Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/puXBj_vUgm5Pmv8V9TDLz1HvTqo.roa
File: puXBj_vUgm5Pmv8V9TDLz1HvTqo.roa (raw, json)
Hash identifier: 580LUrXui0PDDPHe63SE20BtfonFtsPYZ5cDBeAwh1I=
Subject key identifier: A6:E5:C1:8F:FB:D4:82:6E:4F:9A:FF:15:F5:30:CB:CF:51:EF:4E:AA
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01961198361753024A35B091E4DDF72B7A9A
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/puXBj_vUgm5Pmv8V9TDLz1HvTqo.roa
Signing time: Mon 07 Apr 2025 18:51:50 +0000
ROA not before: Mon 07 Apr 2025 18:51:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0e:f05::/32 maxlen: 32
2a0e:13c3::/32 maxlen: 32
2a0f:bb01::/32 maxlen: 32
2a11:641::/32 maxlen: 32
2a11:4344::/32 maxlen: 32
2a11:7884::/32 maxlen: 32
2a11:8501::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 09 Apr 2025 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:11:98:36:17:53:02:4a:35:b0:91:e4:dd:f7:2b:7a:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 7 18:51:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6e5c18ffbd4826e4f9aff15f530cbcf51ef4eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e5:51:20:26:1e:21:13:c4:13:d6:26:7b:ed:
bf:fa:d4:3a:fd:cb:26:a7:a0:fc:f0:29:3c:e8:6a:
4a:28:91:4c:80:e6:9f:bc:29:34:90:8a:6a:51:bf:
14:33:72:6c:f4:1d:a7:f2:9c:56:25:ee:50:6e:e3:
65:57:ea:72:8e:07:82:db:dd:24:b7:1a:cc:77:1a:
78:08:87:c9:56:ef:f8:12:c2:8f:ea:57:e8:04:b8:
22:bd:e5:71:f5:13:fc:4f:f7:87:9b:f0:42:77:94:
62:f6:95:a1:c6:ea:e8:5b:e2:da:03:2b:21:8d:f2:
e0:7a:f3:95:4d:2a:9a:16:01:a4:11:8f:c2:b0:49:
5a:1f:04:32:da:4e:99:6f:de:61:fb:e5:98:2f:f2:
9b:e9:6d:74:15:e2:a7:19:1d:bc:97:8c:8c:4c:e5:
fa:15:a7:36:c7:48:91:8e:b2:6a:c8:f2:cb:61:8f:
fc:ba:83:6d:0f:16:34:76:7e:87:74:33:2c:1b:e6:
49:a0:12:5a:8d:ed:12:95:8b:2b:4c:9f:bc:6c:f4:
0d:34:c8:db:69:fb:b4:6c:db:7f:39:52:ec:09:4a:
d6:cb:9b:f1:c3:22:32:af:59:cb:11:8f:db:c8:f5:
ba:15:b1:e8:de:a8:9f:bc:88:01:6a:5c:ee:e2:52:
1c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E5:C1:8F:FB:D4:82:6E:4F:9A:FF:15:F5:30:CB:CF:51:EF:4E:AA
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/puXBj_vUgm5Pmv8V9TDLz1HvTqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f05::/32
2a0e:13c3::/32
2a0f:bb01::/32
2a11:641::/32
2a11:4344::/32
2a11:7884::/32
2a11:8501::/32
Signature Algorithm: sha256WithRSAEncryption
e7:3e:8b:d8:bb:fe:46:cc:f6:03:31:54:e0:3b:33:18:d5:72:
92:ab:3e:12:74:67:b4:7a:eb:31:44:e7:75:07:98:0f:e6:c4:
4b:80:51:20:0b:9f:4c:00:4a:8d:a9:d3:1b:d3:79:3b:f3:97:
10:08:aa:23:a9:17:fa:42:6e:9f:76:f1:6c:06:32:6d:dd:cf:
7c:1a:f0:f0:c9:12:b8:37:5d:bf:dd:7f:f4:f6:ee:be:a8:db:
69:c8:5c:71:77:a1:8a:71:e6:04:82:78:45:36:34:d5:f9:68:
fb:6a:3f:67:31:2c:ac:d1:93:99:fa:7b:d8:b1:ec:52:55:8e:
ae:be:7d:13:37:d4:b7:4b:b4:d8:5c:a5:d5:71:84:f1:59:98:
c1:87:08:5b:a1:ea:79:d7:3c:3e:5f:71:a8:cc:24:74:15:ae:
c1:dc:46:4a:cb:19:82:69:3e:11:0a:b5:88:7c:b8:5d:c4:2a:
d7:cf:8a:92:75:c6:e0:7f:66:b7:c1:b2:6a:a3:42:ec:cb:81:
67:38:e6:9a:7a:48:f1:88:89:91:2f:ab:33:f7:d4:8b:2c:4e:
15:a3:9c:e1:ca:59:7d:68:2d:a3:43:d7:7b:79:72:e7:1d:16:
85:1f:41:75:d4:b2:b7:ea:79:c6:e0:fd:5b:7d:29:28:9d:b4:
41:3f:da:0d
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZYRmDYXUwJKNbCR5N33K3qaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwNDA3MTg1MTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmU1YzE4ZmZiZDQ4MjZlNGY5YWZmMTVmNTMwY2JjZjUxZWY0ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+VRICYeIRPEE9Yme+2/+tQ6/csm
p6D88Ck86GpKKJFMgOafvCk0kIpqUb8UM3Js9B2n8pxWJe5QbuNlV+pyjgeC290k
txrMdxp4CIfJVu/4EsKP6lfoBLgiveVx9RP8T/eHm/BCd5Ri9pWhxuroW+LaAysh
jfLgevOVTSqaFgGkEY/CsElaHwQy2k6Zb95h++WYL/Kb6W10FeKnGR28l4yMTOX6
Fac2x0iRjrJqyPLLYY/8uoNtDxY0dn6HdDMsG+ZJoBJaje0SlYsrTJ+8bPQNNMjb
afu0bNt/OVLsCUrWy5vxwyIyr1nLEY/byPW6FbHo3qifvIgBalzu4lIcBQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKblwY/71IJuT5r/FfUwy89R706qMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvcHVYQmpfdlVnbTVQbXY4VjlUREx6MUh2VHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKg4PBQMF
ACoOE8MDBQAqD7sBAwUAKhEGQQMFACoRQ0QDBQAqEXiEAwUAKhGFATANBgkqhkiG
9w0BAQsFAAOCAQEA5z6L2Lv+Rsz2AzFU4DszGNVykqs+EnRntHrrMUTndQeYD+bE
S4BRIAufTABKjanTG9N5O/OXEAiqI6kX+kJun3bxbAYybd3PfBrw8MkSuDddv91/
9PbuvqjbachccXehinHmBIJ4RTY01flo+2o/ZzEsrNGTmfp72LHsUlWOrr59EzfU
t0u02Fyl1XGE8VmYwYcIW6Hqedc8Pl9xqMwkdBWuwdxGSssZgmk+EQq1iHy4XcQq
18+KknXG4H9mt8GyaqNC7MuBZzjmmnpI8YiJkS+rM/fUiyxOFaOc4cpZfWgto0PX
e3ly5x0WhR9BddSyt+p5xuD9W30pKJ20QT/aDQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:56:21 2025 by rpki-client