Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/q0D2U0vWjkpcxK6NnMpo_yMPKko.roa
File: q0D2U0vWjkpcxK6NnMpo_yMPKko.roa (raw, json)
Hash identifier: Oe5Y9XL/7c4drkaMsUj4jOiNqb0ZGg9chQU/pb4qK/I=
Subject key identifier: AB:40:F6:53:4B:D6:8E:4A:5C:C4:AE:8D:9C:CA:68:FF:23:0F:2A:4A
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 018BFBCD5C0061C6EA72C6EDF4865DBB7046
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/q0D2U0vWjkpcxK6NnMpo_yMPKko.roa
Signing time: Thu 23 Nov 2023 10:50:21 +0000
ROA not before: Thu 23 Nov 2023 10:50:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:cd:5c:00:61:c6:ea:72:c6:ed:f4:86:5d:bb:70:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Nov 23 10:50:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab40f6534bd68e4a5cc4ae8d9cca68ff230f2a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6d:5a:71:bd:de:96:af:25:00:ca:ca:e3:f6:
b5:4c:09:37:f9:bf:6b:23:98:af:21:3d:3c:59:93:
e1:18:b6:ce:e8:12:33:6c:7e:f9:67:8f:67:cd:8a:
05:f2:e9:11:12:bd:a7:14:8b:37:7e:5a:ed:53:ea:
c8:85:24:80:6a:5d:30:f4:e9:1a:6f:9f:e9:52:2a:
ee:31:6e:c5:bb:e3:6f:aa:35:16:70:20:f3:6b:94:
3b:c9:c7:6d:c7:b3:6c:01:bf:2c:33:a3:b7:d7:ff:
1c:3d:cc:f0:a4:08:6a:73:46:9e:9d:27:18:21:45:
a9:21:98:08:08:e0:2f:52:47:56:ed:81:bb:4a:6c:
a6:60:1e:a7:03:01:ce:1c:40:12:77:6c:c5:88:41:
2d:23:3b:68:5f:58:27:29:67:27:a7:18:6f:5f:af:
c3:b6:1f:be:f7:7b:1c:95:a1:c6:be:2c:54:16:26:
37:54:c0:84:dd:3a:ce:5b:27:78:bf:66:e5:1d:be:
ee:d9:09:f5:78:1f:87:86:ad:b1:7b:2d:74:81:0b:
e9:38:d2:f7:d6:46:57:e6:44:45:80:4f:23:8c:65:
f0:a9:ac:d0:d1:36:24:bf:bd:74:88:e0:68:c8:9c:
30:e2:c4:0c:d2:40:d5:ab:ed:33:e7:b8:2b:59:3e:
21:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:40:F6:53:4B:D6:8E:4A:5C:C4:AE:8D:9C:CA:68:FF:23:0F:2A:4A
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/q0D2U0vWjkpcxK6NnMpo_yMPKko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ab:66:f0:89:ab:c7:0a:a2:d9:23:fc:55:25:0f:12:be:d1:e5:
f8:d1:d7:97:dc:4a:dc:02:bc:16:12:f3:ff:e5:cd:1a:72:6c:
51:cb:74:c5:5a:96:8a:03:4e:d4:bd:76:bf:de:21:ad:72:9c:
aa:42:00:e5:63:84:c8:0d:5b:83:20:b4:4f:0e:1b:1e:04:90:
91:7e:2d:d2:c7:1c:f0:48:3a:24:00:76:ed:64:01:b4:dd:22:
be:f4:e7:7b:42:93:1b:07:3b:e2:78:0b:18:6d:d6:67:ef:50:
ff:b9:06:02:8f:00:b0:9f:38:8b:47:1e:ab:ec:1d:b0:d7:40:
53:2a:08:eb:14:71:0e:9f:08:8c:07:6e:3a:c4:56:1d:cd:e7:
85:1c:a9:c9:87:61:78:64:31:01:8f:59:42:ff:f3:65:fb:5e:
25:ad:de:08:75:f8:00:60:24:5e:00:3e:1d:0f:48:15:da:d6:
0d:08:2e:15:55:ff:44:bf:62:e9:9c:0f:88:9e:2c:aa:21:a8:
fb:1b:3a:46:93:11:6a:4d:de:18:a4:2b:4d:f7:ed:e2:4b:5d:
6a:24:a9:3f:ad:05:14:12:dd:10:53:f5:16:70:c5:ab:3d:bb:
98:3c:35:f0:df:38:bf:9d:bd:bf:fb:bc:6b:34:e3:68:82:b7:
f6:64:3d:4f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYv7zVwAYcbqcsbt9IZdu3BGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjMxMTIzMTA1MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjQwZjY1MzRiZDY4ZTRhNWNjNGFlOGQ5Y2NhNjhmZjIzMGYyYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG1acb3elq8lAMrK4/a1TAk3+b9r
I5ivIT08WZPhGLbO6BIzbH75Z49nzYoF8ukREr2nFIs3flrtU+rIhSSAal0w9Oka
b5/pUiruMW7Fu+NvqjUWcCDza5Q7ycdtx7NsAb8sM6O31/8cPczwpAhqc0aenScY
IUWpIZgICOAvUkdW7YG7SmymYB6nAwHOHEASd2zFiEEtIztoX1gnKWcnpxhvX6/D
th++93sclaHGvixUFiY3VMCE3TrOWyd4v2blHb7u2Qn1eB+Hhq2xey10gQvpONL3
1kZX5kRFgE8jjGXwqazQ0TYkv710iOBoyJww4sQM0kDVq+0z57grWT4hqwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKtA9lNL1o5KXMSujZzKaP8jDypKMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvcTBEMlUwdldqa3BjeEs2Tm5NcG9feU1QS2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAKtm8Imrxwqi2SP8VSUPEr7R5fjR15fcStwCvBYS8//l
zRpybFHLdMValooDTtS9dr/eIa1ynKpCAOVjhMgNW4MgtE8OGx4EkJF+LdLHHPBI
OiQAdu1kAbTdIr7053tCkxsHO+J4Cxht1mfvUP+5BgKPALCfOItHHqvsHbDXQFMq
COsUcQ6fCIwHbjrEVh3N54UcqcmHYXhkMQGPWUL/82X7XiWt3gh1+ABgJF4APh0P
SBXa1g0ILhVV/0S/YumcD4ieLKohqPsbOkaTEWpN3hikK0337eJLXWokqT+tBRQS
3RBT9RZwxas9u5g8NfDfOL+dvb/7vGs042iCt/ZkPU8=
-----END CERTIFICATE-----
Generated at Fri Nov 24 15:48:49 2023 by rpki-client on console-fra.rpki-client.org