Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/WePpKk3Ag2FsM-i8gFqo1fgY0s4.roa
File: WePpKk3Ag2FsM-i8gFqo1fgY0s4.roa (raw, json)
Hash identifier: gZW0nDr/VfHRSeHDnwIB1ygTMzq5AX5KEpMkXg2h9NE=
Subject key identifier: 59:E3:E9:2A:4D:C0:83:61:6C:33:E8:BC:80:5A:A8:D5:F8:18:D2:CE
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 018F7BD323D96E626B246259525942C6AF24
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/WePpKk3Ag2FsM-i8gFqo1fgY0s4.roa
Signing time: Wed 15 May 2024 10:36:25 +0000
ROA not before: Wed 15 May 2024 10:36:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31216
IP address blocks: 83.243.16.0/21 maxlen: 24
89.30.0.0/17 maxlen: 24
89.30.68.0/22 maxlen: 24
185.143.244.0/22 maxlen: 22
194.126.217.0/24 maxlen: 24
2a01:8200::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 30 Sep 2024 11:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:d3:23:d9:6e:62:6b:24:62:59:52:59:42:c6:af:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: May 15 10:36:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59e3e92a4dc083616c33e8bc805aa8d5f818d2ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d0:42:f4:cd:bc:06:eb:25:55:01:4c:98:61:
2e:67:6e:d9:44:d3:60:72:fd:04:b5:dc:09:ac:70:
35:50:ff:d5:ec:19:97:a9:7e:77:f6:6f:93:82:c7:
c1:66:5d:af:36:1b:f5:cb:a6:b3:29:37:c2:5e:90:
57:43:c4:f3:49:76:73:8c:ae:82:7b:c1:dc:66:cd:
9a:18:d6:2c:d0:11:5d:b9:b0:3a:7b:a7:87:f4:6f:
6e:b9:c6:1a:58:08:a3:4e:f7:77:e2:92:db:c9:f8:
d5:0d:be:f7:04:92:74:ac:63:2a:1d:e8:3e:86:05:
d0:1b:ab:89:4d:55:b4:02:ca:7b:02:70:ef:38:17:
57:94:ba:39:ed:20:9c:8d:66:9c:a3:2b:04:5c:00:
59:20:9f:87:ca:ee:52:9d:e2:1d:04:12:c0:3e:a3:
70:7f:47:d0:7e:da:b4:b4:f3:d9:fe:a2:9f:9b:5d:
c1:81:f8:fc:be:b2:2c:e0:f1:85:48:66:dc:42:f1:
69:52:94:a2:c1:9c:73:ba:d8:4c:a6:e0:6d:b0:ef:
3c:de:fd:f7:8e:e2:6d:2c:8a:3a:09:f0:0d:43:d9:
b5:05:28:bf:53:1e:0d:4e:8e:a7:04:3e:6d:63:c1:
35:4b:f9:82:91:d1:79:8c:6c:93:d1:c3:a7:b1:18:
bf:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:E3:E9:2A:4D:C0:83:61:6C:33:E8:BC:80:5A:A8:D5:F8:18:D2:CE
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/WePpKk3Ag2FsM-i8gFqo1fgY0s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.243.16.0/21
89.30.0.0/17
185.143.244.0/22
194.126.217.0/24
IPv6:
2a01:8200::/32
Signature Algorithm: sha256WithRSAEncryption
04:da:8b:81:33:a7:3d:bd:6d:30:7e:0b:18:f8:a4:b4:fa:ae:
20:4d:0d:a1:8a:28:ef:97:0b:2e:ff:65:0b:04:15:e6:7e:30:
55:91:fb:3b:47:8d:8c:09:4e:1f:80:38:2c:ed:4d:c4:5b:c0:
2d:a7:4e:c6:fe:fb:7d:ee:02:0c:d6:b5:f5:9c:05:dd:92:a3:
56:fd:2f:38:26:98:46:27:18:b6:81:9b:60:cd:03:fd:77:60:
8c:54:df:cb:34:37:a2:ad:94:9c:7e:8e:f9:c8:27:b4:c4:8f:
12:57:9c:29:4b:c7:fc:35:9c:58:58:2c:2d:3e:a7:1b:2e:a2:
2f:25:b9:80:c2:ef:bd:dd:00:23:ba:4a:f3:a4:10:29:ce:38:
56:ae:16:e5:8c:20:4a:8b:6f:69:fa:08:06:d3:3d:86:ee:a5:
11:dd:24:c8:fe:17:c0:97:fc:f5:46:82:95:dc:91:4b:f8:c6:
fc:05:a6:22:fc:aa:8e:6e:e3:5f:86:c7:82:b9:0d:f8:9a:21:
4e:10:c8:ac:16:2f:7e:23:36:fd:2f:e4:a9:85:1d:ef:c4:1b:
58:44:e9:f3:df:4a:c9:b3:e0:8f:3d:07:fc:92:f6:1d:0f:f6:
80:20:0e:a9:4a:61:6f:3c:6e:c5:4d:38:d4:4a:65:34:b7:8e:
2e:af:b1:6e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY970yPZbmJrJGJZUllCxq8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjQwNTE1MTAzNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWUzZTkyYTRkYzA4MzYxNmMzM2U4YmM4MDVhYThkNWY4MThkMmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdBC9M28BuslVQFMmGEuZ27ZRNNg
cv0EtdwJrHA1UP/V7BmXqX539m+TgsfBZl2vNhv1y6azKTfCXpBXQ8TzSXZzjK6C
e8HcZs2aGNYs0BFdubA6e6eH9G9uucYaWAijTvd34pLbyfjVDb73BJJ0rGMqHeg+
hgXQG6uJTVW0Asp7AnDvOBdXlLo57SCcjWacoysEXABZIJ+Hyu5SneIdBBLAPqNw
f0fQftq0tPPZ/qKfm13Bgfj8vrIs4PGFSGbcQvFpUpSiwZxzuthMpuBtsO883v33
juJtLIo6CfANQ9m1BSi/Ux4NTo6nBD5tY8E1S/mCkdF5jGyT0cOnsRi/ywIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFnj6SpNwINhbDPovIBaqNX4GNLOMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvV2VQcEtrM0FnMkZzTS1pOGdGcW8xZmdZMHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDU/MQAwQH
WR4AAwQCuY/0AwQAwn7ZMA0EAgACMAcDBQAqAYIAMA0GCSqGSIb3DQEBCwUAA4IB
AQAE2ouBM6c9vW0wfgsY+KS0+q4gTQ2hiijvlwsu/2ULBBXmfjBVkfs7R42MCU4f
gDgs7U3EW8Atp07G/vt97gIM1rX1nAXdkqNW/S84JphGJxi2gZtgzQP9d2CMVN/L
NDeirZScfo75yCe0xI8SV5wpS8f8NZxYWCwtPqcbLqIvJbmAwu+93QAjukrzpBAp
zjhWrhbljCBKi29p+ggG0z2G7qUR3STI/hfAl/z1RoKV3JFL+Mb8BaYi/KqObuNf
hseCuQ34miFOEMisFi9+Izb9L+SphR3vxBtYROnz30rJs+CPPQf8kvYdD/aAIA6p
SmFvPG7FTTjUSmU0t44ur7Fu
-----END CERTIFICATE-----
Generated at Mon Sep 30 14:02:05 2024 by rpki-client on console-ams.rpki-client.org