Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/BOuFrbBdkMTiGSeWCl1ofkvQ8LI.roa
File: BOuFrbBdkMTiGSeWCl1ofkvQ8LI.roa (raw, json)
Hash identifier: 8pi5dTD7HbxUzEf1KZBCUWOyUfUTJ65p7n72ua0VM7k=
Subject key identifier: 04:EB:85:AD:B0:5D:90:C4:E2:19:27:96:0A:5D:68:7E:4B:D0:F0:B2
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018CC794536B291521E66C0CCC99B6763795
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/BOuFrbBdkMTiGSeWCl1ofkvQ8LI.roa
Signing time: Tue 02 Jan 2024 00:30:35 +0000
ROA not before: Tue 02 Jan 2024 00:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50810
IP address blocks: 2.183.202.0/23 maxlen: 23
2.182.160.0/20 maxlen: 20
2.183.128.0/20 maxlen: 20
2.188.32.0/21 maxlen: 21
2.183.136.0/23 maxlen: 23
2.183.184.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:53:6b:29:15:21:e6:6c:0c:cc:99:b6:76:37:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 00:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04eb85adb05d90c4e21927960a5d687e4bd0f0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f7:39:36:61:95:d1:3b:44:86:70:2b:92:92:
4c:1b:8b:88:1b:6f:8c:d9:b4:9c:08:fa:36:b1:d4:
a8:5e:a4:15:5e:38:13:67:1c:5a:75:7f:51:f9:be:
2e:1d:7a:cf:0c:68:10:dd:f9:26:e7:ec:2c:1f:bc:
6d:8a:ec:d7:75:9e:36:d5:f2:65:5f:39:fc:cd:3b:
24:47:c7:b7:00:69:ac:e5:7b:2a:b2:1f:96:03:0b:
42:9c:e2:e0:ce:e6:e9:ee:d1:8f:37:46:7d:f0:89:
8c:37:02:54:fc:07:d8:7e:9d:78:6f:35:59:a7:87:
16:c6:62:04:45:c3:1e:73:27:a9:80:0d:92:af:d2:
2a:22:27:f6:21:9d:0e:7b:b0:a7:49:e0:df:4a:bd:
74:03:c2:75:86:8d:80:46:53:0a:f3:52:c1:67:92:
ee:40:7b:6f:87:92:b8:29:13:e1:fe:2e:57:a1:62:
b0:f5:80:40:2a:98:44:25:fa:c8:b0:c2:3b:54:71:
7e:68:da:7b:1d:fa:a6:0f:88:81:b3:a8:be:f8:3c:
8e:75:9b:34:ed:18:04:09:53:29:94:ec:41:49:f7:
a1:e7:60:47:28:23:26:28:26:20:67:ac:7f:83:55:
f9:d9:cd:d3:0e:23:5e:70:00:48:a5:a0:33:53:df:
20:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EB:85:AD:B0:5D:90:C4:E2:19:27:96:0A:5D:68:7E:4B:D0:F0:B2
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/BOuFrbBdkMTiGSeWCl1ofkvQ8LI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.182.160.0/20
2.183.128.0/20
2.183.184.0/21
2.183.202.0/23
2.188.32.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:a4:a1:10:3f:06:0b:03:29:68:fe:4f:f1:36:0a:2b:bc:fd:
8c:c6:bc:cc:66:48:4d:4a:90:e0:a8:2e:c4:3b:16:fd:ef:07:
01:1c:ee:2b:2f:e8:ea:9a:ca:27:a0:19:bc:8e:69:a8:ec:c2:
49:79:c4:6c:58:57:d3:63:a1:e8:b9:1d:a5:eb:0f:66:d5:ff:
47:35:47:b4:f6:b8:2f:9e:1f:18:b1:70:60:4a:79:a3:5a:42:
41:33:94:3a:64:77:92:b4:70:f8:36:15:cd:c7:1a:ba:1c:f3:
1d:f9:e8:47:03:24:e9:7b:ad:f2:63:7c:ba:b0:77:d4:06:4e:
04:37:0c:d6:f4:01:53:e1:f6:1f:b2:ed:25:61:5a:e8:00:e6:
48:f4:37:c5:1a:98:f9:0b:b4:96:77:af:35:90:45:2a:84:0e:
0b:2a:12:26:e3:08:61:33:ad:04:14:76:62:8d:9a:a1:07:da:
7f:9a:27:88:a6:9d:0b:f4:78:40:e9:af:77:dd:04:04:02:4c:
68:55:98:8d:11:11:d0:a0:d2:49:e7:bf:4e:89:83:af:c4:79:
e8:22:3a:d5:08:2b:96:8e:02:4b:8f:28:22:13:ea:66:26:c5:
ba:05:d1:11:42:b0:52:f0:c6:ef:d8:22:04:92:90:47:ab:e6:
5a:e4:1a:fb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHlFNrKRUh5mwMzJm2djeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjQwMTAyMDAzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGViODVhZGIwNWQ5MGM0ZTIxOTI3OTYwYTVkNjg3ZTRiZDBmMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/c5NmGV0TtEhnArkpJMG4uIG2+M
2bScCPo2sdSoXqQVXjgTZxxadX9R+b4uHXrPDGgQ3fkm5+wsH7xtiuzXdZ421fJl
Xzn8zTskR8e3AGms5Xsqsh+WAwtCnOLgzubp7tGPN0Z98ImMNwJU/AfYfp14bzVZ
p4cWxmIERcMecyepgA2Sr9IqIif2IZ0Oe7CnSeDfSr10A8J1ho2ARlMK81LBZ5Lu
QHtvh5K4KRPh/i5XoWKw9YBAKphEJfrIsMI7VHF+aNp7HfqmD4iBs6i++DyOdZs0
7RgECVMplOxBSfeh52BHKCMmKCYgZ6x/g1X52c3TDiNecABIpaAzU98gFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFATrha2wXZDE4hknlgpdaH5L0PCyMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvQk91RnJiQmRrTVRpR1NlV0NsMW9ma3ZROExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEAragAwQE
AreAAwQDAre4AwQBArfKAwQDArwgMA0GCSqGSIb3DQEBCwUAA4IBAQCcpKEQPwYL
Aylo/k/xNgorvP2MxrzMZkhNSpDgqC7EOxb97wcBHO4rL+jqmsonoBm8jmmo7MJJ
ecRsWFfTY6HouR2l6w9m1f9HNUe09rgvnh8YsXBgSnmjWkJBM5Q6ZHeStHD4NhXN
xxq6HPMd+ehHAyTpe63yY3y6sHfUBk4ENwzW9AFT4fYfsu0lYVroAOZI9DfFGpj5
C7SWd681kEUqhA4LKhIm4whhM60EFHZijZqhB9p/mieIpp0L9HhA6a933QQEAkxo
VZiNERHQoNJJ579OiYOvxHnoIjrVCCuWjgJLjygiE+pmJsW6BdERQrBS8Mbv2CIE
kpBHq+Za5Br7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:52 2025 by rpki-client