Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NO28KdCnSzkx6KmHoZpwhU-UGK0.roa
File: NO28KdCnSzkx6KmHoZpwhU-UGK0.roa (raw, json)
Hash identifier: LOwXbKl1IJ1g6BhGgM7vaAaJs1Vc3Gh5Db/CLdD8u74=
Subject key identifier: 34:ED:BC:29:D0:A7:4B:39:31:E8:A9:87:A1:9A:70:85:4F:94:18:AD
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0187D29A03E10C536191919117825D311EA5
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NO28KdCnSzkx6KmHoZpwhU-UGK0.roa
Signing time: Sun 30 Apr 2023 14:38:41 +0000
ROA not before: Sun 30 Apr 2023 14:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.0.0/16 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
78.39.155.0/24 maxlen: 24
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.176.128.0/17 maxlen: 17
2.188.76.0/24 maxlen: 24
195.146.63.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.245.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.189.0.0/16 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.186.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.72.0/24 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d2:9a:03:e1:0c:53:61:91:91:91:17:82:5d:31:1e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 30 14:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34edbc29d0a74b3931e8a987a19a70854f9418ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2f:84:75:a5:fe:eb:c7:b4:a0:49:a5:ce:82:
10:64:3b:c8:b3:55:1c:7e:81:0c:2b:57:4f:cd:57:
ba:71:28:51:5c:86:ec:ce:c5:b1:96:5e:76:b2:fd:
51:8d:9d:42:6a:51:14:11:b9:e1:8e:5c:bd:e8:99:
e9:35:fb:37:9f:fc:66:c7:f2:6e:d0:b9:b4:08:ed:
0a:c9:0c:ef:7b:0b:c3:69:00:8f:5e:77:3b:01:7a:
3e:1b:0e:cb:48:fc:a6:2e:75:f1:4e:d8:b2:af:fd:
0b:24:e7:a5:6d:84:6e:7c:eb:98:29:89:12:fe:35:
78:29:76:f5:42:90:ab:72:c0:ff:62:80:58:2e:f9:
8b:05:3d:6e:e6:a2:de:62:30:ca:75:46:50:a4:e0:
51:f0:d4:cf:af:7d:b7:22:29:57:89:9d:18:f6:2c:
73:08:09:37:07:04:85:85:6a:86:15:c9:1d:de:24:
f7:94:ff:6c:6e:42:92:60:e7:cd:d6:b1:b0:0b:0b:
c2:63:c1:be:bb:08:b3:26:fe:7f:d4:fa:bd:45:5f:
d6:1c:99:ed:8a:5e:7b:98:7a:5c:03:8e:ab:22:c9:
dc:9e:98:9b:f7:04:72:e0:22:c2:3a:95:ee:7d:6d:
a0:09:09:85:b8:1a:9a:95:2f:a7:b7:9c:ca:7e:5c:
e2:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:ED:BC:29:D0:A7:4B:39:31:E8:A9:87:A1:9A:70:85:4F:94:18:AD
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NO28KdCnSzkx6KmHoZpwhU-UGK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/15
78.38.245.0/24
78.38.253.0/24
78.39.155.0/24
195.146.63.0/24
217.218.67.0/24
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
0a:09:4b:5a:b0:f0:f8:64:78:0c:47:26:3a:ae:2e:46:25:7b:
43:46:32:ee:6f:25:ad:c7:60:50:2f:00:d2:80:d9:89:1b:e9:
f2:49:eb:8d:6c:9d:22:26:f6:3a:d5:06:af:f5:50:a2:ba:a2:
d3:d0:34:54:b8:86:87:a5:f7:17:32:78:b4:03:6b:e3:d7:b0:
29:74:b6:09:37:e7:c1:01:03:3f:a1:16:5f:c4:4e:f6:9d:86:
f1:62:7a:0f:5a:f7:7d:95:c7:be:5d:0d:2b:3f:b3:aa:ff:f4:
91:5f:cf:49:c0:0d:04:70:fc:2c:58:9a:5e:a2:d6:73:77:43:
50:65:7b:3d:36:e0:8c:df:a6:35:7f:3b:06:51:e3:72:a0:85:
8d:8e:c4:7c:ff:5f:0d:5a:88:cf:0b:3e:c7:21:6a:02:96:db:
b3:1e:5f:bd:c9:ab:be:34:ad:75:7c:ca:e5:6d:c1:c7:be:6f:
7e:46:7e:d5:4c:cc:cc:7c:fc:7a:b3:3d:e9:ed:09:86:60:e1:
fd:74:75:1d:a3:e9:a3:1d:26:ea:a8:a3:bc:51:fd:cc:60:b8:
64:c3:b1:94:95:d1:fe:e0:86:aa:36:e6:fa:59:ab:ae:85:7a:
b7:1a:ab:c0:ee:94:aa:0f:4a:a0:b1:dd:e8:4d:f8:92:d8:af:
a6:0e:d7:8e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYfSmgPhDFNhkZGRF4JdMR6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDMwMTQzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGVkYmMyOWQwYTc0YjM5MzFlOGE5ODdhMTlhNzA4NTRmOTQxOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS+EdaX+68e0oEmlzoIQZDvIs1Uc
foEMK1dPzVe6cShRXIbszsWxll52sv1RjZ1CalEUEbnhjly96JnpNfs3n/xmx/Ju
0Lm0CO0KyQzvewvDaQCPXnc7AXo+Gw7LSPymLnXxTtiyr/0LJOelbYRufOuYKYkS
/jV4KXb1QpCrcsD/YoBYLvmLBT1u5qLeYjDKdUZQpOBR8NTPr323IilXiZ0Y9ixz
CAk3BwSFhWqGFckd3iT3lP9sbkKSYOfN1rGwCwvCY8G+uwizJv5/1Pq9RV/WHJnt
il57mHpcA46rIsncnpib9wRy4CLCOpXufW2gCQmFuBqalS+nt5zKflziOwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDTtvCnQp0s5Meiph6GacIVPlBitMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvTk8yOEtkQ25Temt4NkttSG9acHdoVS1VR0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAzBAIAATAtAwMBArADAwAC
uQMDAQK8AwQATib1AwQATib9AwQATiebAwQAw5I/AwQA2dpDMA8EAgACMAkDBwAg
AUGIAAIwDQYJKoZIhvcNAQELBQADggEBAAoJS1qw8PhkeAxHJjquLkYle0NGMu5v
Ja3HYFAvANKA2Ykb6fJJ641snSIm9jrVBq/1UKK6otPQNFS4hoel9xcyeLQDa+PX
sCl0tgk358EBAz+hFl/ETvadhvFieg9a932Vx75dDSs/s6r/9JFfz0nADQRw/CxY
ml6i1nN3Q1Blez024IzfpjV/OwZR43KghY2OxHz/Xw1aiM8LPschagKW27MeX73J
q740rXV8yuVtwce+b35GftVMzMx8/HqzPentCYZg4f10dR2j6aMdJuqoo7xR/cxg
uGTDsZSV0f7ghqo25vpZq66Fercaq8DulKoPSqCx3ehN+JLYr6YO144=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:02 2023 by rpki-client on console-fra.rpki-client.org