Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/uOxbDpURCgMgdcYsCdi4PkWftyY.roa
File: uOxbDpURCgMgdcYsCdi4PkWftyY.roa (raw, json)
Hash identifier: YF13fTLWnugp+LlIJMJLiIuXQvT/YzimNiO/BYrUSuM=
Subject key identifier: B8:EC:5B:0E:95:11:0A:03:20:75:C6:2C:09:D8:B8:3E:45:9F:B7:26
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0196CD81FDC5E7ABFF330AF8B96427CB520D
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/uOxbDpURCgMgdcYsCdi4PkWftyY.roa
Signing time: Wed 14 May 2025 06:36:10 +0000
ROA not before: Wed 14 May 2025 06:36:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.6.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.8.0/24 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.25.0/24 maxlen: 24
152.53.26.0/24 maxlen: 24
152.53.27.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.36.0/22 maxlen: 24
152.53.41.0/24 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.58.0/24 maxlen: 24
152.53.59.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.63.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.69.0/24 maxlen: 24
152.53.74.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.79.0/24 maxlen: 24
152.53.80.0/22 maxlen: 22
152.53.84.0/22 maxlen: 22
152.53.88.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.98.0/24 maxlen: 24
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.160.0/22 maxlen: 22
152.53.164.0/22 maxlen: 22
152.53.168.0/22 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
152.53.240.0/22 maxlen: 22
152.53.244.0/22 maxlen: 22
152.53.248.0/22 maxlen: 22
152.53.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 20 May 2025 08:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cd:81:fd:c5:e7:ab:ff:33:0a:f8:b9:64:27:cb:52:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: May 14 06:36:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8ec5b0e95110a032075c62c09d8b83e459fb726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:13:c4:7c:db:9b:8d:7e:f0:84:ab:c3:df:b8:
8d:e2:e7:41:1c:6a:27:f7:e5:d8:e4:9d:9f:ed:82:
2d:69:80:03:80:ae:bb:33:5d:90:76:97:f0:45:cc:
d3:c2:a6:39:c3:39:11:a1:67:c7:6f:62:ff:5c:81:
93:01:fe:31:1a:b2:35:84:68:b8:b5:f1:ae:55:5f:
66:42:63:e2:8e:7e:22:eb:e8:16:14:9e:92:da:88:
c5:78:c8:1a:ee:f5:20:e7:b9:c6:01:2f:97:a4:f9:
16:f8:27:94:2d:c5:c6:25:86:cd:34:31:82:58:d0:
2b:fd:0d:7d:dd:d0:6f:d8:b3:01:f0:82:13:6f:fa:
17:37:ba:95:03:6c:39:f5:d4:dc:58:55:a2:44:5f:
5e:3e:97:49:a7:68:61:d5:76:cf:f7:52:84:d2:5c:
d0:19:26:74:7e:be:20:4b:c9:00:b4:03:79:04:67:
3e:cb:4c:b3:79:12:f6:e5:39:cd:4f:e0:ca:e3:8e:
73:10:9d:49:4b:46:1d:42:ba:70:29:9c:43:b5:ef:
72:80:54:db:6c:8f:16:32:50:81:b8:22:6e:aa:aa:
41:f4:63:a3:18:b3:8a:8a:e2:99:38:e7:d2:f2:ca:
1c:c2:5f:ad:4b:1e:fb:9e:5f:65:64:df:02:09:b8:
8e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:EC:5B:0E:95:11:0A:03:20:75:C6:2C:09:D8:B8:3E:45:9F:B7:26
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/uOxbDpURCgMgdcYsCdi4PkWftyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:09:23:39:e5:ce:0e:5c:6e:b9:97:e3:f2:a9:1e:6c:60:42:
cb:cd:39:83:ab:1f:97:8e:8c:e3:89:72:93:e3:cf:41:16:f5:
aa:e8:cf:17:42:11:22:7c:2a:81:bb:3e:a9:a5:cb:7b:38:3c:
de:40:5b:65:db:c1:e1:bf:85:bd:d1:77:14:f6:17:53:e1:6c:
fd:c8:eb:76:28:e7:a8:5c:c2:10:53:fb:6c:5d:63:6b:10:47:
0e:7d:47:63:cc:0e:5c:db:5f:9f:95:47:04:3a:3e:6d:ae:a4:
85:b3:9c:ca:b5:b3:b1:05:44:d3:f7:b1:fa:58:40:e4:5f:59:
27:bf:f4:c1:dc:f2:4a:89:59:da:05:16:a8:f6:8f:27:e1:2c:
f9:c6:a8:62:15:24:92:54:ba:20:14:7b:9c:62:20:b3:21:6c:
7f:eb:d5:c3:a7:44:12:34:c4:8f:20:bd:1c:95:65:32:1e:8e:
1b:ea:46:49:cf:f9:a7:d7:0d:4a:6f:45:38:ba:b2:01:41:2d:
40:65:3a:5e:d4:f3:f8:12:d9:39:28:2a:2d:d4:c0:de:31:54:
d1:f4:fc:6d:89:f3:4c:26:e2:a7:e2:25:0d:11:d8:2d:6f:90:
e0:01:64:ec:81:f5:ac:09:17:47:54:51:fd:18:78:e1:26:23:
ba:f4:71:a8
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZbNgf3F56v/Mwr4uWQny1INMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwNTE0MDYzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGVjNWIwZTk1MTEwYTAzMjA3NWM2MmMwOWQ4YjgzZTQ1OWZiNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBPEfNubjX7whKvD37iN4udBHGon
9+XY5J2f7YItaYADgK67M12QdpfwRczTwqY5wzkRoWfHb2L/XIGTAf4xGrI1hGi4
tfGuVV9mQmPijn4i6+gWFJ6S2ojFeMga7vUg57nGAS+XpPkW+CeULcXGJYbNNDGC
WNAr/Q193dBv2LMB8IITb/oXN7qVA2w59dTcWFWiRF9ePpdJp2hh1XbP91KE0lzQ
GSZ0fr4gS8kAtAN5BGc+y0yzeRL25TnNT+DK445zEJ1JS0YdQrpwKZxDte9ygFTb
bI8WMlCBuCJuqqpB9GOjGLOKiuKZOOfS8socwl+tSx77nl9lZN8CCbiOLQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFLjsWw6VEQoDIHXGLAnYuD5Fn7cmMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvdU94YkRwVVJDZ01nZGNZc0NkaTRQa1dmdHlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAAsJIznlzg5cbrmX4/KpHmxgQsvNOYOrH5eOjOOJcpPj
z0EW9arozxdCESJ8KoG7Pqmly3s4PN5AW2XbweG/hb3RdxT2F1PhbP3I63Yo56hc
whBT+2xdY2sQRw59R2PMDlzbX5+VRwQ6Pm2upIWznMq1s7EFRNP3sfpYQORfWSe/
9MHc8kqJWdoFFqj2jyfhLPnGqGIVJJJUuiAUe5xiILMhbH/r1cOnRBI0xI8gvRyV
ZTIejhvqRknP+afXDUpvRTi6sgFBLUBlOl7U8/gS2TkoKi3UwN4xVNH0/G2J80wm
4qfiJQ0R2C1vkOABZOyB9awJF0dUUf0YeOEmI7r0cag=
-----END CERTIFICATE-----
Generated at Wed Jun 18 05:12:27 2025 by rpki-client