Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/wehmcnygA7YiMsNSSN49LHxYM5I.roa
File: wehmcnygA7YiMsNSSN49LHxYM5I.roa (raw, json)
Hash identifier: 3/8vKuL71M0UhTbYlFUWg3lUFbQDRFblWgGFP4lOKyQ=
Subject key identifier: C1:E8:66:72:7C:A0:03:B6:22:32:C3:52:48:DE:3D:2C:7C:58:33:92
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 018C49823AAAE89F1D9DCE3555772E509D32
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/wehmcnygA7YiMsNSSN49LHxYM5I.roa
Signing time: Fri 08 Dec 2023 12:58:40 +0000
ROA not before: Fri 08 Dec 2023 12:58:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62904
IP address blocks: 212.68.176.0/22 maxlen: 22
212.68.184.0/22 maxlen: 22
212.68.180.0/22 maxlen: 22
212.68.188.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:49:82:3a:aa:e8:9f:1d:9d:ce:35:55:77:2e:50:9d:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Dec 8 12:58:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1e866727ca003b62232c35248de3d2c7c583392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f9:12:76:99:1e:f7:95:af:5b:dd:83:2a:53:
f6:f9:71:18:f9:6d:c9:9d:c6:25:4d:30:4e:a1:43:
36:24:74:a3:de:f0:bf:00:34:e7:6b:bf:77:c5:e3:
8e:65:71:a2:e0:d1:ad:e3:bb:97:03:81:31:b2:15:
16:b9:0e:77:6d:19:25:14:61:77:33:dd:19:db:6f:
49:33:49:e0:4d:8c:46:42:4c:9d:62:e9:38:05:f7:
6d:35:1f:e2:26:af:41:31:4e:80:c2:e8:e3:d6:97:
50:a4:39:23:6a:b9:8a:e6:86:8c:40:db:98:10:81:
4c:f5:31:74:fc:da:5e:82:dc:2e:a8:3c:a7:d5:fa:
47:58:56:ac:8f:6c:75:9e:f6:5b:5d:48:77:14:8d:
aa:50:80:db:bf:e0:be:88:64:52:5b:53:bb:4a:b6:
bd:30:32:ae:b2:1b:6c:c1:38:86:f8:62:2f:7b:cb:
8a:29:cf:80:37:f5:c9:cc:b0:2c:7c:cd:ca:bb:57:
ef:bd:05:30:6f:ba:6a:dd:bc:a9:b7:4f:d3:03:fe:
9d:28:e9:e7:9c:72:cd:c2:b1:02:84:e6:d9:ac:72:
53:ae:35:df:d7:b7:3e:5f:81:10:ea:9b:e3:b0:a5:
89:ed:22:56:30:12:45:ca:19:dc:fe:31:e0:41:6e:
81:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E8:66:72:7C:A0:03:B6:22:32:C3:52:48:DE:3D:2C:7C:58:33:92
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/wehmcnygA7YiMsNSSN49LHxYM5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.176.0/20
Signature Algorithm: sha256WithRSAEncryption
23:50:08:a9:7b:a2:58:8d:cf:9f:65:f2:f7:d7:7c:df:a7:f1:
76:d0:95:a8:53:dd:a3:b9:1d:d7:ac:b0:0b:66:97:31:29:d7:
ea:84:00:5e:cf:42:2b:5b:03:f4:55:86:70:1f:ce:ec:8e:7a:
2b:80:e9:a2:a3:00:bf:b0:79:30:ff:ef:d9:31:4d:be:9d:7c:
e5:e4:6d:8d:9c:65:8e:c2:cf:d7:39:f8:f2:62:32:93:ed:ae:
ce:e8:8a:81:96:92:ee:d6:1c:ea:9a:d1:41:5a:5f:46:74:71:
cd:14:11:1d:6e:a9:62:61:17:32:1d:2d:d9:24:44:e9:14:07:
64:f8:14:8f:16:7a:e8:fb:0c:fd:dc:8e:f8:56:99:1b:8b:6d:
b4:40:86:04:97:fe:af:50:d8:98:74:9e:b3:ee:37:a5:3a:16:
a0:32:dd:0b:22:0d:9a:08:cd:9b:8b:ef:4b:46:36:0a:0c:c5:
f6:d8:15:05:e5:a7:5e:09:5f:65:cd:b8:0e:f7:88:37:06:7d:
64:eb:68:3f:0a:7e:cb:7a:bf:0c:f8:f0:59:cc:fd:d4:b5:92:
a8:c9:68:b0:ab:60:69:5d:0b:08:dc:5a:41:f1:f1:02:84:8d:
50:b5:fc:04:f0:7c:b2:1f:84:6e:8b:e6:5c:48:07:76:5a:63:
37:85:b9:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxJgjqq6J8dnc41VXcuUJ0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjMxMjA4MTI1ODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU4NjY3MjdjYTAwM2I2MjIzMmMzNTI0OGRlM2QyYzdjNTgzMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivkSdpke95WvW92DKlP2+XEY+W3J
ncYlTTBOoUM2JHSj3vC/ADTna793xeOOZXGi4NGt47uXA4ExshUWuQ53bRklFGF3
M90Z229JM0ngTYxGQkydYuk4BfdtNR/iJq9BMU6Awujj1pdQpDkjarmK5oaMQNuY
EIFM9TF0/NpegtwuqDyn1fpHWFasj2x1nvZbXUh3FI2qUIDbv+C+iGRSW1O7Sra9
MDKushtswTiG+GIve8uKKc+AN/XJzLAsfM3Ku1fvvQUwb7pq3bypt0/TA/6dKOnn
nHLNwrEChObZrHJTrjXf17c+X4EQ6pvjsKWJ7SJWMBJFyhnc/jHgQW6BxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHoZnJ8oAO2IjLDUkjePSx8WDOSMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvd2VobWNueWdBN1lpTXNOU1NONDlMSHhZTTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1ESwMA0G
CSqGSIb3DQEBCwUAA4IBAQAjUAipe6JYjc+fZfL313zfp/F20JWoU92juR3XrLAL
ZpcxKdfqhABez0IrWwP0VYZwH87sjnorgOmiowC/sHkw/+/ZMU2+nXzl5G2NnGWO
ws/XOfjyYjKT7a7O6IqBlpLu1hzqmtFBWl9GdHHNFBEdbqliYRcyHS3ZJETpFAdk
+BSPFnro+wz93I74Vpkbi220QIYEl/6vUNiYdJ6z7jelOhagMt0LIg2aCM2bi+9L
RjYKDMX22BUF5adeCV9lzbgO94g3Bn1k62g/Cn7Ler8M+PBZzP3UtZKoyWiwq2Bp
XQsI3FpB8fEChI1QtfwE8HyyH4Rui+ZcSAd2WmM3hbl2
-----END CERTIFICATE-----
Generated at Wed Dec 20 14:37:06 2023 by rpki-client on console-ams.rpki-client.org