Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/WNNY7FcTbyL7mXXPLhsE2Y3lbwg.roa
File: WNNY7FcTbyL7mXXPLhsE2Y3lbwg.roa (raw, json)
Hash identifier: Ti6qNNpX072vVSgvCIg5x6WdIAOPW7PI2HpY2ONBlCI=
Subject key identifier: 58:D3:58:EC:57:13:6F:22:FB:99:75:CF:2E:1B:04:D9:8D:E5:6F:08
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0195CEE77468D9F50BE5324B22380A17F55E
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/WNNY7FcTbyL7mXXPLhsE2Y3lbwg.roa
Signing time: Tue 25 Mar 2025 20:03:49 +0000
ROA not before: Tue 25 Mar 2025 20:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:13c2::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 02 Apr 2025 14:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:e7:74:68:d9:f5:0b:e5:32:4b:22:38:0a:17:f5:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Mar 25 20:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58d358ec57136f22fb9975cf2e1b04d98de56f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b4:82:51:d9:bd:10:19:86:24:5b:67:3e:b1:
a3:6e:0e:85:1d:d1:ec:4e:95:5c:73:31:35:c9:04:
40:d1:e4:85:08:92:5c:2f:88:5e:77:16:da:48:9f:
5e:1f:9e:e8:a6:6d:1d:df:96:b2:2b:cc:7b:8f:3f:
69:60:be:16:9b:34:33:a3:45:23:75:91:f5:63:f5:
e4:90:2f:e5:c9:dd:be:9e:60:ec:0e:39:33:d3:9c:
b8:9b:3b:83:5e:7b:21:c4:08:73:c4:16:b0:bd:d4:
5c:24:ee:f5:f6:60:d4:00:1b:48:86:89:51:a2:11:
92:49:f9:67:f6:e1:23:69:d3:cd:25:1f:d2:a6:e0:
31:ca:77:dd:89:97:8d:c6:dd:2e:67:8a:01:98:ff:
d3:76:ba:c8:39:9a:2f:69:1a:91:4c:77:33:d7:60:
6a:1c:2f:19:b6:cc:2d:46:4c:a5:89:0d:d2:ef:99:
ac:f7:14:7b:a6:be:0c:8c:56:38:48:36:f0:14:96:
5a:03:ea:47:33:3a:90:50:56:27:2b:52:a6:8c:64:
50:79:5d:bf:25:9c:2a:e9:9a:64:72:33:b4:b3:09:
d3:49:68:83:6a:5c:ce:78:94:ee:1d:db:f4:83:d5:
79:6e:43:3c:1e:8f:47:4c:69:cb:44:5d:9e:af:a4:
a8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D3:58:EC:57:13:6F:22:FB:99:75:CF:2E:1B:04:D9:8D:E5:6F:08
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/WNNY7FcTbyL7mXXPLhsE2Y3lbwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:13c2::/32
Signature Algorithm: sha256WithRSAEncryption
ad:92:c9:94:5d:8a:b9:f8:2b:68:bb:4d:5b:43:a4:b1:b1:87:
2c:c0:22:47:5e:f0:de:e5:f1:61:7f:ac:a9:a6:1b:7d:fb:45:
ef:6e:cf:59:bb:73:51:35:e1:09:b2:4c:75:c0:e1:3d:42:66:
06:48:a1:6d:a5:25:40:ff:84:4d:f9:2a:f3:09:2e:1d:66:87:
8f:50:42:f8:f8:f9:8c:fc:14:f8:22:1c:16:67:24:a4:d7:52:
0f:84:70:98:50:d5:fe:f3:8f:4c:c9:fe:3b:60:a4:63:f8:fd:
99:17:8f:54:f9:8a:e8:7e:f6:7c:19:9f:71:49:3c:f5:80:6a:
a6:89:ac:50:bc:eb:ca:5d:46:15:43:e8:03:ed:c3:50:d1:5b:
67:ad:6c:a6:81:71:3e:c1:f0:d3:d7:43:51:16:5f:73:8d:de:
e6:8b:ac:39:ea:a2:7b:ac:77:e2:e8:58:ab:a1:ad:b1:59:e7:
7d:fd:95:78:a8:b5:e6:99:b5:02:70:8d:47:73:9b:e7:56:eb:
d1:31:d0:3a:06:58:ec:46:19:47:9c:d0:b5:fa:b1:28:57:45:
a2:e8:c5:75:e5:68:27:20:ee:0d:9e:34:a4:5d:61:41:e8:a1:
34:8d:34:db:97:dc:d7:42:b0:47:0d:c8:e4:f4:9a:ee:b2:b4:
80:39:d1:c0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXO53Ro2fUL5TJLIjgKF/VeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwMzI1MjAwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGQzNThlYzU3MTM2ZjIyZmI5OTc1Y2YyZTFiMDRkOThkZTU2ZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrSCUdm9EBmGJFtnPrGjbg6FHdHs
TpVcczE1yQRA0eSFCJJcL4hedxbaSJ9eH57opm0d35ayK8x7jz9pYL4WmzQzo0Uj
dZH1Y/XkkC/lyd2+nmDsDjkz05y4mzuDXnshxAhzxBawvdRcJO719mDUABtIholR
ohGSSfln9uEjadPNJR/SpuAxynfdiZeNxt0uZ4oBmP/TdrrIOZovaRqRTHcz12Bq
HC8ZtswtRkyliQ3S75ms9xR7pr4MjFY4SDbwFJZaA+pHMzqQUFYnK1KmjGRQeV2/
JZwq6ZpkcjO0swnTSWiDalzOeJTuHdv0g9V5bkM8Ho9HTGnLRF2er6SotwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFjTWOxXE28i+5l1zy4bBNmN5W8IMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvV05OWTdGY1RieUw3bVhYUExoc0UyWTNsYndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg4TwjAN
BgkqhkiG9w0BAQsFAAOCAQEArZLJlF2KufgraLtNW0OksbGHLMAiR17w3uXxYX+s
qaYbfftF727PWbtzUTXhCbJMdcDhPUJmBkihbaUlQP+ETfkq8wkuHWaHj1BC+Pj5
jPwU+CIcFmckpNdSD4RwmFDV/vOPTMn+O2CkY/j9mRePVPmK6H72fBmfcUk89YBq
pomsULzryl1GFUPoA+3DUNFbZ61spoFxPsHw09dDURZfc43e5ousOeqie6x34uhY
q6GtsVnnff2VeKi15pm1AnCNR3Ob51br0THQOgZY7EYZR5zQtfqxKFdFoujFdeVo
JyDuDZ40pF1hQeihNI0025fc10KwRw3I5PSa7rK0gDnRwA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:28:07 2025 by rpki-client