Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/H46fdrbvR8nLF1n7N5J5P7v1yOM.roa
File: H46fdrbvR8nLF1n7N5J5P7v1yOM.roa (raw, json)
Hash identifier: 5IwkgOdB/bPO4vbY24P8Ye3CqE8oMWia+Q+jwL2V4KM=
Subject key identifier: 1F:8E:9F:76:B6:EF:47:C9:CB:17:59:FB:37:92:79:3F:BB:F5:C8:E3
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0187864C52B0860C99B738E8CF6704928249
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/H46fdrbvR8nLF1n7N5J5P7v1yOM.roa
Signing time: Sat 15 Apr 2023 19:02:41 +0000
ROA not before: Sat 15 Apr 2023 19:02:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 20
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 20
2.188.40.0/21 maxlen: 21
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 19
2.189.160.0/21 maxlen: 21
2.189.168.0/21 maxlen: 21
2.188.212.0/23 maxlen: 23
2.188.208.0/23 maxlen: 24
2.189.80.0/21 maxlen: 21
2.189.88.0/21 maxlen: 21
2.188.60.0/22 maxlen: 22
2.188.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 15 Apr 2023 19:16:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:86:4c:52:b0:86:0c:99:b7:38:e8:cf:67:04:92:82:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 15 19:02:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f8e9f76b6ef47c9cb1759fb3792793fbbf5c8e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:59:79:7a:72:87:5c:a4:c4:41:60:74:d0:87:
f3:e4:b4:4a:c2:ca:cc:68:ee:01:3a:e9:37:c1:cc:
fd:9c:d0:58:01:38:39:c7:fc:20:30:44:60:53:a2:
68:28:65:81:be:8a:e0:23:d5:39:1b:6f:b5:07:a6:
59:08:0c:30:6a:46:08:6f:87:9c:0d:7c:3a:cf:57:
e7:d5:2c:2e:21:74:fb:2f:78:36:19:7c:5f:1b:5e:
7b:12:68:ad:de:83:36:9a:12:72:be:16:12:61:90:
50:f3:46:83:c1:30:46:2e:e3:04:2e:fa:65:d9:e1:
a1:84:b0:90:66:59:2d:5a:04:b1:79:6e:d5:41:bc:
24:6d:83:ff:26:d9:51:14:f0:16:1a:16:fb:68:b5:
dd:a6:eb:ae:06:9a:4d:76:86:6e:a1:51:18:3f:6b:
2e:83:a0:62:1e:88:d0:ff:cc:09:bb:27:68:44:9f:
22:4c:cc:d0:bf:55:c5:61:2a:31:ad:15:cd:b7:c4:
78:32:59:e4:63:3a:a9:a8:12:3c:36:b0:93:5f:72:
51:ab:fa:25:25:b3:be:c3:ff:19:64:86:fd:64:11:
dd:33:ef:81:16:aa:b2:79:49:08:08:5e:8a:1e:e3:
1b:13:63:ae:28:0d:af:03:48:58:fe:6d:f8:36:43:
cc:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:8E:9F:76:B6:EF:47:C9:CB:17:59:FB:37:92:79:3F:BB:F5:C8:E3
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/H46fdrbvR8nLF1n7N5J5P7v1yOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.40.0/21
2.188.60.0/22
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.80.0/20
2.189.160.0/20
Signature Algorithm: sha256WithRSAEncryption
2f:f6:3b:32:fb:29:b6:29:7a:d7:90:3d:c2:fa:b0:f0:81:38:
ad:dd:c0:76:3c:84:ea:0b:14:8f:e4:98:39:5b:67:ae:db:76:
9e:83:c0:d6:1c:88:fc:9a:c7:d6:3c:ac:7f:eb:81:2d:88:bf:
df:59:f9:5c:76:30:7a:f7:60:af:84:56:65:98:19:d9:6c:8e:
51:cc:48:8d:06:f1:f3:e2:d0:06:98:30:2f:dd:c8:55:fa:0a:
5e:9a:30:48:49:26:ca:0e:b4:e5:83:7b:18:72:68:f8:e2:4d:
61:9b:6a:45:d8:9e:35:94:e4:8e:e5:52:a9:49:d8:94:2e:d3:
28:01:a7:be:45:b7:58:ae:c8:23:a1:5e:dd:4b:70:23:56:09:
f8:32:0a:9e:55:1f:bd:03:fb:ec:6a:ed:12:ed:68:ea:3c:5d:
ea:cd:29:a8:1e:db:f5:71:c0:f7:95:f7:d9:52:3c:d0:34:7b:
32:6d:b8:fe:a5:d2:51:19:34:f3:13:be:cb:aa:3f:71:fc:6e:
6c:06:a1:cd:4f:85:4b:6a:9a:75:f3:24:76:6c:15:c0:11:5b:
32:8a:d2:ac:49:45:07:ea:9f:20:59:a5:0e:3b:e1:69:4f:12:
d3:b1:0e:36:b4:8b:7d:d8:f9:00:aa:95:4a:34:20:e0:ee:c0:
e3:a6:86:73
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYeGTFKwhgyZtzjoz2cEkoJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDE1MTkwMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjhlOWY3NmI2ZWY0N2M5Y2IxNzU5ZmIzNzkyNzkzZmJiZjVjOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFl5enKHXKTEQWB00Ifz5LRKwsrM
aO4BOuk3wcz9nNBYATg5x/wgMERgU6JoKGWBvorgI9U5G2+1B6ZZCAwwakYIb4ec
DXw6z1fn1SwuIXT7L3g2GXxfG157Emit3oM2mhJyvhYSYZBQ80aDwTBGLuMELvpl
2eGhhLCQZlktWgSxeW7VQbwkbYP/JtlRFPAWGhb7aLXdpuuuBppNdoZuoVEYP2su
g6BiHojQ/8wJuydoRJ8iTMzQv1XFYSoxrRXNt8R4MlnkYzqpqBI8NrCTX3JRq/ol
JbO+w/8ZZIb9ZBHdM++BFqqyeUkICF6KHuMbE2OuKA2vA0hY/m34NkPMoQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFB+On3a270fJyxdZ+zeSeT+79cjjMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvSDQ2ZmRyYnZSOG5MRjFuN041SjVQN3YxeU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDArwoAwQC
Arw8AwQCArxIAwQDArygAwQBArywAwQGArzAAwQEAr1QAwQEAr2gMA0GCSqGSIb3
DQEBCwUAA4IBAQAv9jsy+ym2KXrXkD3C+rDwgTit3cB2PITqCxSP5Jg5W2eu23ae
g8DWHIj8msfWPKx/64EtiL/fWflcdjB692CvhFZlmBnZbI5RzEiNBvHz4tAGmDAv
3chV+gpemjBISSbKDrTlg3sYcmj44k1hm2pF2J41lOSO5VKpSdiULtMoAae+RbdY
rsgjoV7dS3AjVgn4MgqeVR+9A/vsau0S7WjqPF3qzSmoHtv1ccD3lffZUjzQNHsy
bbj+pdJRGTTzE77Lqj9x/G5sBqHNT4VLapp18yR2bBXAEVsyitKsSUUH6p8gWaUO
O+FpTxLTsQ42tIt92PkAqpVKNCDg7sDjpoZz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org