Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ILDvRAsCnJre0L4iiF5Yrj4mX60.roa
File: ILDvRAsCnJre0L4iiF5Yrj4mX60.roa (raw, json)
Hash identifier: RkJLicyZmSjQFRgiU76TuWj0SXQnZKSH2gQZzTuq/aw=
Subject key identifier: 20:B0:EF:44:0B:02:9C:9A:DE:D0:BE:22:88:5E:58:AE:3E:26:5F:AD
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 01878659248D6119D28C574A60A97746B403
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ILDvRAsCnJre0L4iiF5Yrj4mX60.roa
Signing time: Sat 15 Apr 2023 19:16:41 +0000
ROA not before: Sat 15 Apr 2023 19:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 20
2.188.40.0/21 maxlen: 21
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 19
2.189.160.0/21 maxlen: 21
2.189.168.0/21 maxlen: 21
2.188.212.0/23 maxlen: 23
2.188.208.0/23 maxlen: 24
2.189.80.0/21 maxlen: 21
2.189.88.0/21 maxlen: 21
2.188.60.0/22 maxlen: 22
2.188.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 16 Apr 2023 15:59:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:86:59:24:8d:61:19:d2:8c:57:4a:60:a9:77:46:b4:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 15 19:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20b0ef440b029c9aded0be22885e58ae3e265fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2c:77:21:d3:41:53:73:d4:9c:ea:58:5e:76:
73:51:79:23:ac:5e:c0:27:ce:31:c2:ab:d2:5d:7d:
e8:31:e6:c3:02:22:e2:a7:84:2a:c4:bc:ae:9c:39:
82:2b:3f:91:19:e1:0a:37:f6:9e:3d:74:77:8d:f1:
31:07:63:46:93:d2:e1:e0:c2:d8:ff:a0:cb:db:bc:
6e:1a:4f:d7:92:ce:9e:ca:d6:4f:a5:ca:8f:18:ce:
50:b4:fe:55:26:f3:1a:d5:4c:f8:ef:71:94:59:93:
a6:ab:ff:d2:b8:fa:3f:5c:2c:4a:fc:b4:48:72:32:
9b:86:f7:85:22:57:8c:ff:db:57:fe:83:d5:f7:8d:
6c:72:0d:6e:bd:5f:e0:e0:2e:04:0b:d3:ca:25:24:
9a:aa:60:0a:52:ad:16:52:c8:f7:8e:b5:1a:a4:c6:
61:53:97:be:a9:0a:a3:ea:de:b9:e5:3a:d2:24:13:
2f:c6:4f:42:5f:94:27:35:b4:b6:29:f6:cd:9f:b0:
82:4b:c8:bf:08:f3:aa:2d:23:50:3f:d0:49:46:a6:
17:99:a6:50:0e:79:e7:d9:41:cd:23:58:bd:a1:ad:
d0:2a:ba:c6:a2:94:f9:23:e6:88:c4:35:fe:b7:88:
b7:5c:1e:9a:28:b4:75:7c:90:39:e2:0e:22:4d:47:
2e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:B0:EF:44:0B:02:9C:9A:DE:D0:BE:22:88:5E:58:AE:3E:26:5F:AD
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ILDvRAsCnJre0L4iiF5Yrj4mX60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.40.0/21
2.188.60.0/22
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.80.0/20
2.189.160.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:6d:69:d0:1d:1a:c2:cd:72:c6:75:68:e4:67:79:18:92:30:
3c:93:40:cf:b3:87:15:59:f1:00:5d:12:2d:06:db:87:81:7e:
c4:93:0b:08:f4:0a:fc:c2:fd:02:f8:2d:b8:87:54:81:c1:b4:
73:c9:08:11:79:e1:86:fe:70:11:da:c6:b2:f3:dd:dc:8f:e9:
bc:c5:ca:76:d8:7a:86:0a:48:1e:d8:20:6f:6e:c8:8f:51:bc:
20:7a:4e:a9:d7:45:be:ac:a8:2a:5d:19:a8:e4:0c:ff:d4:57:
eb:21:17:bc:f9:5c:79:ea:2b:f1:61:eb:44:c0:1f:b8:65:bc:
84:49:a7:01:fc:3f:ea:a5:d9:ba:30:45:ea:10:3c:d2:e7:44:
98:30:fb:69:61:bb:ca:c4:23:43:c9:87:91:f1:a3:98:f8:9e:
c1:f8:36:3b:ea:dc:80:73:01:fe:79:59:af:13:bb:1e:31:51:
bd:72:fa:1d:a1:d0:60:0e:ee:30:d5:da:96:86:b7:e4:d9:62:
49:99:fb:4d:e9:b9:4a:59:05:74:49:36:08:fd:3c:31:ff:eb:
5a:5f:f6:f6:08:3b:62:18:5c:be:7e:0c:39:19:e0:fe:db:e5:
ff:3f:ad:b0:49:c5:7f:5a:9d:d0:74:b3:4e:aa:12:d7:cd:32:
83:89:83:a7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYeGWSSNYRnSjFdKYKl3RrQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDE1MTkxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGIwZWY0NDBiMDI5YzlhZGVkMGJlMjI4ODVlNThhZTNlMjY1ZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyx3IdNBU3PUnOpYXnZzUXkjrF7A
J84xwqvSXX3oMebDAiLip4QqxLyunDmCKz+RGeEKN/aePXR3jfExB2NGk9Lh4MLY
/6DL27xuGk/Xks6eytZPpcqPGM5QtP5VJvMa1Uz473GUWZOmq//SuPo/XCxK/LRI
cjKbhveFIleM/9tX/oPV941scg1uvV/g4C4EC9PKJSSaqmAKUq0WUsj3jrUapMZh
U5e+qQqj6t655TrSJBMvxk9CX5QnNbS2KfbNn7CCS8i/CPOqLSNQP9BJRqYXmaZQ
Dnnn2UHNI1i9oa3QKrrGopT5I+aIxDX+t4i3XB6aKLR1fJA54g4iTUcuCQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCCw70QLApya3tC+IoheWK4+Jl+tMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvSUxEdlJBc0NuSnJlMEw0aWlGNVlyajRtWDYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDArwoAwQC
Arw8AwQCArxIAwQDArygAwQBArywAwQGArzAAwQEAr1QAwQEAr2gMA0GCSqGSIb3
DQEBCwUAA4IBAQCgbWnQHRrCzXLGdWjkZ3kYkjA8k0DPs4cVWfEAXRItBtuHgX7E
kwsI9Ar8wv0C+C24h1SBwbRzyQgReeGG/nAR2say893cj+m8xcp22HqGCkge2CBv
bsiPUbwgek6p10W+rKgqXRmo5Az/1FfrIRe8+Vx56ivxYetEwB+4ZbyESacB/D/q
pdm6MEXqEDzS50SYMPtpYbvKxCNDyYeR8aOY+J7B+DY76tyAcwH+eVmvE7seMVG9
cvododBgDu4w1dqWhrfk2WJJmftN6blKWQV0STYI/Twx/+taX/b2CDtiGFy+fgw5
GeD+2+X/P62wScV/Wp3QdLNOqhLXzTKDiYOn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org