Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ty5JbjYCodLSRnmgLxiMgeyRWAs.roa
File: ty5JbjYCodLSRnmgLxiMgeyRWAs.roa (raw, json)
Hash identifier: QZz03t+7MMvQwA2NvHcoMve4xojhUN59xg2KzDg0wPM=
Subject key identifier: B7:2E:49:6E:36:02:A1:D2:D2:46:79:A0:2F:18:8C:81:EC:91:58:0B
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 019644B9D09A3BD7123F5EB7216143C85381
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ty5JbjYCodLSRnmgLxiMgeyRWAs.roa
Signing time: Thu 17 Apr 2025 17:09:10 +0000
ROA not before: Thu 17 Apr 2025 17:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:c101::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 23 Apr 2025 20:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:44:b9:d0:9a:3b:d7:12:3f:5e:b7:21:61:43:c8:53:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Apr 17 17:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b72e496e3602a1d2d24679a02f188c81ec91580b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:31:98:df:3a:14:54:14:a4:b0:c6:42:f8:52:
82:c3:6d:7d:69:af:2c:ed:1e:23:3e:f8:f8:f9:da:
ed:96:9f:43:51:73:81:41:61:2d:1d:db:f8:d9:a2:
72:cd:07:69:45:bd:f4:46:1d:7d:7d:2e:25:29:8e:
49:df:af:31:6d:0e:73:48:f8:7a:52:3c:60:95:4b:
4f:47:55:58:85:39:7f:b6:c3:12:32:37:52:a6:ac:
c4:92:2f:7c:ef:33:81:3b:43:56:62:e4:23:5a:77:
79:93:3c:c5:f5:e9:97:80:29:07:92:de:92:77:f0:
ce:ec:32:9b:c2:fa:71:f9:93:6a:04:db:0b:bd:38:
f7:8f:08:1b:10:6d:aa:f2:65:9b:63:b7:f4:ae:69:
b1:c4:9f:4f:f5:85:48:ea:f8:a3:fa:06:a2:2e:34:
9f:54:13:78:24:0b:70:ac:93:fa:fa:39:e1:25:90:
28:59:c1:9e:d2:36:2d:1a:92:44:59:71:95:fb:44:
76:c7:1a:99:a2:fa:c7:d0:d4:01:03:79:d4:7a:9d:
24:6d:60:f5:23:0f:4e:16:9d:2c:cf:5a:34:d1:37:
e9:b5:f8:20:77:dc:2b:a3:b0:6b:ca:7f:4f:fb:b0:
ac:a4:b1:14:ec:c1:11:93:87:e8:5b:a8:8c:3e:61:
5b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2E:49:6E:36:02:A1:D2:D2:46:79:A0:2F:18:8C:81:EC:91:58:0B
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ty5JbjYCodLSRnmgLxiMgeyRWAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:c101::/32
Signature Algorithm: sha256WithRSAEncryption
44:90:85:81:16:60:49:f7:ef:f1:bc:c0:f1:cb:69:d2:68:32:
4c:f4:42:cb:71:99:fb:db:c5:84:b0:be:8d:1b:92:0a:a5:5d:
10:00:fe:3c:c2:20:c7:b8:94:bf:b6:fd:b0:0d:42:82:39:97:
b5:ce:83:f8:48:e3:96:f4:31:4b:1f:86:5c:d9:ec:e0:aa:af:
b6:18:9f:0b:1a:00:3f:ab:8d:a4:59:1b:c8:eb:d6:00:65:78:
e1:bc:f3:a8:3a:06:f9:2f:ef:ce:b7:95:e9:57:2e:a1:89:21:
3c:af:1a:d3:14:42:29:c7:12:a6:fb:92:a6:55:0c:10:89:f0:
51:73:4b:ff:66:58:04:ce:c2:78:61:2f:da:75:f5:62:1a:fa:
ad:da:02:82:8d:dd:0c:91:ed:0a:e7:47:79:9e:36:8b:9c:9a:
40:42:20:a1:d6:64:c6:61:c3:49:76:60:74:d0:ea:df:a1:6e:
f0:5c:3c:68:2a:ac:2b:2d:fd:93:25:4f:6a:4b:2b:d0:e0:6a:
58:80:1e:3c:92:2b:d4:ab:45:31:8e:c8:38:e9:45:6d:55:6b:
17:46:96:83:74:05:b7:54:57:9e:11:d1:f0:2e:47:55:54:02:
48:26:dc:b3:fc:48:6e:5f:b0:1d:64:f1:da:b0:2c:8d:69:75:
20:44:1c:a0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZZEudCaO9cSP163IWFDyFOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwNDE3MTcwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzJlNDk2ZTM2MDJhMWQyZDI0Njc5YTAyZjE4OGM4MWVjOTE1ODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszGY3zoUVBSksMZC+FKCw219aa8s
7R4jPvj4+drtlp9DUXOBQWEtHdv42aJyzQdpRb30Rh19fS4lKY5J368xbQ5zSPh6
UjxglUtPR1VYhTl/tsMSMjdSpqzEki987zOBO0NWYuQjWnd5kzzF9emXgCkHkt6S
d/DO7DKbwvpx+ZNqBNsLvTj3jwgbEG2q8mWbY7f0rmmxxJ9P9YVI6vij+gaiLjSf
VBN4JAtwrJP6+jnhJZAoWcGe0jYtGpJEWXGV+0R2xxqZovrH0NQBA3nUep0kbWD1
Iw9OFp0sz1o00Tfptfggd9wro7Bryn9P+7CspLEU7MERk4foW6iMPmFbJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLcuSW42AqHS0kZ5oC8YjIHskVgLMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvdHk1SmJqWUNvZExTUm5tZ0x4aU1nZXlSV0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhHBATAN
BgkqhkiG9w0BAQsFAAOCAQEARJCFgRZgSffv8bzA8ctp0mgyTPRCy3GZ+9vFhLC+
jRuSCqVdEAD+PMIgx7iUv7b9sA1CgjmXtc6D+EjjlvQxSx+GXNns4KqvthifCxoA
P6uNpFkbyOvWAGV44bzzqDoG+S/vzreV6VcuoYkhPK8a0xRCKccSpvuSplUMEInw
UXNL/2ZYBM7CeGEv2nX1Yhr6rdoCgo3dDJHtCudHeZ42i5yaQEIgodZkxmHDSXZg
dNDq36Fu8Fw8aCqsKy39kyVPaksr0OBqWIAePJIr1KtFMY7IOOlFbVVrF0aWg3QF
t1RXnhHR8C5HVVQCSCbcs/xIbl+wHWTx2rAsjWl1IEQcoA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:16:25 2025 by rpki-client