Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/031100-458a-474e-927c-df027916ce50/1/liqmS4reKB7SoiiTtehE1opWsCg.roa
File: liqmS4reKB7SoiiTtehE1opWsCg.roa (raw, json)
Hash identifier: MZDm4nfZn5zmxP/CBEClcK1b9FHfPE6KPbb3miXcQbs=
Subject key identifier: 96:2A:A6:4B:8A:DE:28:1E:D2:A2:28:93:B5:E8:44:D6:8A:56:B0:28
Certificate issuer: /CN=7cd162dec78209bc03add081527d54b27e84d26e
Certificate serial: 0193D9A5022F80AC4DCE76EFF3826D6D3138
Authority key identifier: 7C:D1:62:DE:C7:82:09:BC:03:AD:D0:81:52:7D:54:B2:7E:84:D2:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fNFi3seCCbwDrdCBUn1Usn6E0m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/031100-458a-474e-927c-df027916ce50/1/liqmS4reKB7SoiiTtehE1opWsCg.roa
Signing time: Wed 18 Dec 2024 12:01:29 +0000
ROA not before: Wed 18 Dec 2024 12:01:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43073
IP address blocks: 45.128.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:a5:02:2f:80:ac:4d:ce:76:ef:f3:82:6d:6d:31:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cd162dec78209bc03add081527d54b27e84d26e
Validity
Not Before: Dec 18 12:01:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=962aa64b8ade281ed2a22893b5e844d68a56b028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1e:dc:04:ff:2f:3d:ef:93:f5:ff:cd:ac:bb:
9c:94:3c:7f:05:1c:1a:5b:8e:cd:a2:f7:27:80:c2:
39:bb:8b:10:02:81:b8:26:f7:88:23:d7:f0:87:4d:
a0:dd:89:c9:7d:f8:5e:d1:a7:6c:06:a0:cc:5c:68:
a0:37:2d:ea:30:5b:6b:cd:51:66:30:c1:ca:c2:b2:
5c:cd:e2:f2:6f:a6:da:59:bd:af:61:d6:03:c2:ee:
03:8b:44:c1:a9:1d:a7:09:dc:ce:99:22:64:ca:03:
7e:fb:e8:33:86:31:46:97:c4:75:1e:c7:18:6e:fa:
80:77:0b:2c:b0:87:d4:65:d9:ad:e4:54:77:c4:53:
d9:4a:ba:0c:81:4a:0c:7c:33:27:ea:5b:ba:90:d2:
7d:42:de:7b:7f:be:ad:52:7f:c1:48:70:59:20:7e:
10:fb:0c:66:95:80:85:3c:ff:52:e3:58:3a:39:0e:
e3:cc:73:29:d6:96:21:fa:fd:6c:60:2d:0c:43:06:
cb:3c:fc:1a:dd:86:80:0e:ae:d0:37:2d:7b:e5:23:
ea:b0:77:90:d6:33:8c:83:75:83:b5:08:cc:6a:fd:
0f:8c:3a:de:72:86:55:fd:6e:f5:bd:bb:61:38:c0:
7f:0a:f2:4a:60:4a:37:86:75:cb:ef:07:20:64:e5:
c6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2A:A6:4B:8A:DE:28:1E:D2:A2:28:93:B5:E8:44:D6:8A:56:B0:28
X509v3 Authority Key Identifier:
keyid:7C:D1:62:DE:C7:82:09:BC:03:AD:D0:81:52:7D:54:B2:7E:84:D2:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fNFi3seCCbwDrdCBUn1Usn6E0m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/031100-458a-474e-927c-df027916ce50/1/liqmS4reKB7SoiiTtehE1opWsCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/031100-458a-474e-927c-df027916ce50/1/fNFi3seCCbwDrdCBUn1Usn6E0m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.108.0/22
Signature Algorithm: sha256WithRSAEncryption
35:07:50:d4:66:8d:eb:82:81:24:d3:2e:69:96:67:63:46:a8:
9b:dd:09:f8:c9:5d:c3:ce:c6:f6:37:2d:a9:cb:58:28:bd:fa:
51:ce:f9:d4:9d:b1:11:88:0d:c9:05:b9:38:da:d0:6d:58:14:
3c:28:38:f6:9f:67:0b:cf:2d:ff:d4:83:d9:e8:ca:4d:5b:4e:
c5:8f:cb:53:df:0b:23:55:85:df:99:55:b6:26:7c:e1:50:bc:
23:4d:3f:0f:e2:a5:5d:f7:8a:9d:e2:f6:96:2c:cc:b0:66:eb:
40:93:68:0f:cc:38:c4:86:85:8b:b1:a4:c7:21:3e:37:04:b0:
ec:7d:a5:78:c5:cf:c1:77:d4:43:e1:16:5b:ae:47:e1:72:67:
1a:cc:16:0a:59:7b:4d:cf:1b:7d:f1:28:2f:2d:25:c7:9f:04:
73:66:dd:16:d9:d7:b5:9b:6a:34:64:44:28:19:f1:5a:26:9b:
7c:f9:7b:13:77:f5:49:bc:f2:db:f5:3a:27:e6:93:11:8f:b5:
60:c2:24:b8:ea:ef:89:5b:ae:a4:01:cb:ce:da:bd:92:f8:69:
53:0e:88:66:9e:76:a9:a7:55:5b:a1:ce:7b:b0:3a:47:64:b0:
ce:e1:58:1b:eb:cf:cc:c2:67:85:a4:e9:cb:4e:54:84:1e:72:
c8:10:5b:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPZpQIvgKxNznbv84JtbTE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZDE2MmRlYzc4MjA5YmMwM2FkZDA4MTUyN2Q1NGIyN2U4
NGQyNmUwHhcNMjQxMjE4MTIwMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJhYTY0YjhhZGUyODFlZDJhMjI4OTNiNWU4NDRkNjhhNTZiMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh7cBP8vPe+T9f/NrLuclDx/BRwa
W47NovcngMI5u4sQAoG4JveII9fwh02g3YnJffhe0adsBqDMXGigNy3qMFtrzVFm
MMHKwrJczeLyb6baWb2vYdYDwu4Di0TBqR2nCdzOmSJkygN+++gzhjFGl8R1HscY
bvqAdwsssIfUZdmt5FR3xFPZSroMgUoMfDMn6lu6kNJ9Qt57f76tUn/BSHBZIH4Q
+wxmlYCFPP9S41g6OQ7jzHMp1pYh+v1sYC0MQwbLPPwa3YaADq7QNy175SPqsHeQ
1jOMg3WDtQjMav0PjDrecoZV/W71vbthOMB/CvJKYEo3hnXL7wcgZOXGvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYqpkuK3ige0qIok7XoRNaKVrAoMB8GA1UdIwQY
MBaAFHzRYt7Hggm8A63QgVJ9VLJ+hNJuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk5GaTNzZUNDYndEcmRDQlVuMVVzbjZFMG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wMzExMDAtNDU4YS00NzRlLTkyN2Mt
ZGYwMjc5MTZjZTUwLzEvbGlxbVM0cmVLQjdTb2lpVHRlaEUxb3BXc0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wMzExMDAtNDU4YS00NzRlLTkyN2MtZGYwMjc5MTZjZTUw
LzEvZk5GaTNzZUNDYndEcmRDQlVuMVVzbjZFMG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYBsMA0G
CSqGSIb3DQEBCwUAA4IBAQA1B1DUZo3rgoEk0y5plmdjRqib3Qn4yV3Dzsb2Ny2p
y1govfpRzvnUnbERiA3JBbk42tBtWBQ8KDj2n2cLzy3/1IPZ6MpNW07Fj8tT3wsj
VYXfmVW2JnzhULwjTT8P4qVd94qd4vaWLMywZutAk2gPzDjEhoWLsaTHIT43BLDs
faV4xc/Bd9RD4RZbrkfhcmcazBYKWXtNzxt98SgvLSXHnwRzZt0W2de1m2o0ZEQo
GfFaJpt8+XsTd/VJvPLb9Ton5pMRj7VgwiS46u+JW66kAcvO2r2S+GlTDohmnnap
p1Vboc57sDpHZLDO4Vgb68/MwmeFpOnLTlSEHnLIEFt+
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:16:43 2025 by rpki-client