Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/OefIkrqN8IkKERNJeCKXPvObwsQ.roa
File: OefIkrqN8IkKERNJeCKXPvObwsQ.roa (raw, json)
Hash identifier: akLDFQyxspxi4gYIZRjXS9WtjRw3TBC7xDWdzxo1VzM=
Subject key identifier: 39:E7:C8:92:BA:8D:F0:89:0A:11:13:49:78:22:97:3E:F3:9B:C2:C4
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0187B5287A81DA94FDD927D171FB838113D6
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/OefIkrqN8IkKERNJeCKXPvObwsQ.roa
Signing time: Mon 24 Apr 2023 21:25:41 +0000
ROA not before: Mon 24 Apr 2023 21:25:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.40.0/21 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
2.188.60.0/24 maxlen: 24
2.188.72.0/22 maxlen: 24
2.189.48.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 21:46:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b5:28:7a:81:da:94:fd:d9:27:d1:71:fb:83:81:13:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 24 21:25:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39e7c892ba8df0890a1113497822973ef39bc2c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bd:6d:db:f5:b1:18:f9:2d:9d:83:ec:53:b2:
09:7f:64:e4:59:24:f6:12:31:f3:49:2f:f7:a3:44:
87:ce:f4:b9:96:d7:e8:77:47:c8:b3:7f:e3:9e:fb:
da:3b:4b:c2:32:87:6f:7a:45:b3:85:7b:1f:69:4d:
55:50:31:4e:c4:4c:1c:1e:a1:8b:7c:9e:f7:2f:0e:
24:27:5d:5e:26:23:fa:89:a2:04:4d:52:bd:08:b9:
0d:2f:a9:4d:27:47:07:b3:8e:65:91:b7:dc:00:b0:
e9:06:e5:68:9c:98:95:2e:8d:17:c3:2b:44:a4:9a:
0d:24:27:af:ac:ef:86:9e:e3:7f:2f:7b:79:de:bc:
2d:bd:ca:f7:2a:b0:ff:74:0f:36:f5:6f:86:71:88:
3b:9b:61:54:0f:c6:61:22:23:f8:a2:c0:df:e1:77:
f8:cc:09:61:6c:7a:6d:4f:62:e4:3b:2f:63:ee:08:
6b:37:4a:59:91:a9:fe:37:60:3a:0c:58:5b:c3:d9:
1a:f0:a3:4b:09:56:ac:25:b0:4f:38:43:f2:97:08:
51:cf:84:02:ad:26:8b:ae:1c:5d:b2:61:ca:62:1d:
41:88:f8:e1:9f:3b:1a:16:9c:dc:18:de:75:75:f2:
c5:9d:4b:2f:f9:2d:87:c4:4d:65:4a:3a:77:bc:47:
d8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E7:C8:92:BA:8D:F0:89:0A:11:13:49:78:22:97:3E:F3:9B:C2:C4
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/OefIkrqN8IkKERNJeCKXPvObwsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.40.0/21
2.188.60.0/24
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.80.0/20
2.189.160.0/20
Signature Algorithm: sha256WithRSAEncryption
43:6c:87:b5:81:b8:d4:f5:4f:dd:77:97:4f:61:bf:d9:71:6d:
1c:40:63:9a:4b:52:87:a3:2a:44:e6:a0:8a:b3:38:30:87:a4:
6c:1d:df:dc:e6:2d:6e:40:fa:ef:ba:7c:7a:d0:06:b4:f5:a8:
8e:00:2a:6c:4a:09:5f:b2:5f:a5:c6:7a:79:6a:9b:34:ea:68:
e3:75:95:82:f2:fd:c8:1d:e7:f7:70:b4:26:f1:95:75:df:ee:
9e:3b:a5:e0:fe:c3:a7:3f:13:9f:e0:46:79:8c:57:ce:33:46:
8b:38:41:d5:07:32:d7:03:25:a3:a6:04:d2:35:fc:e4:e6:a2:
42:22:34:7b:38:0f:91:1d:4a:21:6b:7f:a6:27:8c:26:f8:0e:
3d:c8:f7:b2:80:5d:dc:18:90:d9:07:18:c4:11:5f:4c:81:24:
9a:76:42:4d:1b:8c:39:e1:60:2f:5b:d3:2f:ca:6b:bf:62:4e:
f6:af:84:14:86:9e:a6:98:64:19:b1:91:64:a5:be:3e:87:73:
ee:31:56:82:08:a8:b0:10:ee:9f:22:76:67:77:81:72:ab:7a:
76:e8:52:89:5b:3a:fd:0c:46:70:7d:ec:b4:8a:a5:69:d9:39:
3a:43:cd:6e:eb:11:aa:87:15:c4:c3:c0:b1:30:69:c1:6a:42:
b8:04:e1:14
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYe1KHqB2pT92SfRcfuDgRPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDI0MjEyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWU3Yzg5MmJhOGRmMDg5MGExMTEzNDk3ODIyOTczZWYzOWJjMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjb1t2/WxGPktnYPsU7IJf2TkWST2
EjHzSS/3o0SHzvS5ltfod0fIs3/jnvvaO0vCModvekWzhXsfaU1VUDFOxEwcHqGL
fJ73Lw4kJ11eJiP6iaIETVK9CLkNL6lNJ0cHs45lkbfcALDpBuVonJiVLo0XwytE
pJoNJCevrO+GnuN/L3t53rwtvcr3KrD/dA829W+GcYg7m2FUD8ZhIiP4osDf4Xf4
zAlhbHptT2LkOy9j7ghrN0pZkan+N2A6DFhbw9ka8KNLCVasJbBPOEPylwhRz4QC
rSaLrhxdsmHKYh1BiPjhnzsaFpzcGN51dfLFnUsv+S2HxE1lSjp3vEfYMQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDnnyJK6jfCJChETSXgilz7zm8LEMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvT2VmSWtycU44SWtLRVJOSmVDS1hQdk9id3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDArwoAwQA
Arw8AwQCArxIAwQDArygAwQBArywAwQGArzAAwQDAr0wAwQEAr1QAwQEAr2gMA0G
CSqGSIb3DQEBCwUAA4IBAQBDbIe1gbjU9U/dd5dPYb/ZcW0cQGOaS1KHoypE5qCK
szgwh6RsHd/c5i1uQPrvunx60Aa09aiOACpsSglfsl+lxnp5aps06mjjdZWC8v3I
Hef3cLQm8ZV13+6eO6Xg/sOnPxOf4EZ5jFfOM0aLOEHVBzLXAyWjpgTSNfzk5qJC
IjR7OA+RHUoha3+mJ4wm+A49yPeygF3cGJDZBxjEEV9MgSSadkJNG4w54WAvW9Mv
ymu/Yk72r4QUhp6mmGQZsZFkpb4+h3PuMVaCCKiwEO6fInZnd4Fyq3p26FKJWzr9
DEZwfey0iqVp2Tk6Q81u6xGqhxXEw8CxMGnBakK4BOEU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org