Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/ZUQDnBdRVzpQVVLIwbjKsLLoTio.roa
File: ZUQDnBdRVzpQVVLIwbjKsLLoTio.roa (raw, json)
Hash identifier: 2+wJxY3OsqXFtbwajRuGGPEMUrrqndGqdAoT1XcGkxM=
Subject key identifier: 65:44:03:9C:17:51:57:3A:50:55:52:C8:C1:B8:CA:B0:B2:E8:4E:2A
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 019524794734FBC1745652E5EB8D5413DB64
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/ZUQDnBdRVzpQVVLIwbjKsLLoTio.roa
Signing time: Thu 20 Feb 2025 17:48:02 +0000
ROA not before: Thu 20 Feb 2025 17:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 2a09:6901::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Mar 2025 09:46:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:24:79:47:34:fb:c1:74:56:52:e5:eb:8d:54:13:db:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Feb 20 17:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6544039c1751573a505552c8c1b8cab0b2e84e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:07:0a:53:1c:c9:0d:c6:aa:5d:16:df:a4:4a:
cc:5d:4a:da:10:1a:86:04:38:e7:39:90:43:e5:91:
e0:e2:60:a5:39:9c:88:5d:ea:0e:79:2d:5a:62:48:
49:77:fd:3e:32:d9:d6:a0:bf:ff:a0:c0:8a:9e:4c:
71:0e:f9:57:a5:56:88:5a:0b:1e:ef:f7:34:a4:d1:
b7:51:76:f9:6a:9e:e6:1c:21:f3:2e:23:49:ff:f4:
5d:95:c6:47:77:4a:60:05:07:8f:17:37:3e:9a:24:
0a:29:24:12:d4:db:72:b4:fe:3d:52:ab:5d:a7:05:
78:96:f8:06:a5:c2:2b:2e:cb:7b:34:b4:66:65:1b:
bc:49:98:59:87:2f:c0:3e:f2:13:e9:e7:2e:40:47:
69:e9:f2:1c:0f:29:26:08:f4:2e:3d:fc:9e:89:f5:
08:bb:cb:40:ce:57:80:a0:cc:56:d5:eb:a6:71:ca:
15:21:90:ac:a2:22:e6:4a:c7:e5:72:1a:60:a7:3b:
73:92:23:2c:83:f0:84:0f:f0:01:d1:ac:eb:bf:54:
7a:74:c7:a8:f0:5a:fa:1f:38:3c:e2:a2:91:d6:ac:
ee:0e:17:f1:5e:55:d4:dc:6b:26:a2:b3:c1:1a:d1:
7f:85:e5:ca:49:a9:9a:69:e1:e1:e6:9f:51:e9:cf:
6f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:44:03:9C:17:51:57:3A:50:55:52:C8:C1:B8:CA:B0:B2:E8:4E:2A
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/ZUQDnBdRVzpQVVLIwbjKsLLoTio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6901::/32
Signature Algorithm: sha256WithRSAEncryption
63:bf:fb:39:f2:52:8b:8b:0a:a6:27:10:43:eb:be:0a:3b:80:
aa:61:7d:4a:57:35:f9:34:65:e6:fc:0e:17:b7:7b:81:9f:5c:
e7:12:44:44:78:6f:71:f7:fa:77:3a:bf:7f:12:3e:5e:59:fa:
9c:ac:38:5c:13:53:4c:f0:07:d8:fc:c1:52:06:09:20:95:94:
b4:c0:e8:6c:31:2f:b4:ef:84:22:4f:2f:81:c8:ef:3d:03:bc:
c2:c5:b3:d0:32:54:e1:96:83:95:e4:61:d7:c9:e5:12:96:be:
d0:7d:67:ef:a7:0e:92:aa:38:67:5a:92:a3:ba:59:7c:7f:db:
cb:89:78:a6:fc:79:df:ae:f2:6e:80:a4:72:6e:fc:da:d2:76:
6a:41:03:dc:53:8c:29:bc:d1:cd:04:4b:18:f9:a3:54:8f:b6:
35:38:90:86:51:dc:7e:cf:cd:8c:87:1f:d6:cb:da:38:eb:ba:
ad:d8:4b:b1:c8:6c:87:74:03:a5:63:eb:75:61:fd:4d:c6:c6:
3e:18:97:c4:8d:fc:13:e0:89:08:d8:f5:f7:2d:df:e6:22:bc:
ec:d7:b7:05:9c:16:c3:1b:14:6d:32:f5:94:97:55:b9:a4:fd:
dd:75:5c:76:8b:c5:85:41:9d:8a:32:ce:36:dd:0b:02:2d:c6:
00:6e:b8:19
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUkeUc0+8F0VlLl641UE9tkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwMjIwMTc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQ0MDM5YzE3NTE1NzNhNTA1NTUyYzhjMWI4Y2FiMGIyZTg0ZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gcKUxzJDcaqXRbfpErMXUraEBqG
BDjnOZBD5ZHg4mClOZyIXeoOeS1aYkhJd/0+MtnWoL//oMCKnkxxDvlXpVaIWgse
7/c0pNG3UXb5ap7mHCHzLiNJ//RdlcZHd0pgBQePFzc+miQKKSQS1NtytP49Uqtd
pwV4lvgGpcIrLst7NLRmZRu8SZhZhy/APvIT6ecuQEdp6fIcDykmCPQuPfyeifUI
u8tAzleAoMxW1eumccoVIZCsoiLmSsflchpgpztzkiMsg/CED/AB0azrv1R6dMeo
8Fr6Hzg84qKR1qzuDhfxXlXU3GsmorPBGtF/heXKSamaaeHh5p9R6c9v6QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGVEA5wXUVc6UFVSyMG4yrCy6E4qMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvWlVRRG5CZFJWenBRVlZMSXdiaktzTExvVGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKglpATAN
BgkqhkiG9w0BAQsFAAOCAQEAY7/7OfJSi4sKpicQQ+u+CjuAqmF9Slc1+TRl5vwO
F7d7gZ9c5xJERHhvcff6dzq/fxI+Xln6nKw4XBNTTPAH2PzBUgYJIJWUtMDobDEv
tO+EIk8vgcjvPQO8wsWz0DJU4ZaDleRh18nlEpa+0H1n76cOkqo4Z1qSo7pZfH/b
y4l4pvx5367yboCkcm782tJ2akED3FOMKbzRzQRLGPmjVI+2NTiQhlHcfs/NjIcf
1svaOOu6rdhLschsh3QDpWPrdWH9TcbGPhiXxI38E+CJCNj19y3f5iK87Ne3BZwW
wxsUbTL1lJdVuaT93XVcdovFhUGdijLONt0LAi3GAG64GQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:08:07 2025 by rpki-client