Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/p0KgGDzuX6XTOoZGAQzAYREQ8bY.roa
File: p0KgGDzuX6XTOoZGAQzAYREQ8bY.roa (raw, json)
Hash identifier: BbT8ZHus6c8GITowOw9AHreRGuTy/zENA83Jk3QOHQk=
Subject key identifier: A7:42:A0:18:3C:EE:5F:A5:D3:3A:86:46:01:0C:C0:61:11:10:F1:B6
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 0196C9224CA2A9BD83842CB037DFD3BCEC2A
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/p0KgGDzuX6XTOoZGAQzAYREQ8bY.roa
Signing time: Tue 13 May 2025 10:13:10 +0000
ROA not before: Tue 13 May 2025 10:13:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 2a0d:d940:10::/48 maxlen: 48
2a0d:d940:11::/48 maxlen: 48
2a0d:d940:13::/48 maxlen: 48
2a0d:d940:14::/48 maxlen: 48
2a0d:d940:15::/48 maxlen: 48
2a0d:d940:18::/48 maxlen: 48
2a0d:d940:19::/48 maxlen: 48
2a0d:d940:1f00::/40 maxlen: 40
2a0d:d940:9008::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 May 2025 09:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:22:4c:a2:a9:bd:83:84:2c:b0:37:df:d3:bc:ec:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: May 13 10:13:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a742a0183cee5fa5d33a8646010cc0611110f1b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:aa:24:07:87:18:6d:1f:d4:b0:25:12:31:8e:
f2:da:cc:46:0b:57:9b:cb:49:07:9e:7e:c0:5b:c1:
d5:ea:ec:28:79:df:22:b3:97:20:64:e9:ab:70:b1:
c8:73:e6:26:7b:9f:19:21:f8:33:69:e8:1a:23:5c:
99:24:61:a8:7f:89:8d:84:ca:d9:c1:27:59:fe:73:
2f:00:5b:2e:9f:fa:a1:b5:e2:12:e0:fc:1e:d5:72:
8b:61:d8:d6:80:d5:9b:4c:27:3d:d7:87:e6:e8:6b:
d1:d4:79:cb:52:14:22:1a:4a:5f:3a:62:5a:14:cc:
d1:51:7a:9f:65:a9:33:c9:9b:19:26:fe:ef:bb:68:
04:4a:98:09:8e:6d:f2:b0:86:31:34:da:35:6a:85:
55:2d:e8:3f:cb:62:a7:e8:39:b0:d8:1a:d5:94:da:
30:d8:32:57:22:5c:cc:6a:df:98:69:23:e3:15:0f:
7b:d9:8f:df:fa:3c:59:26:a4:c2:1a:8b:16:2c:ae:
a9:cc:3a:44:a8:f0:23:db:55:6b:aa:06:ee:f8:8c:
69:57:f9:3f:43:53:84:1f:e3:ff:fc:dd:79:d5:0b:
46:c4:e3:1c:91:da:5a:2b:1e:67:1f:0f:35:be:4e:
dd:a3:4d:77:fe:f3:ae:df:35:25:63:1a:7c:2b:6a:
49:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:42:A0:18:3C:EE:5F:A5:D3:3A:86:46:01:0C:C0:61:11:10:F1:B6
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/p0KgGDzuX6XTOoZGAQzAYREQ8bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:10::/47
2a0d:d940:13::-2a0d:d940:15:ffff:ffff:ffff:ffff:ffff
2a0d:d940:18::/47
2a0d:d940:1f00::/40
2a0d:d940:9008::/48
Signature Algorithm: sha256WithRSAEncryption
02:3a:ae:f4:c5:9d:74:5f:bc:35:a4:35:41:02:f2:43:54:50:
79:7b:4e:93:c1:d2:dc:36:96:8b:84:c8:ca:66:8d:3e:d8:ca:
d3:e0:5f:d9:b8:de:98:9d:e0:f4:66:43:49:a7:cc:33:8e:db:
9a:d6:90:98:db:11:d4:2b:08:47:a7:00:7b:9b:3f:c1:8d:56:
6c:cf:7b:0e:e6:4b:ac:da:c6:05:ef:04:87:44:91:54:3c:c6:
5e:83:49:52:36:b8:04:8a:13:b4:38:f2:02:c9:52:c8:34:4d:
85:56:68:7e:00:7d:2a:cc:36:9d:8c:39:94:52:e8:b2:0e:b9:
ab:dc:95:aa:c9:72:f9:bd:12:4d:7d:96:83:8c:df:88:be:50:
29:ed:46:8b:62:1a:15:e1:72:ec:ca:d2:f7:c3:04:42:93:a5:
b0:89:be:b6:a2:44:c2:7d:a9:48:e3:77:3a:5e:11:96:df:c9:
dd:7a:d8:8f:f9:5c:8c:6a:87:17:cd:74:87:82:e3:36:1c:e1:
64:9a:f6:53:45:d3:f6:2b:9a:c1:5a:45:38:61:eb:7d:11:26:
0a:ae:29:d5:e4:7a:32:69:35:5e:d9:29:b9:81:33:71:cd:d7:
16:e6:da:6c:99:35:bf:82:ff:d8:56:4b:eb:5a:84:ed:57:81:
ba:1b:6d:19
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZbJIkyiqb2DhCywN9/TvOwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwNTEzMTAxMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQyYTAxODNjZWU1ZmE1ZDMzYTg2NDYwMTBjYzA2MTExMTBmMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6okB4cYbR/UsCUSMY7y2sxGC1eb
y0kHnn7AW8HV6uwoed8is5cgZOmrcLHIc+Yme58ZIfgzaegaI1yZJGGof4mNhMrZ
wSdZ/nMvAFsun/qhteIS4Pwe1XKLYdjWgNWbTCc914fm6GvR1HnLUhQiGkpfOmJa
FMzRUXqfZakzyZsZJv7vu2gESpgJjm3ysIYxNNo1aoVVLeg/y2Kn6Dmw2BrVlNow
2DJXIlzMat+YaSPjFQ972Y/f+jxZJqTCGosWLK6pzDpEqPAj21Vrqgbu+IxpV/k/
Q1OEH+P//N151QtGxOMckdpaKx5nHw81vk7do013/vOu3zUlYxp8K2pJUQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFKdCoBg87l+l0zqGRgEMwGEREPG2MB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvcDBLZ0dEenVYNlhUT29aR0FRekFZUkVROGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzA9BAIAAjA3AwcBKg3ZQAAQ
MBIDBwAqDdlAABMDBwEqDdlAABQDBwEqDdlAABgDBgAqDdlAHwMHACoN2UCQCDAN
BgkqhkiG9w0BAQsFAAOCAQEAAjqu9MWddF+8NaQ1QQLyQ1RQeXtOk8HS3DaWi4TI
ymaNPtjK0+Bf2bjemJ3g9GZDSafMM47bmtaQmNsR1CsIR6cAe5s/wY1WbM97DuZL
rNrGBe8Eh0SRVDzGXoNJUja4BIoTtDjyAslSyDRNhVZofgB9Ksw2nYw5lFLosg65
q9yVqsly+b0STX2Wg4zfiL5QKe1Gi2IaFeFy7MrS98MEQpOlsIm+tqJEwn2pSON3
Ol4Rlt/J3XrYj/lcjGqHF810h4LjNhzhZJr2U0XT9iuawVpFOGHrfREmCq4p1eR6
Mmk1XtkpuYEzcc3XFubabJk1v4L/2FZL61qE7VeBuhttGQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 08:36:19 2025 by rpki-client