Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/St-qPlGp8oJ1olPUrd2z4z2yS-c.roa
File: St-qPlGp8oJ1olPUrd2z4z2yS-c.roa (raw, json)
Hash identifier: XmXlUkLQG/7quSpl9VfBr9t51O4E6FrzqouQ4u6crBU=
Subject key identifier: 4A:DF:AA:3E:51:A9:F2:82:75:A2:53:D4:AD:DD:B3:E3:3D:B2:4B:E7
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 019614BEC99A32D478E4A76C316CEC6C42F7
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/St-qPlGp8oJ1olPUrd2z4z2yS-c.roa
Signing time: Tue 08 Apr 2025 09:32:49 +0000
ROA not before: Tue 08 Apr 2025 09:32:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.6.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.8.0/24 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.25.0/24 maxlen: 24
152.53.26.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.41.0/24 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.58.0/24 maxlen: 24
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.63.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.74.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.79.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.84.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.98.0/24 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.160.0/22 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
152.53.240.0/22 maxlen: 22
152.53.244.0/22 maxlen: 22
152.53.248.0/22 maxlen: 22
152.53.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 08 Apr 2025 12:26:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:be:c9:9a:32:d4:78:e4:a7:6c:31:6c:ec:6c:42:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Apr 8 09:32:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4adfaa3e51a9f28275a253d4adddb3e33db24be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:16:6a:c9:44:36:67:2d:71:74:33:ee:b1:ee:
f3:7a:5b:13:4e:53:ed:83:dc:31:91:a5:82:c2:a7:
18:e7:aa:db:79:c0:6a:cb:19:75:e7:ea:83:9f:58:
d5:b4:6f:a4:bf:a2:df:ce:23:ab:a0:d0:fc:3d:13:
78:6e:b4:4c:42:a1:ef:27:f0:af:bf:d8:73:2a:18:
c3:08:31:a1:b5:94:c5:11:33:70:f2:a0:e1:97:9c:
b6:e0:20:37:bf:ab:f3:4e:30:17:58:a1:fc:8f:12:
7b:5e:e4:13:92:c9:0d:f5:69:f8:fb:6d:70:43:e2:
2f:b2:6d:74:11:f1:20:da:6d:a0:a7:62:4b:d8:41:
da:e8:d1:c0:b6:e1:39:db:02:53:6e:89:24:a7:82:
b2:23:6d:bc:1d:34:6f:b0:52:75:b8:51:6d:47:24:
0f:cb:af:3b:b9:e4:86:35:1b:75:53:db:06:8a:e4:
39:52:f9:f8:93:d9:30:e6:c1:26:c5:4d:6d:c4:eb:
81:e5:7a:8e:db:9c:b5:34:28:54:0e:03:da:c9:c5:
5f:85:e6:45:10:e2:bb:05:2f:3c:7e:c6:c6:29:a9:
81:35:49:b3:83:d9:02:9e:66:7f:1a:06:e1:2a:bc:
6f:5b:94:27:c3:88:01:2b:64:31:a2:e6:3a:a0:5b:
20:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DF:AA:3E:51:A9:F2:82:75:A2:53:D4:AD:DD:B3:E3:3D:B2:4B:E7
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/St-qPlGp8oJ1olPUrd2z4z2yS-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:eb:eb:87:fb:99:c4:f9:1d:a5:14:74:67:20:09:c6:70:20:
17:4a:99:ec:c5:ae:88:01:c8:63:d7:ef:4b:99:92:0f:ac:f1:
0e:e8:7d:cc:c2:33:c9:80:65:68:1c:6a:2b:91:a6:6a:27:0a:
e8:2b:c7:e9:74:60:62:39:f1:c5:37:8f:17:07:e3:24:c0:8b:
39:ac:97:26:23:8a:2b:63:01:e1:d1:6a:58:8b:3b:35:52:32:
27:27:71:46:57:5d:90:ef:a6:7d:51:c8:7a:49:12:47:c2:e4:
0f:75:05:a8:2d:d9:fc:64:80:79:97:cf:72:cf:ad:9d:d6:20:
ba:a7:24:15:42:23:e6:26:66:55:8a:58:65:33:7e:ba:86:5e:
0b:71:cc:2e:b5:08:44:89:6a:22:0b:52:33:d4:ed:7f:a6:9b:
a0:25:61:bc:4b:3c:7e:be:6a:2d:ea:83:48:5f:b4:65:16:d6:
40:0b:9e:76:40:b0:fd:34:d8:c6:80:03:fc:84:1f:2c:45:ea:
b7:9b:2b:7b:8c:5f:09:bb:7e:ca:48:da:6f:10:10:ab:33:85:
d3:d0:c5:1f:6b:ba:fd:58:dc:c0:de:1e:39:ae:d8:8f:33:6d:
b6:d4:6a:0e:e3:93:9b:6c:62:0a:56:6c:8f:bd:39:21:35:08:
0c:b0:46:2d
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZYUvsmaMtR45KdsMWzsbEL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwNDA4MDkzMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWRmYWEzZTUxYTlmMjgyNzVhMjUzZDRhZGRkYjNlMzNkYjI0YmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRZqyUQ2Zy1xdDPuse7zelsTTlPt
g9wxkaWCwqcY56rbecBqyxl15+qDn1jVtG+kv6LfziOroND8PRN4brRMQqHvJ/Cv
v9hzKhjDCDGhtZTFETNw8qDhl5y24CA3v6vzTjAXWKH8jxJ7XuQTkskN9Wn4+21w
Q+Ivsm10EfEg2m2gp2JL2EHa6NHAtuE52wJTbokkp4KyI228HTRvsFJ1uFFtRyQP
y687ueSGNRt1U9sGiuQ5Uvn4k9kw5sEmxU1txOuB5XqO25y1NChUDgPaycVfheZF
EOK7BS88fsbGKamBNUmzg9kCnmZ/GgbhKrxvW5Qnw4gBK2QxouY6oFsgFQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFErfqj5RqfKCdaJT1K3ds+M9skvnMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvU3QtcVBsR3A4b0oxb2xQVXJkMno0ejJ5Uy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAEHr64f7mcT5HaUUdGcgCcZwIBdKmezFrogByGPX70uZ
kg+s8Q7ofczCM8mAZWgcaiuRpmonCugrx+l0YGI58cU3jxcH4yTAizmslyYjiitj
AeHRaliLOzVSMicncUZXXZDvpn1RyHpJEkfC5A91Bagt2fxkgHmXz3LPrZ3WILqn
JBVCI+YmZlWKWGUzfrqGXgtxzC61CESJaiILUjPU7X+mm6AlYbxLPH6+ai3qg0hf
tGUW1kALnnZAsP002MaAA/yEHyxF6rebK3uMXwm7fspI2m8QEKszhdPQxR9ruv1Y
3MDeHjmu2I8zbbbUag7jk5tsYgpWbI+9OSE1CAywRi0=
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:19:58 2025 by rpki-client