Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/QYWUhifJ4RmCIkuZu-8vLwFL4CY.roa
File: QYWUhifJ4RmCIkuZu-8vLwFL4CY.roa (raw, json)
Hash identifier: Y2xVYMgTbCH95bQvRBUlIDvQV5psD0LFZejeI3mkABU=
Subject key identifier: 41:85:94:86:27:C9:E1:19:82:22:4B:99:BB:EF:2F:2F:01:4B:E0:26
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018793F02574CE4F13950D154E042E1879EF
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/QYWUhifJ4RmCIkuZu-8vLwFL4CY.roa
Signing time: Tue 18 Apr 2023 10:36:41 +0000
ROA not before: Tue 18 Apr 2023 10:36:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48159
IP address blocks: 2.188.1.0/24 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
78.39.240.0/24 maxlen: 24
78.39.149.0/24 maxlen: 24
78.39.150.0/24 maxlen: 24
78.39.151.0/24 maxlen: 24
80.191.56.0/24 maxlen: 24
217.219.236.0/22 maxlen: 22
78.38.0.0/16 maxlen: 16
217.218.67.0/24 maxlen: 24
2.185.18.0/24 maxlen: 24
2.185.40.0/21 maxlen: 21
78.38.160.0/19 maxlen: 19
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.176.128.0/17 maxlen: 17
2.185.0.0/20 maxlen: 20
2.185.0.0/16 maxlen: 16
78.39.0.0/16 maxlen: 16
2.185.164.0/24 maxlen: 24
2.185.160.0/19 maxlen: 19
2.188.179.0/24 maxlen: 24
2.185.88.0/22 maxlen: 22
217.219.0.0/16 maxlen: 16
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.68.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.191.0.0/16 maxlen: 16
80.191.0.0/16 maxlen: 16
217.218.0.0/17 maxlen: 17
217.218.0.0/16 maxlen: 16
2.189.42.0/24 maxlen: 24
2.189.43.0/24 maxlen: 24
2.189.56.0/24 maxlen: 24
2.189.58.0/24 maxlen: 24
2.182.128.0/21 maxlen: 21
Validation: Failed, certificate revoked on Sat 13 May 2023 18:07:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:f0:25:74:ce:4f:13:95:0d:15:4e:04:2e:18:79:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 18 10:36:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4185948627c9e11982224b99bbef2f2f014be026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:18:71:63:2f:54:07:bf:9e:59:4c:41:92:e7:
3c:ff:18:e4:ac:98:41:d5:ce:f3:99:a2:5e:bb:25:
42:42:8f:4e:46:f0:71:a9:e5:d2:3c:e3:60:7b:5a:
b5:dd:38:85:5e:5f:8a:f3:b2:0a:fd:a4:96:73:6f:
2c:4a:42:9d:eb:32:b1:aa:a2:a4:8e:f2:91:2b:b5:
6e:54:1c:dd:b2:ec:a3:0d:82:54:c7:4d:49:9b:ba:
8f:f0:3a:74:93:a5:f8:6e:c9:c3:60:53:0b:84:cc:
15:e5:87:fb:ae:4b:4b:36:6a:a8:9c:30:38:74:0c:
27:a1:99:ef:f4:b5:13:52:32:ad:0f:2e:6c:b8:9c:
dc:46:8b:e5:46:66:f7:f0:d6:71:b6:4f:77:7f:15:
36:a5:43:a6:92:ce:75:96:d5:a2:ae:cf:5e:18:da:
33:ea:c8:18:49:16:b8:b4:16:19:27:10:2c:d9:20:
2a:6d:03:9a:3d:f8:ac:fd:18:09:2f:37:40:d0:d6:
db:01:8f:70:05:60:a7:76:66:e2:79:dd:5f:d8:d4:
62:ea:f3:dd:66:22:14:68:cf:c5:e2:d7:b0:41:64:
75:00:cd:c3:4b:83:9b:c1:02:e7:e3:3c:c6:b3:76:
9b:54:8a:32:bc:9c:66:93:2f:38:96:aa:d2:c9:41:
6a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:85:94:86:27:C9:E1:19:82:22:4B:99:BB:EF:2F:2F:01:4B:E0:26
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/QYWUhifJ4RmCIkuZu-8vLwFL4CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.128.0-2.177.255.255
2.182.128.0/21
2.185.0.0/16
2.188.0.0/23
2.188.22.0/24
2.188.28.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.184.0/23
2.188.187.0/24
2.189.42.0/23
2.189.56.0/24
2.189.58.0/24
2.189.68.0/24
2.189.72.0/24
2.191.0.0/16
78.38.0.0/15
80.191.0.0/16
217.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1f:c8:ca:b2:ce:1c:9c:c0:44:41:b8:58:85:20:12:2c:a4:21:
cf:76:ef:1c:43:b6:f6:6a:2a:e9:6c:14:7e:46:ff:b4:e1:75:
16:96:8d:3d:4b:1e:cb:11:32:b2:ea:e7:2d:40:da:e8:56:e6:
99:92:e7:2e:c6:cb:1b:85:10:ba:b5:97:e3:6b:a4:f5:19:e8:
b6:28:29:a3:bc:a2:2d:3f:3f:f3:8b:cf:a2:47:c3:fc:30:17:
df:1d:db:e8:00:0d:71:43:fe:3e:bf:10:5f:a3:ac:28:52:e4:
90:75:4b:bd:1a:c2:18:50:1c:71:ec:8b:03:74:d9:e0:d0:b0:
4b:f0:e0:6f:f5:f9:dc:ec:43:2b:bd:12:35:a8:ac:a5:07:14:
66:2c:53:fc:bb:eb:c7:1d:5d:47:03:82:7b:9c:55:7e:d3:f6:
40:95:ce:d4:97:1f:66:24:c5:d3:c2:c9:75:1d:ad:e0:17:07:
72:89:60:04:24:23:11:a5:e4:e0:13:62:d7:a5:b8:27:21:79:
8d:14:2a:b3:31:83:f8:ad:eb:40:8e:ef:d6:fe:02:e8:4c:fd:
c8:4d:98:c0:f6:a8:8c:f1:3a:35:10:72:64:35:f7:1b:f2:f3:
88:c3:d5:9d:f0:81:13:46:fe:b4:d5:69:3d:7b:fe:a0:65:e5:
68:f3:e8:13
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYeT8CV0zk8TlQ0VTgQuGHnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDE4MTAzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTg1OTQ4NjI3YzllMTE5ODIyMjRiOTliYmVmMmYyZjAxNGJlMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghhxYy9UB7+eWUxBkuc8/xjkrJhB
1c7zmaJeuyVCQo9ORvBxqeXSPONge1q13TiFXl+K87IK/aSWc28sSkKd6zKxqqKk
jvKRK7VuVBzdsuyjDYJUx01Jm7qP8Dp0k6X4bsnDYFMLhMwV5Yf7rktLNmqonDA4
dAwnoZnv9LUTUjKtDy5suJzcRovlRmb38NZxtk93fxU2pUOmks51ltWirs9eGNoz
6sgYSRa4tBYZJxAs2SAqbQOaPfis/RgJLzdA0NbbAY9wBWCndmbied1f2NRi6vPd
ZiIUaM/F4tewQWR1AM3DS4ObwQLn4zzGs3abVIoyvJxmky84lqrSyUFqUQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFEGFlIYnyeEZgiJLmbvvLy8BS+AmMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvUVlXVWhpZko0Um1DSWt1WnUtOHZMd0ZMNENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwejALAwQH
ArCAAwMBArADBAMCtoADAwACuQMEAQK8AAMEAAK8FgMEAAK8HAMEAwK8QAMEAAK8
TAMEAAK8swMEAQK8uAMEAAK8uwMEAQK9KgMEAAK9OAMEAAK9OgMEAAK9RAMEAAK9
SAMDAAK/AwMBTiYDAwBQvwMDAdnaMA0GCSqGSIb3DQEBCwUAA4IBAQAfyMqyzhyc
wERBuFiFIBIspCHPdu8cQ7b2airpbBR+Rv+04XUWlo09Sx7LETKy6uctQNroVuaZ
kucuxssbhRC6tZfja6T1Gei2KCmjvKItPz/zi8+iR8P8MBffHdvoAA1xQ/4+vxBf
o6woUuSQdUu9GsIYUBxx7IsDdNng0LBL8OBv9fnc7EMrvRI1qKylBxRmLFP8u+vH
HV1HA4J7nFV+0/ZAlc7Ulx9mJMXTwsl1Ha3gFwdyiWAEJCMRpeTgE2LXpbgnIXmN
FCqzMYP4retAju/W/gLoTP3ITZjA9qiM8To1EHJkNfcb8vOIw9Wd8IETRv601Wk9
e/6gZeVo8+gT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org