Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/xOSKqbHAfMqarMutcjwlySFyQ4k.roa
File: xOSKqbHAfMqarMutcjwlySFyQ4k.roa (raw, json)
Hash identifier: gxrAWXhWPu+HpuCjAGN29QGa9bq7XBCeqyChNlhpATM=
Subject key identifier: C4:E4:8A:A9:B1:C0:7C:CA:9A:AC:CB:AD:72:3C:25:C9:21:72:43:89
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0195A852BE4D36843820F0C3A17BD059DDE3
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/xOSKqbHAfMqarMutcjwlySFyQ4k.roa
Signing time: Tue 18 Mar 2025 08:15:49 +0000
ROA not before: Tue 18 Mar 2025 08:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.6.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.8.0/24 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.25.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.63.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.79.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.84.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.98.0/24 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
152.53.240.0/22 maxlen: 22
152.53.244.0/22 maxlen: 22
152.53.248.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 18 Mar 2025 12:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:52:be:4d:36:84:38:20:f0:c3:a1:7b:d0:59:dd:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Mar 18 08:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4e48aa9b1c07cca9aaccbad723c25c921724389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b4:be:80:44:c5:20:8f:f8:1d:94:96:4a:13:
1b:63:48:74:e7:bb:28:4f:88:2b:69:2c:87:a8:af:
fd:18:ea:d6:8f:e0:9c:c2:40:3a:76:df:70:55:85:
fa:55:58:7d:fe:35:55:20:94:e0:07:9e:b9:e7:a1:
99:4f:ee:82:b3:20:59:0b:5a:32:44:22:8c:b5:e7:
51:70:20:b4:c2:39:c3:67:22:bf:12:46:fc:0b:b8:
d0:86:b1:f7:73:1b:c7:2b:72:ae:99:19:0b:d6:3b:
1b:a8:7f:9f:15:4f:8a:3a:13:1c:39:91:52:59:2f:
fd:41:c6:ed:e5:33:84:aa:0a:ba:75:34:f4:e8:69:
41:31:5b:a0:bb:f7:4d:59:c7:0f:2f:00:93:83:61:
a0:b1:ce:4a:ab:85:46:f4:29:e6:60:d6:07:98:5e:
61:96:72:2e:78:d6:41:bd:fd:7d:a5:bf:bb:0b:d3:
ff:56:ed:d1:d4:94:0c:ee:38:8f:45:f1:03:b4:d5:
80:f3:5d:3c:d7:4c:92:76:b4:0f:ea:2d:e7:bb:0e:
56:86:91:c2:3f:6f:71:e4:59:2d:4b:ea:f1:b9:be:
60:42:53:89:3e:ab:60:37:af:9c:6e:b7:c4:cf:86:
32:1e:59:9f:21:8f:b3:85:2d:21:23:94:f9:4b:7b:
9d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E4:8A:A9:B1:C0:7C:CA:9A:AC:CB:AD:72:3C:25:C9:21:72:43:89
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/xOSKqbHAfMqarMutcjwlySFyQ4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:3a:dc:8e:12:2f:85:dd:79:32:19:25:85:00:2c:50:8d:85:
fc:da:c2:d2:88:31:f1:db:e0:d3:c7:d8:02:1c:31:43:5c:19:
5e:b7:ce:78:5c:ab:0d:f1:1a:73:1c:80:d4:f9:3c:75:ce:24:
6b:d9:d1:12:63:58:aa:e5:2e:e4:c7:3d:64:8a:2c:63:58:05:
7f:8c:ab:3d:5d:4a:09:16:85:1c:b4:a8:60:f8:fc:14:f2:c2:
fa:17:e6:93:f8:14:ad:da:c9:a2:5a:f8:bc:c0:12:5e:d1:08:
ee:05:c0:a1:f8:a3:11:9b:e2:6c:f7:c6:77:0b:a1:05:e7:04:
ca:f1:a8:f3:91:e2:cc:5d:3b:37:79:f9:f8:45:16:52:a9:a4:
bd:a5:21:d5:65:c6:fb:6a:80:7a:98:27:34:ee:4a:45:fe:41:
4d:1b:91:0f:36:9f:48:8b:15:b6:70:11:23:2b:97:7d:8c:8c:
d3:30:b4:69:9d:0c:b2:7e:ed:d4:c5:f4:b6:00:fc:38:e5:89:
2f:96:20:25:22:33:84:f0:9a:d1:b6:1b:58:4f:74:db:14:7c:
84:e0:9d:dd:1f:84:f9:2b:63:d3:66:64:a5:43:51:a4:77:eb:
4e:06:5a:75:ce:a9:0c:13:0c:99:d5:27:02:a0:11:ab:0d:d4:
0d:43:c2:10
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZWoUr5NNoQ4IPDDoXvQWd3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwMzE4MDgxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGU0OGFhOWIxYzA3Y2NhOWFhY2NiYWQ3MjNjMjVjOTIxNzI0Mzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurS+gETFII/4HZSWShMbY0h057so
T4graSyHqK/9GOrWj+CcwkA6dt9wVYX6VVh9/jVVIJTgB56556GZT+6CsyBZC1oy
RCKMtedRcCC0wjnDZyK/Ekb8C7jQhrH3cxvHK3KumRkL1jsbqH+fFU+KOhMcOZFS
WS/9Qcbt5TOEqgq6dTT06GlBMVugu/dNWccPLwCTg2Ggsc5Kq4VG9CnmYNYHmF5h
lnIueNZBvf19pb+7C9P/Vu3R1JQM7jiPRfEDtNWA810810ySdrQP6i3nuw5WhpHC
P29x5FktS+rxub5gQlOJPqtgN6+cbrfEz4YyHlmfIY+zhS0hI5T5S3udFQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFMTkiqmxwHzKmqzLrXI8JckhckOJMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEveE9TS3FiSEFmTXFhck11dGNqd2x5U0Z5UTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAKY63I4SL4XdeTIZJYUALFCNhfzawtKIMfHb4NPH2AIc
MUNcGV63znhcqw3xGnMcgNT5PHXOJGvZ0RJjWKrlLuTHPWSKLGNYBX+Mqz1dSgkW
hRy0qGD4/BTywvoX5pP4FK3ayaJa+LzAEl7RCO4FwKH4oxGb4mz3xncLoQXnBMrx
qPOR4sxdOzd5+fhFFlKppL2lIdVlxvtqgHqYJzTuSkX+QU0bkQ82n0iLFbZwESMr
l32MjNMwtGmdDLJ+7dTF9LYA/DjliS+WICUiM4TwmtG2G1hPdNsUfITgnd0fhPkr
Y9NmZKVDUaR3604GWnXOqQwTDJnVJwKgEasN1A1DwhA=
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:28:51 2025 by rpki-client