Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Tt0HVN_62HGhaThd4rx5aJCuIu4.roa
File: Tt0HVN_62HGhaThd4rx5aJCuIu4.roa (raw, json)
Hash identifier: foOcKvhssYmLlrlwyDXaicDfnwI9wK1b0MiKQmEGl18=
Subject key identifier: 4E:DD:07:54:DF:FA:D8:71:A1:69:38:5D:E2:BC:79:68:90:AE:22:EE
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 01960FB32A9F9AE118E027B009D9E6620646
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Tt0HVN_62HGhaThd4rx5aJCuIu4.roa
Signing time: Mon 07 Apr 2025 10:02:02 +0000
ROA not before: Mon 07 Apr 2025 10:02:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.6.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.8.0/24 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.25.0/24 maxlen: 24
152.53.26.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.41.0/24 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.58.0/24 maxlen: 24
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.63.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.74.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.79.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.84.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.98.0/24 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
152.53.240.0/22 maxlen: 22
152.53.244.0/22 maxlen: 22
152.53.248.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 08 Apr 2025 09:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:b3:2a:9f:9a:e1:18:e0:27:b0:09:d9:e6:62:06:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Apr 7 10:02:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4edd0754dffad871a169385de2bc796890ae22ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:34:de:84:8d:37:4c:33:4c:fe:37:d2:c1:47:
a0:17:7b:e7:3d:38:61:7a:eb:66:b9:83:f3:d6:8d:
0d:66:d7:db:0a:7d:ab:02:e9:f9:28:42:f5:56:4d:
b2:4d:73:fc:4f:35:11:65:22:5b:ef:7c:1f:07:bc:
02:d1:29:e4:ec:4d:af:7e:12:fe:c9:8c:c7:f4:e5:
0d:14:6c:d8:3a:14:53:40:2d:6a:ce:c8:77:9c:0c:
54:57:17:ef:1f:6e:c6:21:85:3e:74:cc:fc:7e:1c:
69:3c:e5:2c:87:a2:82:c7:0f:f5:3c:0b:42:0d:2b:
6d:80:34:29:b4:57:af:b9:05:9e:e6:2e:17:50:01:
37:ec:23:e3:39:f4:2b:48:69:12:01:af:aa:ac:c3:
f2:96:d4:7a:a8:d4:20:7c:d6:18:e9:b0:77:ab:f2:
a5:45:12:40:07:eb:3c:f5:5d:f3:4a:29:49:6c:77:
d5:e4:d8:39:c8:5d:03:32:c8:7c:0a:07:00:5e:7e:
75:9f:37:bb:68:d3:70:d5:5b:44:d5:5f:73:e4:8f:
86:17:43:84:f2:1c:b5:fc:bb:ea:7e:68:42:81:50:
94:85:34:01:39:f5:e4:b5:9a:28:90:5b:e9:0c:76:
db:02:7f:7c:df:f6:bf:dd:84:11:9c:77:ff:10:62:
ad:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:DD:07:54:DF:FA:D8:71:A1:69:38:5D:E2:BC:79:68:90:AE:22:EE
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Tt0HVN_62HGhaThd4rx5aJCuIu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:56:ed:17:da:ae:06:ac:86:dc:ac:45:1c:fc:ad:89:22:e7:
fc:6f:93:0c:55:00:fa:94:54:52:3c:86:5d:ff:0a:67:84:3c:
54:c8:94:a8:3b:24:f4:59:64:9b:0a:d7:1c:81:4c:34:9f:2c:
d1:8f:d7:16:28:9a:70:4f:bf:0c:01:5a:62:5d:a0:f0:ac:c4:
c6:de:21:91:a2:d9:b6:99:8b:e8:d9:7c:a8:a3:5d:a0:80:5b:
19:ff:2e:d5:cc:9e:1a:76:f9:9e:23:b3:b2:a3:f4:87:ae:ae:
6f:76:97:94:6b:92:7f:fe:6f:9a:b3:26:f0:ec:bc:93:2d:c9:
7e:00:28:f3:c9:97:1e:89:bf:19:ae:f0:d3:38:b9:a4:bf:5c:
e5:36:fc:7c:8a:9f:a1:63:9a:9f:34:33:6b:1b:fc:f6:d3:bf:
76:07:e3:9a:8e:25:ef:a0:4f:a6:8e:63:a6:2d:76:a6:6e:fb:
82:2e:ba:05:25:25:7e:ab:57:21:eb:5b:77:4b:16:6a:8c:a4:
68:05:db:dc:76:96:f7:09:be:20:66:15:d0:4c:36:11:8d:24:
e9:5a:30:24:45:f2:8b:13:b6:6f:f7:89:e7:46:14:74:e5:44:
a0:88:73:e2:bb:2f:a0:8c:15:91:4d:10:cc:0b:d1:32:61:1d:
21:fe:6f:72
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZYPsyqfmuEY4CewCdnmYgZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwNDA3MTAwMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWRkMDc1NGRmZmFkODcxYTE2OTM4NWRlMmJjNzk2ODkwYWUyMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jTehI03TDNM/jfSwUegF3vnPThh
eutmuYPz1o0NZtfbCn2rAun5KEL1Vk2yTXP8TzURZSJb73wfB7wC0Snk7E2vfhL+
yYzH9OUNFGzYOhRTQC1qzsh3nAxUVxfvH27GIYU+dMz8fhxpPOUsh6KCxw/1PAtC
DSttgDQptFevuQWe5i4XUAE37CPjOfQrSGkSAa+qrMPyltR6qNQgfNYY6bB3q/Kl
RRJAB+s89V3zSilJbHfV5Ng5yF0DMsh8CgcAXn51nze7aNNw1VtE1V9z5I+GF0OE
8hy1/LvqfmhCgVCUhTQBOfXktZookFvpDHbbAn983/a/3YQRnHf/EGKt5QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFE7dB1Tf+thxoWk4XeK8eWiQriLuMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvVHQwSFZOXzYySEdoYVRoZDRyeDVhSkN1SXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAB9W7RfargashtysRRz8rYki5/xvkwxVAPqUVFI8hl3/
CmeEPFTIlKg7JPRZZJsK1xyBTDSfLNGP1xYomnBPvwwBWmJdoPCsxMbeIZGi2baZ
i+jZfKijXaCAWxn/LtXMnhp2+Z4js7Kj9Ieurm92l5Rrkn/+b5qzJvDsvJMtyX4A
KPPJlx6Jvxmu8NM4uaS/XOU2/HyKn6Fjmp80M2sb/PbTv3YH45qOJe+gT6aOY6Yt
dqZu+4IuugUlJX6rVyHrW3dLFmqMpGgF29x2lvcJviBmFdBMNhGNJOlaMCRF8osT
tm/3iedGFHTlRKCIc+K7L6CMFZFNEMwL0TJhHSH+b3I=
-----END CERTIFICATE-----
Generated at Fri Jun 20 02:11:25 2025 by rpki-client