Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/WNTF--ntYZk5T7z204PKRBzT1z8.roa
File: WNTF--ntYZk5T7z204PKRBzT1z8.roa (raw, json)
Hash identifier: 957yHdibkKXT/xHo9dn+lmoBuSSstIwOTIbyPi8X9Fs=
Subject key identifier: 58:D4:C5:FB:E9:ED:61:99:39:4F:BC:F6:D3:83:CA:44:1C:D3:D7:3F
Certificate issuer: /CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Certificate serial: 018CCA2BAA2450711EEE7BFF2AF4405AE597
Authority key identifier: 77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/WNTF--ntYZk5T7z204PKRBzT1z8.roa
Signing time: Tue 02 Jan 2024 12:35:08 +0000
ROA not before: Tue 02 Jan 2024 12:35:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62392
IP address blocks: 2001:67c:1810::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:aa:24:50:71:1e:ee:7b:ff:2a:f4:40:5a:e5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Validity
Not Before: Jan 2 12:35:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58d4c5fbe9ed6199394fbcf6d383ca441cd3d73f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ff:54:46:d1:84:5d:df:84:20:13:8b:c1:d5:
8a:00:8a:99:67:2a:7e:ab:9c:08:f2:52:39:56:73:
71:2a:e1:55:d2:e6:fc:ac:1a:e5:cf:43:a8:f9:d8:
6c:51:a4:67:a6:70:3b:2b:9a:4f:93:a8:04:2d:fa:
a2:8b:65:94:bf:e5:ff:7a:5d:06:b3:75:51:4e:ba:
85:06:47:bd:6f:b7:7a:dd:f1:d4:52:17:6a:40:4d:
bc:b9:ab:49:fd:ce:c5:90:7f:d8:e5:c7:d1:05:7d:
11:71:fb:41:8b:fc:d4:d4:0c:b8:7a:1b:71:db:31:
a4:7b:dd:fd:57:45:f9:01:90:41:a7:83:1f:21:34:
6d:e8:8c:65:a7:48:3e:8d:79:fc:7d:b1:0e:f5:c2:
19:01:95:b5:17:fd:ce:c9:3f:ad:54:b2:23:53:25:
3f:4d:ba:39:e2:4b:de:7d:af:1b:72:05:7c:0b:70:
08:a5:f6:39:3b:b8:c1:2a:e1:db:60:ea:7a:81:b0:
ef:c2:25:42:ed:11:36:ed:a0:72:9e:e1:c6:d5:e3:
c4:7c:42:91:e0:ae:ba:58:7f:75:43:08:f6:af:b3:
1b:cf:a5:64:dd:f2:83:65:c1:44:bf:74:ec:8b:77:
b9:fa:af:79:17:79:6b:4b:81:83:f5:fe:8c:a8:cf:
51:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D4:C5:FB:E9:ED:61:99:39:4F:BC:F6:D3:83:CA:44:1C:D3:D7:3F
X509v3 Authority Key Identifier:
keyid:77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/WNTF--ntYZk5T7z204PKRBzT1z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1810::/48
Signature Algorithm: sha256WithRSAEncryption
07:82:40:a0:50:d0:9c:2f:d9:03:d7:78:06:b7:b3:ea:2d:32:
da:25:d0:6d:3e:37:69:4e:f1:8a:22:1c:37:72:ba:70:b2:e9:
ae:9a:51:b1:22:95:10:b3:30:88:e7:9f:ad:25:d2:66:96:5b:
a1:2a:02:79:27:36:1a:c6:78:a5:91:3f:ab:97:99:c4:86:cc:
56:34:1e:98:47:ca:58:5c:c5:e9:b5:ed:41:22:06:3b:66:1d:
0e:71:b3:0d:f9:96:6f:c8:ac:b1:4f:ce:a0:bb:82:27:c5:94:
44:65:ed:21:b3:9d:94:bc:06:3d:5f:c3:c8:55:28:0d:48:67:
b0:4f:de:54:28:9b:5e:af:d0:00:15:7f:ea:f3:52:28:0d:1d:
27:fc:5d:4a:71:f4:e5:b8:eb:15:5e:7f:88:a1:01:b0:c8:e8:
7e:dc:86:ae:bc:59:ee:d6:be:ef:52:95:e4:57:a3:98:b5:b3:
46:e2:fd:45:48:ff:f9:f0:ae:b9:ac:e9:73:a7:db:0d:a5:89:
00:c2:f8:e0:a8:58:91:fc:7a:2f:74:ba:0c:a3:cc:38:05:88:
58:2c:bc:88:8f:0d:94:ca:e2:d7:c8:ec:e8:fa:36:74:cf:d6:
fa:0b:c8:de:f3:f8:d4:4f:b2:94:c7:7a:0a:42:12:c5:1c:64:
bc:ab:7c:4a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKK6okUHEe7nv/KvRAWuWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZDJkOTI4NDIzMTA0ZTVjMzQ4MGUyMWI0YTNlZDE0OThi
MmEyN2UwHhcNMjQwMTAyMTIzNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGQ0YzVmYmU5ZWQ2MTk5Mzk0ZmJjZjZkMzgzY2E0NDFjZDNkNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv9URtGEXd+EIBOLwdWKAIqZZyp+
q5wI8lI5VnNxKuFV0ub8rBrlz0Oo+dhsUaRnpnA7K5pPk6gELfqii2WUv+X/el0G
s3VRTrqFBke9b7d63fHUUhdqQE28uatJ/c7FkH/Y5cfRBX0RcftBi/zU1Ay4ehtx
2zGke939V0X5AZBBp4MfITRt6Ixlp0g+jXn8fbEO9cIZAZW1F/3OyT+tVLIjUyU/
Tbo54kvefa8bcgV8C3AIpfY5O7jBKuHbYOp6gbDvwiVC7RE27aBynuHG1ePEfEKR
4K66WH91Qwj2r7Mbz6Vk3fKDZcFEv3Tsi3e5+q95F3lrS4GD9f6MqM9RkwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFjUxfvp7WGZOU+89tODykQc09c/MB8GA1UdIwQY
MBaAFHfS2ShCMQTlw0gOIbSj7RSYsqJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgt
NDg4NzkyMzg4ZTViLzEvV05URi0tbnRZWms1VDd6MjA0UEtSQnpUMXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgtNDg4NzkyMzg4ZTVi
LzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAHgkCgUNCcL9kD13gGt7PqLTLaJdBtPjdpTvGK
Ihw3crpwsumumlGxIpUQszCI55+tJdJmlluhKgJ5JzYaxnilkT+rl5nEhsxWNB6Y
R8pYXMXpte1BIgY7Zh0OcbMN+ZZvyKyxT86gu4InxZREZe0hs52UvAY9X8PIVSgN
SGewT95UKJter9AAFX/q81IoDR0n/F1KcfTluOsVXn+IoQGwyOh+3IauvFnu1r7v
UpXkV6OYtbNG4v1FSP/58K65rOlzp9sNpYkAwvjgqFiR/HovdLoMo8w4BYhYLLyI
jw2UyuLXyOzo+jZ0z9b6C8je8/jUT7KUx3oKQhLFHGS8q3xK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:36 2025 by rpki-client