Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Puhn4Q2Upd46I_boVICjTnqBbsg.roa
File: Puhn4Q2Upd46I_boVICjTnqBbsg.roa (raw, json)
Hash identifier: TQSt9I68Zl+n+VC712TGlgGOjdEPOWpDi//t1Jhyoyo=
Subject key identifier: 3E:E8:67:E1:0D:94:A5:DE:3A:23:F6:E8:54:80:A3:4E:7A:81:6E:C8
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01943892995ADB7276E4CE18F3C70CCE5DF1
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Puhn4Q2Upd46I_boVICjTnqBbsg.roa
Signing time: Sun 05 Jan 2025 22:25:19 +0000
ROA not before: Sun 05 Jan 2025 22:25:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53856
IP address blocks: 94.131.64.0/22 maxlen: 24
94.131.72.0/21 maxlen: 24
95.164.24.0/22 maxlen: 22
95.164.28.0/22 maxlen: 22
95.164.78.0/23 maxlen: 24
95.164.96.0/21 maxlen: 21
95.164.104.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 18 Feb 2025 21:11:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:38:92:99:5a:db:72:76:e4:ce:18:f3:c7:0c:ce:5d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 5 22:25:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ee867e10d94a5de3a23f6e85480a34e7a816ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:46:b3:98:41:7b:b4:38:48:25:6a:68:2c:25:
29:80:a9:f9:df:4d:5f:15:d9:a3:d6:53:3c:4c:08:
3d:39:92:a7:1d:b8:3f:90:e1:2b:be:b4:f6:e8:3a:
d6:02:05:98:05:f8:81:a8:cd:5f:22:c6:9a:4d:c4:
b6:03:af:8e:f4:c3:a4:01:0d:f9:61:a3:6c:e9:d7:
e1:4b:ff:38:c8:33:b5:bc:cb:e6:4e:5b:8a:c4:ac:
d9:01:4c:48:cd:1f:8c:f9:50:0f:43:1b:2d:66:0c:
85:d1:a0:f5:86:f8:49:c6:d3:48:4d:c6:1b:46:1b:
09:25:0b:34:bd:eb:ea:59:fd:6a:91:f5:f4:77:f0:
14:03:fa:f1:87:3f:f7:b6:04:2c:da:9a:10:9b:42:
e7:e5:ec:d5:f7:82:8d:a5:af:ad:7f:50:68:a4:50:
f1:1a:4b:a2:dc:1d:56:21:65:2a:4a:07:38:1f:d9:
91:7a:c8:18:4d:3b:da:28:2c:7d:d4:42:24:86:3d:
3c:03:ac:23:05:71:b2:6b:1e:ba:cb:38:fd:3a:40:
5a:52:8e:8d:2a:b3:ca:8f:a2:61:a4:cf:69:b9:66:
0d:7d:8e:db:3d:e4:6d:66:ee:f0:ad:27:33:10:85:
b8:8a:77:b7:a1:67:d3:21:94:71:55:98:06:86:65:
47:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E8:67:E1:0D:94:A5:DE:3A:23:F6:E8:54:80:A3:4E:7A:81:6E:C8
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Puhn4Q2Upd46I_boVICjTnqBbsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.64.0/22
94.131.72.0/21
95.164.24.0/21
95.164.78.0/23
95.164.96.0/20
Signature Algorithm: sha256WithRSAEncryption
a2:a5:c6:aa:16:b9:ad:30:0c:86:76:97:ff:d2:7b:9e:69:36:
a2:3c:24:d2:38:ec:19:3b:97:30:6e:22:d0:b8:d1:33:e2:a1:
fb:42:55:34:a2:eb:db:53:b3:24:b9:e9:60:6b:19:e9:4b:cb:
42:4c:7d:3f:2e:f9:19:d8:e1:be:a6:db:c6:6a:aa:a4:3b:88:
67:a3:08:38:c7:75:67:d4:c4:b7:92:cc:58:02:97:1b:5e:9c:
95:36:b1:a4:77:98:f2:34:f7:dd:40:bc:b0:51:b9:19:0b:0a:
31:b2:ac:05:15:ac:b2:8d:23:8a:76:7f:f7:b9:3c:47:82:19:
82:15:2a:2e:f9:bd:e2:de:80:b1:47:97:22:16:3e:0f:df:16:
0d:bc:66:27:22:08:6c:96:b9:3f:cd:60:bc:9a:e8:99:84:7b:
2c:6c:fc:a7:b5:6a:f5:2f:50:e2:ad:ec:31:b8:16:3b:43:b1:
d2:ec:27:32:4f:64:90:e8:21:39:e3:25:01:9b:7b:bc:96:a8:
a4:34:c1:82:8a:55:24:df:a9:3a:3e:27:7e:10:a7:ec:e7:f3:
18:e9:da:22:ee:00:c9:4e:06:a2:8c:6c:30:79:3f:14:f0:2d:
5c:5b:0e:ab:6b:6f:ed:20:ae:1f:72:57:0f:61:77:56:ea:de:
79:89:21:ae
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQ4kpla23J25M4Y88cMzl3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTA1MjIyNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWU4NjdlMTBkOTRhNWRlM2EyM2Y2ZTg1NDgwYTM0ZTdhODE2ZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkazmEF7tDhIJWpoLCUpgKn5301f
Fdmj1lM8TAg9OZKnHbg/kOErvrT26DrWAgWYBfiBqM1fIsaaTcS2A6+O9MOkAQ35
YaNs6dfhS/84yDO1vMvmTluKxKzZAUxIzR+M+VAPQxstZgyF0aD1hvhJxtNITcYb
RhsJJQs0vevqWf1qkfX0d/AUA/rxhz/3tgQs2poQm0Ln5ezV94KNpa+tf1BopFDx
Gkui3B1WIWUqSgc4H9mResgYTTvaKCx91EIkhj08A6wjBXGyax66yzj9OkBaUo6N
KrPKj6JhpM9puWYNfY7bPeRtZu7wrSczEIW4ine3oWfTIZRxVZgGhmVHDQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD7oZ+ENlKXeOiP26FSAo056gW7IMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvUHVobjRRMlVwZDQ2SV9ib1ZJQ2pUbnFCYnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCXoNAAwQD
XoNIAwQDX6QYAwQBX6ROAwQEX6RgMA0GCSqGSIb3DQEBCwUAA4IBAQCipcaqFrmt
MAyGdpf/0nueaTaiPCTSOOwZO5cwbiLQuNEz4qH7QlU0ouvbU7MkuelgaxnpS8tC
TH0/LvkZ2OG+ptvGaqqkO4hnowg4x3Vn1MS3ksxYApcbXpyVNrGkd5jyNPfdQLyw
UbkZCwoxsqwFFayyjSOKdn/3uTxHghmCFSou+b3i3oCxR5ciFj4P3xYNvGYnIghs
lrk/zWC8muiZhHssbPyntWr1L1DirewxuBY7Q7HS7CcyT2SQ6CE54yUBm3u8lqik
NMGCilUk36k6Pid+EKfs5/MY6doi7gDJTgaijGwweT8U8C1cWw6ra2/tIK4fclcP
YXdW6t55iSGu
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:04 2025 by rpki-client