Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/JTulePtrj8f3NpZQZ2aEe5dvVaI.roa
File: JTulePtrj8f3NpZQZ2aEe5dvVaI.roa (raw, json)
Hash identifier: Qxj80M850bRqhfZrIuvW7j3He3KYVpeEAKOG7Ao8K9k=
Subject key identifier: 25:3B:A5:78:FB:6B:8F:C7:F7:36:96:50:67:66:84:7B:97:6F:55:A2
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0194EF7B9A370459A29F0CA65B0422F9E281
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/JTulePtrj8f3NpZQZ2aEe5dvVaI.roa
Signing time: Mon 10 Feb 2025 10:50:42 +0000
ROA not before: Mon 10 Feb 2025 10:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a09:6284::/32 maxlen: 32
2a09:e5c0::/32 maxlen: 32
2a09:e5c1::/32 maxlen: 32
2a09:e5c2::/32 maxlen: 32
2a09:e5c3::/32 maxlen: 32
2a09:e5c4::/32 maxlen: 32
2a09:e5c5::/32 maxlen: 32
2a09:e5c6::/32 maxlen: 32
2a0e:b140::/29 maxlen: 29
2a10:4103::/32 maxlen: 32
2a10:4104::/32 maxlen: 32
2a11:4b47::/32 maxlen: 32
2a12:a343::/32 maxlen: 32
2a12:a344::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Feb 2025 05:36:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ef:7b:9a:37:04:59:a2:9f:0c:a6:5b:04:22:f9:e2:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 10 10:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=253ba578fb6b8fc7f73696506766847b976f55a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fe:18:4e:0c:23:5a:43:0a:50:66:6c:cf:51:
67:6a:46:d5:72:a7:a1:0f:91:7c:00:e4:00:2e:47:
be:e3:b9:0a:fa:52:bc:06:a1:08:82:30:99:45:dd:
d7:6e:30:eb:5a:8a:3a:67:6d:cc:e5:3b:4e:df:c0:
7a:d3:c5:ec:8f:0d:59:0c:35:bd:d4:5e:b7:86:41:
85:d3:fc:b1:ec:fc:20:af:69:b0:4f:25:4a:b8:22:
40:4a:8a:e3:18:b7:82:38:31:2b:9a:b8:e2:d9:39:
2f:45:03:7a:63:7e:7f:3a:a3:ce:0e:f3:1b:f5:f8:
1a:8a:82:e8:79:9c:b6:b7:e7:4f:cf:b4:1d:af:e6:
5b:fb:a0:cf:15:b2:e5:32:ef:db:23:08:87:0a:63:
41:71:5a:c6:1e:1d:fe:18:17:f0:f9:b0:9a:fc:6a:
fb:15:f1:47:1f:47:f5:e9:40:39:da:9b:a4:87:a8:
4b:22:38:05:a6:aa:6a:af:5e:c3:bf:f0:98:74:96:
76:54:8b:69:ad:35:03:af:93:d1:6b:fa:17:c4:e5:
2d:b2:6d:b6:76:8c:a0:92:76:76:cd:a8:b8:f5:c9:
5c:51:54:cb:bb:5c:5e:7a:a7:b5:0d:70:28:3f:02:
ae:44:2c:0d:d5:3b:12:ff:79:91:80:e6:ff:89:47:
8a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:3B:A5:78:FB:6B:8F:C7:F7:36:96:50:67:66:84:7B:97:6F:55:A2
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/JTulePtrj8f3NpZQZ2aEe5dvVaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6284::/32
2a09:e5c0::-2a09:e5c6:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:b140::/29
2a10:4103::-2a10:4104:ffff:ffff:ffff:ffff:ffff:ffff
2a11:4b47::/32
2a12:a343::-2a12:a344:ffff:ffff:ffff:ffff:ffff:ffff
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
71:e4:16:65:8f:52:2c:e9:02:70:f2:5e:fe:62:a4:f8:c1:83:
bf:70:1d:80:93:7d:da:d7:15:1a:4d:8a:ce:20:4a:a3:b7:57:
8c:ad:ad:08:f4:a8:6b:35:22:ba:db:dd:68:43:a9:c2:79:50:
4d:45:a8:2c:c8:66:f7:0c:18:e8:e9:17:37:f8:22:7a:9e:b1:
66:5c:c2:94:e7:b9:f0:7c:27:53:78:3e:40:5c:da:c8:0f:cf:
0b:ae:1c:20:e3:92:75:eb:bf:d3:31:f8:0c:77:55:6a:fc:7d:
42:09:96:ee:4f:02:32:3e:5c:aa:0c:02:9f:d2:df:8c:53:12:
78:86:4c:c0:72:eb:6c:ad:87:94:4c:fd:25:28:b4:30:ad:e9:
f4:04:80:48:b6:18:e1:79:e1:03:69:78:b8:03:88:67:38:e0:
66:f2:fa:06:49:d8:ec:82:a5:07:1d:b3:60:45:1f:c0:55:61:
7c:f2:ee:a2:e3:01:a9:29:5d:56:ac:78:e9:b9:81:12:41:bb:
ab:35:76:4a:9d:bf:cc:08:64:0e:e0:a8:11:7e:db:aa:14:f0:
d0:63:81:a8:31:2d:85:d4:78:8f:53:44:a4:70:2f:0d:7b:97:
db:62:21:76:db:6b:90:20:0b:d6:aa:76:6d:2c:03:2d:2a:00:
3f:e2:a5:d2
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZTve5o3BFminwymWwQi+eKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMjEwMTA1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTNiYTU3OGZiNmI4ZmM3ZjczNjk2NTA2NzY2ODQ3Yjk3NmY1NWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf4YTgwjWkMKUGZsz1FnakbVcqeh
D5F8AOQALke+47kK+lK8BqEIgjCZRd3XbjDrWoo6Z23M5TtO38B608Xsjw1ZDDW9
1F63hkGF0/yx7Pwgr2mwTyVKuCJASorjGLeCODErmrji2TkvRQN6Y35/OqPODvMb
9fgaioLoeZy2t+dPz7Qdr+Zb+6DPFbLlMu/bIwiHCmNBcVrGHh3+GBfw+bCa/Gr7
FfFHH0f16UA52pukh6hLIjgFpqpqr17Dv/CYdJZ2VItprTUDr5PRa/oXxOUtsm22
doygknZ2zai49clcUVTLu1xeeqe1DXAoPwKuRCwN1TsS/3mRgOb/iUeK3wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFCU7pXj7a4/H9zaWUGdmhHuXb1WiMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvSlR1bGVQdHJqOGYzTnBaUVoyYUVlNWR2VmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAwUAKglihDAO
AwUGKgnlwAMFACoJ5cYDBQMqDrFAMA4DBQAqEEEDAwUAKhBBBAMFACoRS0cwDgMF
ACoSo0MDBQAqEqNEAwUAKhKjRjANBgkqhkiG9w0BAQsFAAOCAQEAceQWZY9SLOkC
cPJe/mKk+MGDv3AdgJN92tcVGk2KziBKo7dXjK2tCPSoazUiutvdaEOpwnlQTUWo
LMhm9wwY6OkXN/giep6xZlzClOe58HwnU3g+QFzayA/PC64cIOOSdeu/0zH4DHdV
avx9QgmW7k8CMj5cqgwCn9LfjFMSeIZMwHLrbK2HlEz9JSi0MK3p9ASASLYY4Xnh
A2l4uAOIZzjgZvL6BknY7IKlBx2zYEUfwFVhfPLuouMBqSldVqx46bmBEkG7qzV2
Sp2/zAhkDuCoEX7bqhTw0GOBqDEthdR4j1NEpHAvDXuX22IhdttrkCAL1qp2bSwD
LSoAP+Kl0g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:03:28 2025 by rpki-client