Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/cea5cf-0782-40d1-8913-92712f95e336/1/WNex3RXKISaTP_TjeMOW9ardick.roa
File: WNex3RXKISaTP_TjeMOW9ardick.roa (raw, json)
Hash identifier: RhHaPsdMlKk6FZZVmC15N3HVO0ngJiWq+QQxRfzVqUo=
Subject key identifier: 58:D7:B1:DD:15:CA:21:26:93:3F:F4:E3:78:C3:96:F5:AA:DD:89:C9
Certificate issuer: /CN=3ebd5f8bb5a594d67b5ce807a84c59dde569a775
Certificate serial: 018CC3B6B2E38313D6A5DE2F9047B63E03CF
Authority key identifier: 3E:BD:5F:8B:B5:A5:94:D6:7B:5C:E8:07:A8:4C:59:DD:E5:69:A7:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pr1fi7WllNZ7XOgHqExZ3eVpp3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/cea5cf-0782-40d1-8913-92712f95e336/1/WNex3RXKISaTP_TjeMOW9ardick.roa
Signing time: Mon 01 Jan 2024 06:29:39 +0000
ROA not before: Mon 01 Jan 2024 06:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35542
IP address blocks: 193.222.141.0/24 maxlen: 24
80.92.128.0/20 maxlen: 20
185.128.0.0/22 maxlen: 24
185.128.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 14:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:b2:e3:83:13:d6:a5:de:2f:90:47:b6:3e:03:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ebd5f8bb5a594d67b5ce807a84c59dde569a775
Validity
Not Before: Jan 1 06:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58d7b1dd15ca2126933ff4e378c396f5aadd89c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ce:80:92:7c:b0:75:94:f8:99:bf:6a:ff:3f:
46:d4:14:92:b1:fb:14:8b:53:a7:09:ec:79:64:3b:
ea:8f:42:0c:d6:2b:31:bd:67:cd:fa:11:a2:4c:e7:
2b:fc:b1:24:11:18:40:15:52:5c:0b:44:f0:c7:22:
d4:8f:1a:55:62:1c:08:82:2c:9c:8b:72:19:93:d1:
e9:75:f0:5e:85:14:56:d1:49:0d:c5:f5:fb:4a:28:
35:56:a0:7f:2e:59:45:df:f8:58:0f:0b:a9:55:38:
00:73:74:24:99:b8:60:24:cd:4c:84:98:bc:60:17:
96:49:f5:5f:85:98:95:69:6a:3d:49:88:20:8a:f5:
69:6b:bb:ef:31:06:87:c2:f1:e2:7f:f8:76:8e:e5:
41:16:a2:90:50:7a:24:91:2a:76:39:bd:89:ca:6e:
df:9f:3d:52:88:7d:1a:32:27:1f:71:a5:58:40:e9:
99:b0:33:2c:f1:ed:8b:d6:39:2d:a3:11:9a:e5:4d:
b6:b9:24:d9:3e:18:ee:59:aa:1a:41:ab:f2:ed:67:
7f:52:f6:27:c1:c5:76:62:4d:02:b2:1f:8c:aa:7a:
fe:df:79:be:d5:6f:20:86:b3:54:1a:a5:32:6a:e4:
9a:57:06:a9:8f:22:7f:c9:d5:79:6b:2e:2e:80:0c:
8f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D7:B1:DD:15:CA:21:26:93:3F:F4:E3:78:C3:96:F5:AA:DD:89:C9
X509v3 Authority Key Identifier:
keyid:3E:BD:5F:8B:B5:A5:94:D6:7B:5C:E8:07:A8:4C:59:DD:E5:69:A7:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pr1fi7WllNZ7XOgHqExZ3eVpp3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/cea5cf-0782-40d1-8913-92712f95e336/1/WNex3RXKISaTP_TjeMOW9ardick.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/cea5cf-0782-40d1-8913-92712f95e336/1/Pr1fi7WllNZ7XOgHqExZ3eVpp3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.92.128.0/20
185.128.0.0/22
193.222.141.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:18:3c:52:81:c3:1d:ad:ca:9e:42:c0:db:87:8e:7f:6f:04:
8e:19:9d:20:a1:36:5b:c3:91:79:0a:6f:04:93:84:0e:e1:ac:
56:1a:06:ad:52:36:92:91:89:be:16:58:f9:43:83:de:e6:28:
9a:93:bd:db:26:8e:29:84:05:56:d1:90:c5:a4:2c:98:72:bc:
39:77:15:5f:71:e0:58:4f:37:e9:2e:f5:8a:71:21:78:2d:3f:
43:9c:5c:41:52:3f:6d:9e:5a:d6:dd:09:78:83:b6:ed:5f:51:
d7:e3:e1:89:35:b9:e4:e9:8c:43:b6:f3:a3:8b:fc:d2:5f:26:
fa:74:37:69:64:b5:eb:d9:7f:cf:24:0b:03:93:e1:d6:a2:8e:
d2:b2:e0:e1:10:5d:e1:a6:52:2e:5e:0f:13:46:0e:15:c2:3e:
e4:4d:bf:70:3f:63:a1:0e:31:5d:76:86:96:3f:17:df:b6:5a:
26:ea:90:18:43:8b:72:f8:cd:08:f1:2f:dc:87:dd:91:34:2d:
34:22:5e:96:11:cf:ac:16:87:a3:57:00:5c:1e:f8:38:9e:f4:
79:3e:a0:e0:00:69:ea:36:2e:90:eb:b1:6c:bf:ac:ab:80:34:
4d:82:72:8c:67:79:6c:b9:81:e1:d6:6c:b4:34:d3:70:4e:c7:
df:46:f4:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtrLjgxPWpd4vkEe2PgPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYmQ1ZjhiYjVhNTk0ZDY3YjVjZTgwN2E4NGM1OWRkZTU2
OWE3NzUwHhcNMjQwMTAxMDYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGQ3YjFkZDE1Y2EyMTI2OTMzZmY0ZTM3OGMzOTZmNWFhZGQ4OWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh86AknywdZT4mb9q/z9G1BSSsfsU
i1OnCex5ZDvqj0IM1isxvWfN+hGiTOcr/LEkERhAFVJcC0TwxyLUjxpVYhwIgiyc
i3IZk9HpdfBehRRW0UkNxfX7Sig1VqB/LllF3/hYDwupVTgAc3QkmbhgJM1MhJi8
YBeWSfVfhZiVaWo9SYggivVpa7vvMQaHwvHif/h2juVBFqKQUHokkSp2Ob2Jym7f
nz1SiH0aMicfcaVYQOmZsDMs8e2L1jktoxGa5U22uSTZPhjuWaoaQavy7Wd/UvYn
wcV2Yk0Csh+Mqnr+33m+1W8ghrNUGqUyauSaVwapjyJ/ydV5ay4ugAyPrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFjXsd0VyiEmkz/043jDlvWq3YnJMB8GA1UdIwQY
MBaAFD69X4u1pZTWe1zoB6hMWd3laad1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHIxZmk3V2xsTlo3WE9nSHFFeFozZVZwcDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jZWE1Y2YtMDc4Mi00MGQxLTg5MTMt
OTI3MTJmOTVlMzM2LzEvV05leDNSWEtJU2FUUF9UamVNT1c5YXJkaWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jZWE1Y2YtMDc4Mi00MGQxLTg5MTMtOTI3MTJmOTVlMzM2
LzEvUHIxZmk3V2xsTlo3WE9nSHFFeFozZVZwcDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUFyAAwQC
uYAAAwQAwd6NMA0GCSqGSIb3DQEBCwUAA4IBAQCqGDxSgcMdrcqeQsDbh45/bwSO
GZ0goTZbw5F5Cm8Ek4QO4axWGgatUjaSkYm+Flj5Q4Pe5iiak73bJo4phAVW0ZDF
pCyYcrw5dxVfceBYTzfpLvWKcSF4LT9DnFxBUj9tnlrW3Ql4g7btX1HX4+GJNbnk
6YxDtvOji/zSXyb6dDdpZLXr2X/PJAsDk+HWoo7SsuDhEF3hplIuXg8TRg4Vwj7k
Tb9wP2OhDjFddoaWPxfftlom6pAYQ4ty+M0I8S/ch92RNC00Il6WEc+sFoejVwBc
Hvg4nvR5PqDgAGnqNi6Q67Fsv6yrgDRNgnKMZ3lsuYHh1my0NNNwTsffRvTz
-----END CERTIFICATE-----
Generated at Fri Sep 20 19:04:59 2024 by rpki-client on console-ams.rpki-client.org