Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/WDZTFLAx2YrqZBO8fgi0r5hSDOw.roa
File: WDZTFLAx2YrqZBO8fgi0r5hSDOw.roa (raw, json)
Hash identifier: 4YLWd77h+fTXqbTyPokbx1h+5DNrbfqJQ+4Lijouetc=
Subject key identifier: 58:36:53:14:B0:31:D9:8A:EA:64:13:BC:7E:08:B4:AF:98:52:0C:EC
Certificate issuer: /CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Certificate serial: 0194855D866665DFCF78F21C4DEED861A70D
Authority key identifier: B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/WDZTFLAx2YrqZBO8fgi0r5hSDOw.roa
Signing time: Mon 20 Jan 2025 20:18:06 +0000
ROA not before: Mon 20 Jan 2025 20:18:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56740
IP address blocks: 2a0e:e6c0:8000::/44 maxlen: 44
Validation: Failed, certificate revoked on Tue 21 Jan 2025 16:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:85:5d:86:66:65:df:cf:78:f2:1c:4d:ee:d8:61:a7:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Validity
Not Before: Jan 20 20:18:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58365314b031d98aea6413bc7e08b4af98520cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bf:e4:97:a6:7b:81:29:7f:bf:d7:8d:b4:7c:
ea:a4:4d:ff:a9:6e:f1:3b:e7:96:5a:e6:2c:9d:29:
6c:a1:02:36:ac:aa:7b:e4:68:6d:78:5a:1a:a0:8d:
d8:54:d3:dd:fe:6a:70:80:0d:c7:c0:fd:bc:b4:ec:
d7:b7:ea:84:04:66:23:36:a0:bc:28:f3:4e:c3:5a:
07:1f:b9:68:d7:69:92:24:95:3d:48:98:4f:f8:ea:
e1:17:ab:4e:fb:3e:d0:68:ea:94:7b:75:6f:fd:41:
f1:71:19:26:15:15:a9:33:32:5b:5a:ae:d4:e2:11:
a0:27:da:21:09:b0:5a:63:68:f1:a7:84:3b:30:5c:
0d:5e:01:9f:d2:6a:9b:54:5e:e6:94:94:60:06:5e:
cb:cd:11:5f:ad:34:ac:2c:6f:71:c3:c2:40:71:46:
dd:d1:ba:7c:d7:d1:55:b4:73:e3:62:42:5a:06:c5:
2b:ee:1f:44:34:30:05:6e:2e:1a:aa:ed:2f:bd:52:
2e:c6:c7:91:dd:10:e9:8d:78:5f:ae:8f:6f:cc:74:
d2:6f:3a:d4:bc:ba:28:ce:56:9f:56:09:94:95:b3:
d0:3a:7b:a8:d7:60:1d:93:19:e5:33:aa:98:93:9c:
a7:45:01:d5:d4:20:69:3c:bc:ea:57:ae:46:cc:4a:
27:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:36:53:14:B0:31:D9:8A:EA:64:13:BC:7E:08:B4:AF:98:52:0C:EC
X509v3 Authority Key Identifier:
keyid:B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/WDZTFLAx2YrqZBO8fgi0r5hSDOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e6c0:8000::/44
Signature Algorithm: sha256WithRSAEncryption
5d:cd:d9:bb:50:7b:d9:ea:52:7f:23:e2:64:d4:80:22:e3:7c:
31:06:5f:8b:ec:59:fd:38:82:1d:8c:b4:68:36:b5:d6:90:9c:
4d:28:04:e0:01:ec:88:6c:34:75:a5:22:b9:0b:19:92:8c:95:
af:4c:4e:17:3c:57:c1:a1:d6:e5:52:60:43:e7:a7:a0:80:2a:
2f:cb:f6:f5:ad:f5:8e:1f:17:d9:05:49:41:9e:06:be:bf:01:
58:6c:7f:84:86:d5:f1:89:4a:e9:fa:1f:f7:d0:21:93:dc:69:
74:83:6e:c1:2a:04:cd:bb:26:89:8c:ee:c3:d2:0a:1b:9e:04:
9d:86:c7:74:8d:0f:54:c4:dc:f3:ac:03:e7:e1:16:a7:b0:db:
71:b2:ad:07:77:72:38:af:3b:72:d0:5c:60:46:cd:01:cd:33:
47:ff:58:b9:18:b4:a4:40:7a:62:a7:3d:91:a1:26:36:8f:71:
a7:be:6a:51:2d:10:2a:10:be:c1:47:1f:92:21:29:15:96:f6:
da:64:ab:ee:a9:72:83:2f:36:ea:cf:ce:92:85:01:a3:22:1f:
62:e7:d2:df:68:5e:4c:b1:da:76:b8:7c:0b:85:78:3b:d7:7d:
33:75:97:38:71:1d:00:1d:50:12:4f:33:b0:33:c9:39:53:4b:
22:62:4d:84
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZSFXYZmZd/PePIcTe7YYacNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzI2MWQ3MTUzNDhiZmQ3M2NlOWRiYjcyNDg4NjU2OTkz
YmEyZjEwHhcNMjUwMTIwMjAxODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODM2NTMxNGIwMzFkOThhZWE2NDEzYmM3ZTA4YjRhZjk4NTIwY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0L/kl6Z7gSl/v9eNtHzqpE3/qW7x
O+eWWuYsnSlsoQI2rKp75GhteFoaoI3YVNPd/mpwgA3HwP28tOzXt+qEBGYjNqC8
KPNOw1oHH7lo12mSJJU9SJhP+OrhF6tO+z7QaOqUe3Vv/UHxcRkmFRWpMzJbWq7U
4hGgJ9ohCbBaY2jxp4Q7MFwNXgGf0mqbVF7mlJRgBl7LzRFfrTSsLG9xw8JAcUbd
0bp819FVtHPjYkJaBsUr7h9ENDAFbi4aqu0vvVIuxseR3RDpjXhfro9vzHTSbzrU
vLoozlafVgmUlbPQOnuo12AdkxnlM6qYk5ynRQHV1CBpPLzqV65GzEonyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFg2UxSwMdmK6mQTvH4ItK+YUgzsMB8GA1UdIwQY
MBaAFLJyYdcVNIv9c86du3JIhlaZO6LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2Yt
NTA0ZjI3NjY3NjBmLzEvV0RaVEZMQXgyWXJxWkJPOGZnaTByNWhTRE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2YtNTA0ZjI3NjY3NjBm
LzEvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg7mwIAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBdzdm7UHvZ6lJ/I+Jk1IAi43wxBl+L7Fn9OIId
jLRoNrXWkJxNKATgAeyIbDR1pSK5CxmSjJWvTE4XPFfBodblUmBD56eggCovy/b1
rfWOHxfZBUlBnga+vwFYbH+EhtXxiUrp+h/30CGT3Gl0g27BKgTNuyaJjO7D0gob
ngSdhsd0jQ9UxNzzrAPn4RansNtxsq0Hd3I4rzty0FxgRs0BzTNH/1i5GLSkQHpi
pz2RoSY2j3GnvmpRLRAqEL7BRx+SISkVlvbaZKvuqXKDLzbqz86ShQGjIh9i59Lf
aF5Msdp2uHwLhXg7130zdZc4cR0AHVASTzOwM8k5U0siYk2E
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:37:17 2025 by rpki-client