Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2LSdw95g0AZlSrOnCLjM0zeD7BM.roa
File: 2LSdw95g0AZlSrOnCLjM0zeD7BM.roa (raw, json)
Hash identifier: bp+lSLtJbqY8yYqvXun3huIMECm9cHcjQuM26YG+LTo=
Subject key identifier: D8:B4:9D:C3:DE:60:D0:06:65:4A:B3:A7:08:B8:CC:D3:37:83:EC:13
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018790BBD576EDFE92DE9EDB39860CDA24D9
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2LSdw95g0AZlSrOnCLjM0zeD7BM.roa
Signing time: Mon 17 Apr 2023 19:40:41 +0000
ROA not before: Mon 17 Apr 2023 19:40:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.40.0/21 maxlen: 21
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.189.160.0/21 maxlen: 21
2.189.168.0/21 maxlen: 21
2.189.80.0/21 maxlen: 21
2.189.88.0/21 maxlen: 21
2.188.60.0/22 maxlen: 22
2.188.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 18 Apr 2023 16:35:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:90:bb:d5:76:ed:fe:92:de:9e:db:39:86:0c:da:24:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 17 19:40:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8b49dc3de60d006654ab3a708b8ccd33783ec13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:27:9f:1c:d2:09:5d:c5:93:43:aa:f4:14:ec:
d9:2c:01:8a:a2:7f:98:58:b2:6a:1f:6b:3d:15:9f:
7b:03:b0:9b:30:ec:12:6c:8b:4f:c6:da:1f:6f:88:
48:93:4b:1e:6e:4e:fd:6f:2c:a5:7b:ba:44:2e:50:
8d:5d:8b:f0:d4:e4:aa:88:37:04:d3:32:b5:be:09:
99:a1:d0:af:af:f2:a4:41:68:08:22:89:46:c9:84:
2a:ff:40:3c:18:cb:97:e8:1e:bf:c4:37:c6:c0:bd:
f8:cd:b9:9c:5c:01:56:b6:c1:58:00:d9:e7:2c:b9:
fd:3d:6c:03:44:32:38:00:9d:be:44:ff:b1:e6:53:
b3:0b:51:9e:9a:9b:a8:d2:b8:7e:21:c3:86:d8:c8:
20:47:17:6b:f1:73:69:f0:0b:d5:ef:5e:80:b2:c0:
f5:35:9f:6c:8e:cb:6e:c5:6a:4b:3a:bc:f7:8f:f5:
19:09:3c:d7:ed:86:4e:f0:9c:77:32:93:59:0d:fe:
7a:f9:ab:24:4f:e3:07:da:b7:1e:9b:cc:72:aa:9b:
45:f3:c8:dd:92:33:15:9b:80:43:a0:55:e7:c8:4b:
82:2c:3e:51:f0:35:16:a8:87:6b:2f:05:f3:62:a8:
96:63:36:d5:81:6b:7e:ba:8c:54:e6:1d:58:d9:05:
09:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B4:9D:C3:DE:60:D0:06:65:4A:B3:A7:08:B8:CC:D3:37:83:EC:13
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2LSdw95g0AZlSrOnCLjM0zeD7BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.40.0/21
2.188.60.0/22
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.80.0/20
2.189.160.0/20
Signature Algorithm: sha256WithRSAEncryption
14:5a:b4:8d:f8:83:05:74:f7:6c:9e:41:64:3d:8c:75:3d:58:
1e:68:2e:96:ae:1c:fd:e4:6f:2b:5a:1e:d1:2e:40:5b:8f:af:
81:d0:41:ac:7d:86:a5:97:fc:7d:78:70:23:f0:e4:67:b8:9f:
db:3c:0f:15:fd:5d:5c:19:6a:b6:8f:3d:b0:88:1b:e6:f5:c8:
39:f0:42:1a:3e:71:5e:55:b1:6f:24:14:32:90:8a:73:fb:41:
43:a4:2b:e6:81:b4:4a:03:e9:86:7f:75:5b:c1:35:c5:70:17:
7f:60:90:ba:9d:12:73:93:e3:6c:1b:07:9b:51:b0:27:e4:e3:
a2:f3:37:20:92:a1:1a:76:a9:58:1f:7f:31:6e:63:58:5e:4b:
d4:0a:be:4d:ef:3f:2a:70:4e:cb:73:43:09:bd:4b:c7:d4:32:
85:c7:96:3b:16:46:85:32:a2:8c:bf:db:8d:6c:a1:33:c2:af:
b3:43:2a:db:e9:5e:1a:b8:fd:2b:cf:30:b3:5b:0d:a7:05:6b:
b4:66:41:ba:62:54:e6:2e:a4:2e:1c:83:ed:f9:aa:d5:a9:fd:
4f:ae:19:c6:dc:5b:93:ec:09:28:1a:69:74:42:92:2c:42:c3:
d8:16:59:e0:02:42:50:16:3d:01:23:07:82:4e:89:ee:ba:3d:
b2:71:2e:bb
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYeQu9V27f6S3p7bOYYM2iTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDE3MTk0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGI0OWRjM2RlNjBkMDA2NjU0YWIzYTcwOGI4Y2NkMzM3ODNlYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliefHNIJXcWTQ6r0FOzZLAGKon+Y
WLJqH2s9FZ97A7CbMOwSbItPxtofb4hIk0sebk79byyle7pELlCNXYvw1OSqiDcE
0zK1vgmZodCvr/KkQWgIIolGyYQq/0A8GMuX6B6/xDfGwL34zbmcXAFWtsFYANnn
LLn9PWwDRDI4AJ2+RP+x5lOzC1Gempuo0rh+IcOG2MggRxdr8XNp8AvV716AssD1
NZ9sjstuxWpLOrz3j/UZCTzX7YZO8Jx3MpNZDf56+askT+MH2rcem8xyqptF88jd
kjMVm4BDoFXnyEuCLD5R8DUWqIdrLwXzYqiWYzbVgWt+uoxU5h1Y2QUJDQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNi0ncPeYNAGZUqzpwi4zNM3g+wTMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvMkxTZHc5NWcwQVpsU3JPbkNMak0wemVEN0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDArwoAwQC
Arw8AwQCArxIAwQDArygAwQBArywAwQGArzAAwQEAr1QAwQEAr2gMA0GCSqGSIb3
DQEBCwUAA4IBAQAUWrSN+IMFdPdsnkFkPYx1PVgeaC6Wrhz95G8rWh7RLkBbj6+B
0EGsfYall/x9eHAj8ORnuJ/bPA8V/V1cGWq2jz2wiBvm9cg58EIaPnFeVbFvJBQy
kIpz+0FDpCvmgbRKA+mGf3VbwTXFcBd/YJC6nRJzk+NsGwebUbAn5OOi8zcgkqEa
dqlYH38xbmNYXkvUCr5N7z8qcE7Lc0MJvUvH1DKFx5Y7FkaFMqKMv9uNbKEzwq+z
Qyrb6V4auP0rzzCzWw2nBWu0ZkG6YlTmLqQuHIPt+arVqf1PrhnG3FuT7AkoGml0
QpIsQsPYFlngAkJQFj0BIweCTonuuj2ycS67
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org