Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/liWZQCEvdKISKTZKg97oY9r9QKg.roa
File: liWZQCEvdKISKTZKg97oY9r9QKg.roa (raw, json)
Hash identifier: HkMURjsQCqPF7XB5GOPTENOvh5xMV5dzsoNCkvqxl7w=
Subject key identifier: 96:25:99:40:21:2F:74:A2:12:29:36:4A:83:DE:E8:63:DA:FD:40:A8
Certificate issuer: /CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Certificate serial: 0194258F4F40612FCBFF1734922686878ACA
Authority key identifier: 4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/liWZQCEvdKISKTZKg97oY9r9QKg.roa
Signing time: Thu 02 Jan 2025 05:48:56 +0000
ROA not before: Thu 02 Jan 2025 05:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212123
IP address blocks: 2001:67c:e70::/48 maxlen: 48
2001:67c:e74::/48 maxlen: 48
2001:67c:e78::/48 maxlen: 48
2001:67c:e7c::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 05 Jan 2025 00:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:4f:40:61:2f:cb:ff:17:34:92:26:86:87:8a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Validity
Not Before: Jan 2 05:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96259940212f74a21229364a83dee863dafd40a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:e4:8e:45:4f:57:b1:20:02:ae:3d:9f:d2:cd:
18:dd:2c:bb:85:26:01:8f:bf:91:42:57:5f:01:ad:
25:fa:a3:7d:32:75:48:18:dc:b9:7d:a7:94:39:c8:
b1:24:d0:ca:99:2a:84:8d:b9:2b:ec:ab:8e:e2:ed:
c4:78:59:aa:7f:20:8a:98:1d:eb:ab:57:5c:5e:e9:
d3:bf:af:0d:9a:af:a6:ce:d7:7c:61:9b:f7:58:5b:
7f:4a:d6:ee:ed:f2:71:6b:58:2f:19:c8:cf:a0:33:
62:49:9b:d3:f7:f7:75:ad:c5:af:36:c6:4e:bc:f6:
45:71:42:b2:81:1f:24:b0:71:97:9c:15:34:e8:05:
49:e2:3c:54:78:18:bb:91:99:b4:e8:71:72:02:6f:
66:9d:c0:4a:95:f1:c0:be:66:64:64:a2:5b:ef:6f:
1f:2b:c9:cd:98:4b:73:18:8b:ad:60:c8:c9:59:b5:
e2:01:4f:46:7d:90:1b:33:ea:89:7a:0a:49:d1:c8:
13:3c:73:6a:2c:23:66:30:49:3d:21:b3:73:23:1a:
0a:5a:ff:d6:a0:cf:dc:4e:56:d4:95:94:7f:20:32:
22:9b:35:72:05:4e:98:bf:5e:18:a1:2d:d6:51:13:
96:c6:95:5b:ce:16:e6:fd:5b:52:30:fa:bd:42:ea:
cd:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:25:99:40:21:2F:74:A2:12:29:36:4A:83:DE:E8:63:DA:FD:40:A8
X509v3 Authority Key Identifier:
keyid:4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/liWZQCEvdKISKTZKg97oY9r9QKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/Tq8Utn4FHPvV4bHVFpPURoI5J5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:e70::/48
2001:67c:e74::/48
2001:67c:e78::/48
2001:67c:e7c::/48
Signature Algorithm: sha256WithRSAEncryption
2f:0a:00:ba:9b:ef:02:6d:b6:23:27:f1:fd:d0:ba:a7:fd:7d:
5d:17:d2:64:ea:fc:67:b1:9f:a2:09:df:f0:bf:54:a6:0a:c9:
11:51:eb:e1:c4:41:1c:af:6c:40:11:13:b2:02:ba:e8:fe:b3:
d0:3c:9e:5a:b5:01:5f:d3:c7:c3:4a:a0:bc:ec:0e:5c:15:20:
6c:18:0f:70:d1:63:ab:aa:ae:dd:81:b2:e0:38:cb:42:d2:cf:
a1:c3:8e:91:09:e9:40:e2:bf:4b:0f:50:47:85:05:07:c4:46:
3c:e2:48:44:f2:53:60:1e:2d:a2:b1:99:f8:12:e1:f2:e4:bc:
e3:24:88:1f:a4:71:3a:f1:73:38:71:84:2c:be:e7:88:ab:d5:
80:a0:e5:5d:0b:38:0c:50:2e:31:51:06:e3:fb:44:aa:3f:93:
2c:e8:01:39:fc:57:fe:58:23:30:b6:28:0d:e2:90:80:f9:0a:
bc:42:49:2b:54:22:c7:1c:cc:3e:2e:a3:fa:9f:57:d2:af:47:
a4:de:f8:fe:4c:92:94:c5:dd:f8:4b:ea:03:25:13:4b:08:c0:
bc:cf:36:20:7c:59:49:a8:c2:74:7f:8e:d5:ca:29:9b:cd:fc:
d5:d8:36:d2:bc:62:a6:06:56:ed:bc:f8:6a:a8:45:3a:e6:69:
08:e8:ca:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlj09AYS/L/xc0kiaGh4rKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYWYxNGI2N2UwNTFjZmJkNWUxYjFkNTE2OTNkNDQ2ODIz
OTI3OTIwHhcNMjUwMTAyMDU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjI1OTk0MDIxMmY3NGEyMTIyOTM2NGE4M2RlZTg2M2RhZmQ0MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9OSORU9XsSACrj2f0s0Y3Sy7hSYB
j7+RQldfAa0l+qN9MnVIGNy5faeUOcixJNDKmSqEjbkr7KuO4u3EeFmqfyCKmB3r
q1dcXunTv68Nmq+mztd8YZv3WFt/Stbu7fJxa1gvGcjPoDNiSZvT9/d1rcWvNsZO
vPZFcUKygR8ksHGXnBU06AVJ4jxUeBi7kZm06HFyAm9mncBKlfHAvmZkZKJb728f
K8nNmEtzGIutYMjJWbXiAU9GfZAbM+qJegpJ0cgTPHNqLCNmMEk9IbNzIxoKWv/W
oM/cTlbUlZR/IDIimzVyBU6Yv14YoS3WUROWxpVbzhbm/VtSMPq9QurNKwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJYlmUAhL3SiEik2SoPe6GPa/UCoMB8GA1UdIwQY
MBaAFE6vFLZ+BRz71eGx1RaT1EaCOSeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQt
YmQ1MTJlZDU4Zjc4LzEvbGlXWlFDRXZkS0lTS1RaS2c5N29ZOXI5UUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQtYmQ1MTJlZDU4Zjc4
LzEvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGfA5w
AwcAIAEGfA50AwcAIAEGfA54AwcAIAEGfA58MA0GCSqGSIb3DQEBCwUAA4IBAQAv
CgC6m+8CbbYjJ/H90Lqn/X1dF9Jk6vxnsZ+iCd/wv1SmCskRUevhxEEcr2xAEROy
Arro/rPQPJ5atQFf08fDSqC87A5cFSBsGA9w0WOrqq7dgbLgOMtC0s+hw46RCelA
4r9LD1BHhQUHxEY84khE8lNgHi2isZn4EuHy5LzjJIgfpHE68XM4cYQsvueIq9WA
oOVdCzgMUC4xUQbj+0SqP5Ms6AE5/Ff+WCMwtigN4pCA+Qq8QkkrVCLHHMw+LqP6
n1fSr0ek3vj+TJKUxd34S+oDJRNLCMC8zzYgfFlJqMJ0f47VyimbzfzV2DbSvGKm
BlbtvPhqqEU65mkI6Moc
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:35:44 2025 by rpki-client