Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/vu8iugxDK2OY34BdJR3c1afhRhI.roa
File: vu8iugxDK2OY34BdJR3c1afhRhI.roa (raw, json)
Hash identifier: w9lqyyStq1Tsipnju9wbco4h6xgPzk4iWEyy0iRqE3I=
Subject key identifier: BE:EF:22:BA:0C:43:2B:63:98:DF:80:5D:25:1D:DC:D5:A7:E1:46:12
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 01925803109989E179B62FB9EDF21F7424E5
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/vu8iugxDK2OY34BdJR3c1afhRhI.roa
Signing time: Fri 04 Oct 2024 14:50:48 +0000
ROA not before: Fri 04 Oct 2024 14:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 18 Nov 2024 10:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:58:03:10:99:89:e1:79:b6:2f:b9:ed:f2:1f:74:24:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Oct 4 14:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=beef22ba0c432b6398df805d251ddcd5a7e14612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6c:98:82:3c:fe:67:7a:6a:0c:ae:e8:88:ee:
9c:13:0e:fb:64:ea:a7:9e:d6:b5:ce:15:65:6b:a0:
3a:34:bd:7c:c1:22:57:50:b9:85:8a:f9:62:e7:bd:
56:dc:d0:16:8f:4e:c2:bb:9f:49:12:7f:8a:10:75:
f3:57:37:ba:c5:e2:27:e5:14:9d:a5:10:9f:8a:98:
80:11:ab:e6:bb:57:80:35:eb:91:8a:2d:e8:30:ad:
6d:fd:e3:dd:46:d6:68:44:a4:d3:9e:b4:48:c8:3c:
26:4c:43:10:77:f3:0d:00:6d:bb:11:60:e3:55:44:
0a:7c:5c:d9:b3:8d:99:7f:a4:b2:b3:b7:9f:42:d5:
95:2c:5a:dd:c7:d3:b0:3c:ef:15:74:4a:ce:eb:39:
e3:89:5f:62:09:60:e0:c8:f3:fb:16:8f:68:6d:fe:
35:12:66:db:e2:ba:ed:bb:97:86:40:40:16:f2:72:
ab:c8:07:c2:96:a0:87:a7:96:94:97:0a:9a:c1:88:
fc:b4:c5:ae:9a:d6:0f:6c:cd:65:7a:45:62:2b:2f:
f3:93:13:af:34:a9:4a:d9:dc:53:80:dc:09:64:78:
74:f3:0c:6d:3b:5f:83:ef:d5:d4:6b:19:31:8c:6d:
c5:ed:74:2f:ba:52:8e:7e:74:47:45:9c:d2:b6:6b:
f5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:EF:22:BA:0C:43:2B:63:98:DF:80:5D:25:1D:DC:D5:A7:E1:46:12
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/vu8iugxDK2OY34BdJR3c1afhRhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:7a:ad:73:96:59:99:a3:55:fa:bb:ae:48:18:0b:90:6e:c4:
6f:9b:a6:5e:8f:24:95:ad:f2:91:59:62:17:e5:63:7c:2e:da:
81:f4:12:9a:f1:f4:25:b7:9a:9d:2d:40:77:8e:53:36:0a:fa:
56:78:de:76:c7:63:4e:b2:e3:5f:c1:35:90:a1:05:0f:c8:bb:
5a:6f:ed:b9:71:92:86:a3:f9:4b:11:aa:d7:8b:62:eb:7c:59:
d3:8e:de:30:c9:2c:ac:87:7f:30:8d:ec:45:21:bd:81:81:50:
b4:80:1c:2b:8c:c9:3c:70:14:60:3f:0d:b2:7a:0d:93:a4:f7:
24:f1:66:31:8a:9c:2b:84:b6:ae:ba:44:a0:2c:18:82:8f:e6:
23:a8:02:cb:4c:d5:ec:03:6d:d8:55:7d:a7:aa:4b:d6:17:ef:
d7:35:4d:9b:eb:51:83:de:cb:0e:cf:6d:1c:6a:bc:41:25:2e:
03:27:3c:71:e7:c0:85:f8:75:75:b9:e6:31:f1:59:4d:00:72:
1b:e1:b3:74:dc:a8:64:d1:e2:60:b3:3a:b6:85:36:16:47:7b:
83:f5:32:e0:6c:0c:b9:c7:79:8a:53:1a:13:9e:24:a8:a9:a2:
7f:a4:08:ca:9f:06:0a:53:96:a6:0d:2c:c6:8a:46:46:56:f7:
18:6d:c6:d0
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZJYAxCZieF5ti+57fIfdCTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQxMDA0MTQ1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWVmMjJiYTBjNDMyYjYzOThkZjgwNWQyNTFkZGNkNWE3ZTE0NjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2yYgjz+Z3pqDK7oiO6cEw77ZOqn
nta1zhVla6A6NL18wSJXULmFivli571W3NAWj07Cu59JEn+KEHXzVze6xeIn5RSd
pRCfipiAEavmu1eANeuRii3oMK1t/ePdRtZoRKTTnrRIyDwmTEMQd/MNAG27EWDj
VUQKfFzZs42Zf6Sys7efQtWVLFrdx9OwPO8VdErO6znjiV9iCWDgyPP7Fo9obf41
Embb4rrtu5eGQEAW8nKryAfClqCHp5aUlwqawYj8tMWumtYPbM1lekViKy/zkxOv
NKlK2dxTgNwJZHh08wxtO1+D79XUaxkxjG3F7XQvulKOfnRHRZzStmv1pQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFL7vIroMQytjmN+AXSUd3NWn4UYSMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvdnU4aXVneERLMk9ZMzRCZEpSM2MxYWZoUmhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBALd6rXOWWZmjVfq7rkgYC5BuxG+bpl6PJJWt8pFZYhfl
Y3wu2oH0Eprx9CW3mp0tQHeOUzYK+lZ43nbHY06y41/BNZChBQ/Iu1pv7blxkoaj
+UsRqteLYut8WdOO3jDJLKyHfzCN7EUhvYGBULSAHCuMyTxwFGA/DbJ6DZOk9yTx
ZjGKnCuEtq66RKAsGIKP5iOoAstM1ewDbdhVfaeqS9YX79c1TZvrUYPeyw7PbRxq
vEElLgMnPHHnwIX4dXW55jHxWU0Achvhs3TcqGTR4mCzOraFNhZHe4P1MuBsDLnH
eYpTGhOeJKipon+kCMqfBgpTlqYNLMaKRkZW9xhtxtA=
-----END CERTIFICATE-----
Generated at Mon Nov 18 13:32:29 2024 by rpki-client on console-ams.rpki-client.org