08:4d:18:
f2:d0:a7:cc:86:c4:60:4d:05:3a:6a:12:fc:5e:d1:
1c:74:30:f1:9f:c8:18:a7:31:98:df:ce:7c:4b:fe:
33:4a:ee:41:19:1d:86:44:02:a7:72:f1:eb:a6:30:
a8:e0:8a:d1:cb:23:61:71:3c:15:fd:bf:45:a8:f9:
c5:1c:c1:00:1e:96:7a:ce:c6:b2:ee:9c:15:db:cf:
71:66:44:dc:16:29:73:ed:40:fe:df:68:db:e1:b3:
e4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:1D:25:F7:F4:8A:53:05:1F:22:86:20:25:86:74:3D:F6:DF:5E:70
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/px0l9_SKUwUfIoYgJYZ0PfbfXnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:91:0f:bf:4d:ce:f5:c2:9e:0c:17:c8:49:88:5d:df:7d:e2:
a3:05:6a:5b:83:5e:5f:2a:9f:32:f0:5f:cc:71:f8:60:11:d7:
a7:a1:42:ae:50:99:3c:2b:27:c5:1e:1d:30:90:a9:3b:19:47:
85:f5:69:06:07:03:07:f8:69:6f:d6:14:f7:88:46:82:5e:99:
f4:25:c8:c0:1f:36:00:69:71:0a:99:4f:de:b2:21:b6:b7:16:
c4:1e:d9:5f:fb:78:8b:b7:4d:e6:c6:89:5a:c9:82:3d:26:7d:
af:0a:d4:ff:64:7f:7f:1f:5d:41:9c:55:71:c0:17:7d:8c:cd:
d8:f8:93:67:8c:ea:72:37:1e:d4:7f:51:89:74:f5:41:58:5a:
fa:c1:65:77:18:91:e8:7d:3a:57:f7:55:fa:46:f3:2f:19:e5:
ed:3b:04:24:7f:21:80:6a:50:97:ab:9d:95:cd:0f:bf:c5:d0:
17:01:cb:ca:6b:86:68:ea:48:9c:fe:8f:25:c2:7b:1c:a1:e8:
ad:8d:9e:02:c6:05:f0:4f:99:01:cd:42:4a:ee:82:52:b1:f3:
84:30:a0:8b:82:f1:8e:75:de:6e:bb:c0:81:9b:53:c1:03:fc:
9a:64:ab:4a:e2:47:08:8a:ea:75:06:da:b5:4d:03:02:0d:cb:
18:79:6f:66
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZBFG+YMMfpPySvig2ATe+ydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwNjIzMTIzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzFkMjVmN2Y0OGE1MzA1MWYyMjg2MjAyNTg2NzQzZGY2ZGY1ZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFvTDaPGnthJSEtdNKFwYlv4hwlH
mJuBJpfeHaiWlHgT0GH0axUyBq0dA2BpXwrJ9jXjiAwNgtZ6K2BS1zGPHtOLh3LO
8qKpUTx6fR6ViIPVmj98Nj9IuBaZzvlAoU9yD+D50vjsH46Wn35tBf/mX9aWtNHa
Qsv0UpKQgXeFEB9TU+XGOOiS6fQ+bAQH5kh7RMxjNmQf8IwhihZD8baDpXQITRjy
0KfMhsRgTQU6ahL8XtEcdDDxn8gYpzGY3858S/4zSu5BGR2GRAKncvHrpjCo4IrR
yyNhcTwV/b9FqPnFHMEAHpZ6zsay7pwV289xZkTcFilz7UD+32jb4bPkdQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKcdJff0ilMFHyKGICWGdD32315wMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvcHgwbDlfU0tVd1VmSW9ZZ0pZWjBQZmJmWG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAAuRD79NzvXCngwXyEmIXd994qMFaluDXl8qnzLwX8xx
+GAR16ehQq5QmTwrJ8UeHTCQqTsZR4X1aQYHAwf4aW/WFPeIRoJemfQlyMAfNgBp
cQqZT96yIba3FsQe2V/7eIu3TebGiVrJgj0mfa8K1P9kf38fXUGcVXHAF32Mzdj4
k2eM6nI3HtR/UYl09UFYWvrBZXcYkeh9Olf3VfpG8y8Z5e07BCR/IYBqUJernZXN
D7/F0BcBy8prhmjqSJz+jyXCexyh6K2NngLGBfBPmQHNQkruglKx84QwoIuC8Y51
3m67wIGbU8ED/Jpkq0riRwiK6nUG2rVNAwINyxh5b2Y=
-----END CERTIFICATE-----
Generated at Mon Jul 1 13:01:25 2024 by rpki-client on console-fra.rpki-client.org