Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ly_40zntTzFkUHsLAwyS_S4qBKo.roa
File: ly_40zntTzFkUHsLAwyS_S4qBKo.roa (raw, json)
Hash identifier: v4pA5xoHYpMd0H5/wrGgV/Pedt23wxZYUpfJqBgKhi0=
Subject key identifier: 97:2F:F8:D3:39:ED:4F:31:64:50:7B:0B:03:0C:92:FD:2E:2A:04:AA
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019704034F8AB08E57F0353F1BF364DC9A84
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ly_40zntTzFkUHsLAwyS_S4qBKo.roa
Signing time: Sat 24 May 2025 20:36:55 +0000
ROA not before: Sat 24 May 2025 20:36:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209896
IP address blocks: 2a05:9a43::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 27 May 2025 09:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:04:03:4f:8a:b0:8e:57:f0:35:3f:1b:f3:64:dc:9a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 24 20:36:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=972ff8d339ed4f3164507b0b030c92fd2e2a04aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b7:19:0c:1c:ba:84:fd:71:27:f1:da:0f:36:
8a:e9:da:f2:93:63:21:31:17:9b:ae:13:7d:6c:8e:
a5:c3:10:31:81:02:9d:8b:8a:e3:a3:68:21:33:fb:
c4:71:d8:a4:76:ec:88:7e:ef:e9:34:3b:2f:e0:6b:
eb:ec:7d:ab:33:c5:9b:f0:56:c7:aa:0b:54:3b:fd:
77:51:47:06:51:be:2d:05:29:77:6f:50:f0:dc:d5:
2c:b6:99:12:66:17:1f:74:d7:c8:76:3d:1d:ca:a3:
3f:21:a6:56:6e:dc:2a:dd:d9:87:75:1e:ff:76:72:
b0:15:e6:b8:36:08:ff:e1:32:68:e6:73:0a:fd:a6:
16:2c:28:bc:f4:73:50:cf:c7:fe:65:13:cd:71:cd:
6e:9c:19:a7:fc:b8:23:0b:bd:8b:f3:f8:cd:02:11:
68:08:e8:28:5c:22:ab:a4:88:a1:ee:1a:51:63:d5:
4b:cb:21:a6:af:61:86:32:1b:5a:54:a2:14:d3:27:
09:e7:e9:2f:70:5f:ab:b8:9a:03:65:c0:15:d0:b2:
e7:dd:16:88:fd:25:70:0c:19:72:5c:c7:b7:f0:69:
d6:bd:84:0c:99:63:75:0f:91:be:ae:40:89:81:1b:
46:ec:ff:dc:b5:73:3f:e5:36:28:15:e2:ac:9d:41:
8c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2F:F8:D3:39:ED:4F:31:64:50:7B:0B:03:0C:92:FD:2E:2A:04:AA
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ly_40zntTzFkUHsLAwyS_S4qBKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a43::/32
Signature Algorithm: sha256WithRSAEncryption
bf:72:04:39:57:a5:d9:ca:fc:9a:48:b9:92:30:fc:f3:a7:bd:
57:96:96:71:56:ea:77:c6:e2:9e:5a:61:57:5d:ed:36:e6:46:
f7:b1:6e:4c:f1:8f:1e:08:4b:bc:d8:8e:96:cb:e6:84:34:fa:
fb:77:31:52:8a:8e:8f:ec:33:71:7a:51:39:cf:d7:c2:36:11:
98:44:e8:ad:f9:6a:ac:7f:8c:d5:a2:e3:17:8b:23:ed:25:43:
b2:ad:73:b8:7d:a8:2f:ba:da:d6:11:1b:11:85:82:1a:e6:93:
47:ec:d4:9d:5d:31:b4:63:61:10:a0:0c:b9:1c:d5:7d:29:1c:
86:4c:f8:b0:ab:b1:85:c7:81:5e:bc:93:ae:b6:f3:bc:b5:33:
ee:25:b4:e8:04:5f:40:02:cf:d3:2b:eb:38:a8:79:e1:a9:fc:
4d:47:a6:b1:81:6c:e5:61:19:f4:74:09:2f:f3:e1:3b:f1:c6:
56:a1:33:b6:5a:de:93:fb:58:a1:3a:32:f8:0e:e6:fc:d7:89:
86:05:de:f1:99:8a:77:8b:0b:41:22:17:7f:4e:2b:fc:d2:9c:
33:08:d5:31:04:45:ed:e1:a8:6b:21:c0:40:f0:a1:d5:64:35:
3f:39:3d:b6:66:4b:4e:e7:f9:2e:f1:96:6f:1e:97:88:cf:56:
12:00:0c:1b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcEA0+KsI5X8DU/G/Nk3JqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTI0MjAzNjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzJmZjhkMzM5ZWQ0ZjMxNjQ1MDdiMGIwMzBjOTJmZDJlMmEwNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LcZDBy6hP1xJ/HaDzaK6dryk2Mh
MRebrhN9bI6lwxAxgQKdi4rjo2ghM/vEcdikduyIfu/pNDsv4Gvr7H2rM8Wb8FbH
qgtUO/13UUcGUb4tBSl3b1Dw3NUstpkSZhcfdNfIdj0dyqM/IaZWbtwq3dmHdR7/
dnKwFea4Ngj/4TJo5nMK/aYWLCi89HNQz8f+ZRPNcc1unBmn/LgjC72L8/jNAhFo
COgoXCKrpIih7hpRY9VLyyGmr2GGMhtaVKIU0ycJ5+kvcF+ruJoDZcAV0LLn3RaI
/SVwDBlyXMe38GnWvYQMmWN1D5G+rkCJgRtG7P/ctXM/5TYoFeKsnUGMRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJcv+NM57U8xZFB7CwMMkv0uKgSqMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbHlfNDB6bnRUekZrVUhzTEF3eVNfUzRxQktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgWaQzAN
BgkqhkiG9w0BAQsFAAOCAQEAv3IEOVel2cr8mki5kjD886e9V5aWcVbqd8binlph
V13tNuZG97FuTPGPHghLvNiOlsvmhDT6+3cxUoqOj+wzcXpROc/XwjYRmETorflq
rH+M1aLjF4sj7SVDsq1zuH2oL7ra1hEbEYWCGuaTR+zUnV0xtGNhEKAMuRzVfSkc
hkz4sKuxhceBXryTrrbzvLUz7iW06ARfQALP0yvrOKh54an8TUemsYFs5WEZ9HQJ
L/PhO/HGVqEztlrek/tYoToy+A7m/NeJhgXe8ZmKd4sLQSIXf04r/NKcMwjVMQRF
7eGoayHAQPCh1WQ1Pzk9tmZLTuf5LvGWbx6XiM9WEgAMGw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:54:25 2025 by rpki-client