Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Lyj5Mdi2zZ8pb57NIQGJ3hr_-6k.roa
File: Lyj5Mdi2zZ8pb57NIQGJ3hr_-6k.roa (raw, json)
Hash identifier: ya7lHrj6ZsoWIiNN7vB6e+q4nhxjgpUGAMJF8zRkiTc=
Subject key identifier: 2F:28:F9:31:D8:B6:CD:9F:29:6F:9E:CD:21:01:89:DE:1A:FF:FB:A9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01959DCD44C13E2D3498CD258852A26AB110
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Lyj5Mdi2zZ8pb57NIQGJ3hr_-6k.roa
Signing time: Sun 16 Mar 2025 07:13:50 +0000
ROA not before: Sun 16 Mar 2025 07:13:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215211
IP address blocks: 217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
2a14:6e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 20 Mar 2025 19:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9d:cd:44:c1:3e:2d:34:98:cd:25:88:52:a2:6a:b1:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 16 07:13:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f28f931d8b6cd9f296f9ecd210189de1afffba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:56:af:ce:19:c8:b4:a0:67:aa:ee:6e:91:fe:
66:e3:2c:a9:11:13:46:91:61:d2:70:06:d5:21:7a:
76:0b:81:c0:2a:1d:be:d1:bc:66:5f:69:95:a8:2a:
a9:74:60:79:23:7c:a9:9f:aa:4d:ea:8c:63:3b:54:
93:9b:6d:ba:7c:18:7d:cd:48:66:01:41:b4:f6:0f:
eb:c6:8e:f6:bd:6d:e7:d6:06:54:0d:8e:4d:61:ff:
e3:9e:85:b9:a5:b9:6e:20:88:69:14:7b:42:d4:ac:
ba:1a:42:cf:06:3e:a7:8e:c4:f7:dc:93:aa:55:7b:
f5:f8:35:75:4f:10:a9:87:5f:af:d2:fa:c8:f3:80:
90:72:86:f0:e1:07:3a:05:e4:54:d8:cc:21:10:7c:
43:d5:21:a9:75:d0:ee:4a:c2:08:f3:8e:7e:70:3a:
0d:33:73:aa:5f:51:5e:73:4a:05:6e:3d:39:39:d3:
a5:90:79:9c:10:d2:f7:a2:46:56:1b:5c:fa:ad:f7:
1d:42:23:9d:03:67:8a:38:aa:94:ad:6a:ad:d8:b0:
0a:bc:88:ca:4b:47:cf:63:9c:56:67:13:d0:b7:b7:
e6:a2:7d:04:ed:0d:4e:e6:5c:8a:d3:db:71:12:30:
f6:ba:a8:c2:8e:93:b3:ec:c0:ed:d6:06:4c:4e:ab:
d8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:28:F9:31:D8:B6:CD:9F:29:6F:9E:CD:21:01:89:DE:1A:FF:FB:A9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Lyj5Mdi2zZ8pb57NIQGJ3hr_-6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.196.0/23
217.60.244.0/23
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
4c:26:d7:e0:30:4a:91:ed:2b:2b:eb:28:fa:c7:d9:7b:38:a7:
14:30:68:57:c9:f0:e7:31:81:5d:57:76:11:a1:0c:6d:f5:d6:
f3:02:3a:45:88:46:24:22:09:20:e1:b2:4a:46:d7:09:0e:27:
ce:3e:49:6e:fa:9a:42:2b:49:97:1c:59:e4:0b:ca:6f:78:08:
29:89:35:7c:f4:62:b7:0d:0c:6e:45:51:18:aa:37:bd:4e:77:
9b:4b:10:44:5d:47:c7:05:e6:45:f4:b1:3b:81:1d:9e:f6:90:
6b:85:d9:0d:12:58:51:f5:b8:79:fc:38:0b:86:26:51:3d:31:
8b:cb:8f:f6:54:e8:60:81:f5:74:4c:7f:93:3e:d4:26:32:4d:
c8:1e:9e:a0:62:a3:97:df:8e:ad:50:9d:c8:8a:5b:73:89:e1:
95:45:91:14:d1:59:85:b1:96:71:ab:cf:62:97:dd:74:82:eb:
7a:8c:9c:43:a4:33:39:49:ef:c9:ed:0c:e1:82:5d:e7:44:0e:
b8:a0:d6:d7:ec:7d:a7:da:22:e2:9d:28:67:5b:8f:63:5c:29:
f6:6a:57:e7:68:e1:b5:62:ad:18:c2:dd:f3:e8:db:47:9a:ee:
c8:fb:2b:9c:02:85:3e:e7:d3:63:a4:1d:1f:d4:48:4a:ba:8a:
55:f6:e5:35
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZWdzUTBPi00mM0liFKiarEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE2MDcxMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjI4ZjkzMWQ4YjZjZDlmMjk2ZjllY2QyMTAxODlkZTFhZmZmYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFavzhnItKBnqu5ukf5m4yypERNG
kWHScAbVIXp2C4HAKh2+0bxmX2mVqCqpdGB5I3ypn6pN6oxjO1STm226fBh9zUhm
AUG09g/rxo72vW3n1gZUDY5NYf/jnoW5pbluIIhpFHtC1Ky6GkLPBj6njsT33JOq
VXv1+DV1TxCph1+v0vrI84CQcobw4Qc6BeRU2MwhEHxD1SGpddDuSsII845+cDoN
M3OqX1Fec0oFbj05OdOlkHmcENL3okZWG1z6rfcdQiOdA2eKOKqUrWqt2LAKvIjK
S0fPY5xWZxPQt7fmon0E7Q1O5lyK09txEjD2uqjCjpOz7MDt1gZMTqvYWQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC8o+THYts2fKW+ezSEBid4a//upMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTHlqNU1kaTJ6WjhwYjU3TklRR0ozaHJfLTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQB2TzEAwQB
2Tz0MA0EAgACMAcDBQAqFG5AMA0GCSqGSIb3DQEBCwUAA4IBAQBMJtfgMEqR7Ssr
6yj6x9l7OKcUMGhXyfDnMYFdV3YRoQxt9dbzAjpFiEYkIgkg4bJKRtcJDifOPklu
+ppCK0mXHFnkC8pveAgpiTV89GK3DQxuRVEYqje9TnebSxBEXUfHBeZF9LE7gR2e
9pBrhdkNElhR9bh5/DgLhiZRPTGLy4/2VOhggfV0TH+TPtQmMk3IHp6gYqOX346t
UJ3IiltzieGVRZEU0VmFsZZxq89il910gut6jJxDpDM5Se/J7Qzhgl3nRA64oNbX
7H2n2iLinShnW49jXCn2alfnaOG1Yq0Ywt3z6NtHmu7I+yucAoU+59NjpB0f1EhK
uopV9uU1
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:05:15 2025 by rpki-client