Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/IEnr2aZPc5cBNPZ-aJl_DIS-g3M.roa
File: IEnr2aZPc5cBNPZ-aJl_DIS-g3M.roa (raw, json)
Hash identifier: lR4sJGUM3FdlN0kvtr/FE4X9BB3Flde5JpdFLiM8jmQ=
Subject key identifier: 20:49:EB:D9:A6:4F:73:97:01:34:F6:7E:68:99:7F:0C:84:BE:83:73
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 01881A3C753680F10082EE639E268F5F4BA6
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/IEnr2aZPc5cBNPZ-aJl_DIS-g3M.roa
Signing time: Sun 14 May 2023 12:29:09 +0000
ROA not before: Sun 14 May 2023 12:29:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.0.0/16 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
78.39.155.0/24 maxlen: 24
78.38.0.0/16 maxlen: 24
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.176.128.0/17 maxlen: 17
2.188.76.0/24 maxlen: 24
195.146.63.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.245.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.189.0.0/16 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.186.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
217.219.0.0/16 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.72.0/24 maxlen: 24
80.191.0.0/16 maxlen: 24
217.218.0.0/16 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1a:3c:75:36:80:f1:00:82:ee:63:9e:26:8f:5f:4b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 14 12:29:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2049ebd9a64f73970134f67e68997f0c84be8373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:28:07:4e:8b:0a:1a:e5:33:a1:8f:ce:10:a1:
08:3b:0c:4f:36:51:b9:d0:b7:46:05:cd:62:08:d3:
8f:e3:b2:96:d3:f1:55:a3:7b:6d:68:48:15:d7:d8:
95:a7:c2:ef:ad:92:61:48:11:a5:8b:30:ea:f0:e6:
fe:97:a0:2a:99:87:e6:57:6e:c2:0f:69:cf:e7:f0:
91:3b:38:b2:4e:3f:6f:27:1a:58:eb:1c:46:bd:6d:
e4:a6:a9:24:27:b0:72:8a:f7:63:d3:87:06:ae:17:
d1:cc:07:b9:f3:f9:2e:72:2f:fc:0f:f3:04:28:9c:
7d:7d:4a:1c:dc:d3:d6:bf:93:76:36:65:d2:0d:08:
f8:7b:39:4a:da:59:b5:9a:f5:6d:d4:66:17:55:26:
52:39:6c:17:25:d4:44:e3:88:77:52:1e:d4:25:7b:
ac:2b:28:77:4f:46:d0:f9:98:dc:b1:18:00:b7:c2:
6e:6a:b5:92:55:e3:8e:f7:1a:97:23:ae:86:a2:b0:
55:94:a6:65:c0:03:99:05:9b:38:c6:0c:5c:aa:64:
2e:64:ac:69:c5:2a:99:90:c8:43:4f:52:70:7f:6c:
4d:20:34:45:1c:ce:fa:8f:ed:91:dc:00:96:80:01:
30:5e:81:12:a9:93:4c:03:e5:1e:fa:de:92:17:72:
9f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:49:EB:D9:A6:4F:73:97:01:34:F6:7E:68:99:7F:0C:84:BE:83:73
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/IEnr2aZPc5cBNPZ-aJl_DIS-g3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/15
78.38.0.0/15
80.191.0.0/16
195.146.63.0/24
217.218.0.0/15
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
87:b5:6b:50:2c:0b:44:6e:40:69:e8:0b:5f:a5:e0:f5:b6:c6:
64:e1:28:2d:6f:62:2e:11:a4:b3:0d:2e:1d:32:69:cc:19:95:
6f:01:80:23:3c:d5:4e:fc:47:2a:59:0d:69:9c:02:be:ba:f7:
de:a7:89:09:8d:42:b2:78:24:a6:02:2e:e2:55:83:9e:4b:cb:
5b:ca:0c:80:0b:fd:39:a0:ad:4a:c0:cf:64:7d:a5:0b:33:49:
5b:ab:b2:6e:cb:77:d5:2c:6e:66:c8:b3:69:f3:84:7b:ba:31:
3b:de:e3:38:d1:da:ce:ea:bc:22:63:1e:c5:c3:63:cf:f9:14:
9b:41:d3:7b:2f:14:7e:77:cd:e9:be:29:cf:91:64:a1:78:6e:
3c:b4:44:e5:80:f3:1e:26:a7:6b:e6:7c:63:fa:e5:83:0a:38:
33:a7:64:2c:26:d2:31:ed:55:22:c2:02:a0:9a:7f:b5:52:61:
c1:4d:1c:ba:23:7e:eb:d5:46:02:1d:d1:31:6c:8a:ff:ed:c8:
72:9a:c3:89:45:3b:b0:43:61:8d:51:c4:55:29:5d:f2:5e:49:
0c:a0:0d:14:8e:e3:d9:f7:01:a9:a7:be:9a:78:0e:0e:a1:0c:
d7:83:76:8a:d8:db:4b:dc:83:88:ff:da:04:38:0e:8e:2b:27:
0a:2c:95:dd
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYgaPHU2gPEAgu5jniaPX0umMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTE0MTIyOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQ5ZWJkOWE2NGY3Mzk3MDEzNGY2N2U2ODk5N2YwYzg0YmU4MzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtygHTosKGuUzoY/OEKEIOwxPNlG5
0LdGBc1iCNOP47KW0/FVo3ttaEgV19iVp8LvrZJhSBGlizDq8Ob+l6AqmYfmV27C
D2nP5/CROziyTj9vJxpY6xxGvW3kpqkkJ7Byivdj04cGrhfRzAe58/kuci/8D/ME
KJx9fUoc3NPWv5N2NmXSDQj4ezlK2lm1mvVt1GYXVSZSOWwXJdRE44h3Uh7UJXus
Kyh3T0bQ+ZjcsRgAt8JuarWSVeOO9xqXI66GorBVlKZlwAOZBZs4xgxcqmQuZKxp
xSqZkMhDT1Jwf2xNIDRFHM76j+2R3ACWgAEwXoESqZNMA+Ue+t6SF3KfrwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCBJ69mmT3OXATT2fmiZfwyEvoNzMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvSUVucjJhWlBjNWNCTlBaLWFKbF9ESVMtZzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwMBArADAwAC
uQMDAQK8AwMBTiYDAwBQvwMEAMOSPwMDAdnaMA8EAgACMAkDBwAgAUGIAAIwDQYJ
KoZIhvcNAQELBQADggEBAIe1a1AsC0RuQGnoC1+l4PW2xmThKC1vYi4RpLMNLh0y
acwZlW8BgCM81U78RypZDWmcAr66996niQmNQrJ4JKYCLuJVg55Ly1vKDIAL/Tmg
rUrAz2R9pQszSVursm7Ld9UsbmbIs2nzhHu6MTve4zjR2s7qvCJjHsXDY8/5FJtB
03svFH53zem+Kc+RZKF4bjy0ROWA8x4mp2vmfGP65YMKODOnZCwm0jHtVSLCAqCa
f7VSYcFNHLojfuvVRgId0TFsiv/tyHKaw4lFO7BDYY1RxFUpXfJeSQygDRSO49n3
Aamnvpp4Dg6hDNeDdorY20vcg4j/2gQ4Do4rJwosld0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:45 2023 by rpki-client on console-ams.rpki-client.org