Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/liwfQ_t8_-SXg6Aq0UAGmBPFEyg.roa
File: liwfQ_t8_-SXg6Aq0UAGmBPFEyg.roa (raw, json)
Hash identifier: 1SU73zLCrmS1yY8Ij1MILhqaRJH7vC46poWWAIiFB+o=
Subject key identifier: 96:2C:1F:43:FB:7C:FF:E4:97:83:A0:2A:D1:40:06:98:13:C5:13:28
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0195A93137BF116032FCC70A3DEB5C969A20
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/liwfQ_t8_-SXg6Aq0UAGmBPFEyg.roa
Signing time: Tue 18 Mar 2025 12:18:49 +0000
ROA not before: Tue 18 Mar 2025 12:18:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 45.43.156.0/24 maxlen: 24
64.137.16.0/24 maxlen: 24
104.239.51.0/24 maxlen: 24
216.173.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 10:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:31:37:bf:11:60:32:fc:c7:0a:3d:eb:5c:96:9a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 18 12:18:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=962c1f43fb7cffe49783a02ad140069813c51328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0f:b1:74:0a:d7:d4:3a:34:9e:e8:23:39:23:
a0:53:26:ad:08:c7:e0:b0:bc:a6:ce:b1:1d:1a:ef:
84:f9:88:c7:ea:c6:3f:a4:36:35:d1:5f:6b:c1:ea:
57:29:53:88:7d:07:b7:56:1e:94:e8:97:94:40:96:
a6:16:a2:16:58:54:30:30:25:0b:63:19:56:a4:b3:
84:6a:5f:14:37:49:4e:ae:a2:cc:ae:54:c5:55:40:
78:da:77:6f:35:4e:e7:46:ac:6a:aa:29:a9:ed:f9:
de:c2:9a:aa:36:60:32:85:13:7f:33:03:21:7c:8a:
71:3c:4a:f3:e0:15:44:ab:87:a8:0b:39:c3:22:f2:
33:f3:59:6b:7b:96:3f:77:29:ae:bc:d7:f3:b9:ef:
fe:4b:b4:df:22:d8:28:7f:7d:50:52:4d:26:b9:38:
10:d9:6b:08:c1:83:e9:4a:85:e3:30:8d:f0:33:26:
01:b1:14:d4:ba:28:ce:96:e2:1d:60:06:b8:77:03:
02:94:c1:ae:3e:1c:00:30:d6:fa:3a:4b:18:86:0f:
84:66:42:99:0d:f9:7a:21:5f:1c:8a:71:bb:a2:28:
c4:13:08:d0:9b:cf:9c:17:82:f6:d8:25:b9:f5:71:
97:d6:85:a1:2f:11:05:78:ec:cd:1c:87:82:31:e7:
24:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2C:1F:43:FB:7C:FF:E4:97:83:A0:2A:D1:40:06:98:13:C5:13:28
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/liwfQ_t8_-SXg6Aq0UAGmBPFEyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.156.0/24
64.137.16.0/24
104.239.51.0/24
216.173.94.0/24
Signature Algorithm: sha256WithRSAEncryption
63:be:0e:8b:1e:2f:21:42:ef:09:29:d4:5e:eb:af:e0:e7:b8:
c5:0a:5e:49:df:40:85:3b:f0:51:13:bf:54:a6:18:b4:87:2b:
a5:6e:58:af:68:7f:a0:1c:e7:6d:47:67:5c:0a:0d:e5:45:7e:
53:a1:d9:96:a3:2d:6d:2d:65:3f:67:77:06:bd:1c:9b:0d:15:
d5:21:7b:57:ef:82:6c:98:5f:42:74:98:36:f8:ba:e3:17:a6:
ce:58:b4:a6:8c:4c:7c:f9:8a:fb:41:70:b4:94:a6:01:64:fa:
69:d4:42:73:c9:fd:af:de:6c:b8:cc:33:cd:d3:13:aa:ad:a3:
91:bb:04:7b:51:a0:d5:c4:30:2e:7d:1a:3a:5a:eb:1f:58:45:
73:1a:1f:1e:45:26:67:ff:d7:d8:25:d3:69:4a:4c:7b:d2:87:
76:4a:0d:4a:01:28:ea:4b:d9:a5:39:c6:20:25:4a:26:1b:ac:
df:e6:7e:02:89:16:92:50:12:c8:99:86:29:9a:09:44:67:fb:
3a:66:d2:19:c8:29:c0:cd:95:c8:5e:1a:09:c7:3c:53:09:20:
71:b1:e6:a3:94:c1:66:c8:70:5b:cb:52:e7:3c:64:e0:a1:e7:
fe:8a:55:03:d5:89:20:7d:47:fd:63:ce:6e:fb:3c:01:d6:34:
b8:e6:3d:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZWpMTe/EWAy/McKPetclpogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMzE4MTIxODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJjMWY0M2ZiN2NmZmU0OTc4M2EwMmFkMTQwMDY5ODEzYzUxMzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A+xdArX1Do0nugjOSOgUyatCMfg
sLymzrEdGu+E+YjH6sY/pDY10V9rwepXKVOIfQe3Vh6U6JeUQJamFqIWWFQwMCUL
YxlWpLOEal8UN0lOrqLMrlTFVUB42ndvNU7nRqxqqimp7fnewpqqNmAyhRN/MwMh
fIpxPErz4BVEq4eoCznDIvIz81lre5Y/dymuvNfzue/+S7TfItgof31QUk0muTgQ
2WsIwYPpSoXjMI3wMyYBsRTUuijOluIdYAa4dwMClMGuPhwAMNb6OksYhg+EZkKZ
Dfl6IV8cinG7oijEEwjQm8+cF4L22CW59XGX1oWhLxEFeOzNHIeCMeckLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJYsH0P7fP/kl4OgKtFABpgTxRMoMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvbGl3ZlFfdDhfLVNYZzZBcTBVQUdtQlBGRXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALSucAwQA
QIkQAwQAaO8zAwQA2K1eMA0GCSqGSIb3DQEBCwUAA4IBAQBjvg6LHi8hQu8JKdRe
66/g57jFCl5J30CFO/BRE79Uphi0hyulblivaH+gHOdtR2dcCg3lRX5TodmWoy1t
LWU/Z3cGvRybDRXVIXtX74JsmF9CdJg2+LrjF6bOWLSmjEx8+Yr7QXC0lKYBZPpp
1EJzyf2v3my4zDPN0xOqraORuwR7UaDVxDAufRo6WusfWEVzGh8eRSZn/9fYJdNp
Skx70od2Sg1KASjqS9mlOcYgJUomG6zf5n4CiRaSUBLImYYpmglEZ/s6ZtIZyCnA
zZXIXhoJxzxTCSBxseajlMFmyHBby1LnPGTgoef+ilUD1YkgfUf9Y85u+zwB1jS4
5j3y
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:42:22 2025 by rpki-client