Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/R6riEeXXg_yYFb81mN9YYZwcakM.roa
File: R6riEeXXg_yYFb81mN9YYZwcakM.roa (raw, json)
Hash identifier: /fcbNQJ+LZzxyE9I9kr82vI9oqCHnrbxaUZwsVr9wfc=
Subject key identifier: 47:AA:E2:11:E5:D7:83:FC:98:15:BF:35:98:DF:58:61:9C:1C:6A:43
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 01878ACB24576497C541D69A2FC87B86AAC5
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/R6riEeXXg_yYFb81mN9YYZwcakM.roa
Signing time: Sun 16 Apr 2023 15:59:41 +0000
ROA not before: Sun 16 Apr 2023 15:59:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.40.0/21 maxlen: 21
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 19
2.189.160.0/21 maxlen: 21
2.189.168.0/21 maxlen: 21
2.188.212.0/23 maxlen: 23
2.188.208.0/23 maxlen: 24
2.189.80.0/21 maxlen: 21
2.189.88.0/21 maxlen: 21
2.188.60.0/22 maxlen: 22
2.188.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 17 Apr 2023 19:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8a:cb:24:57:64:97:c5:41:d6:9a:2f:c8:7b:86:aa:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 16 15:59:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47aae211e5d783fc9815bf3598df58619c1c6a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5e:af:f0:5b:09:2c:5e:76:ed:b7:a8:01:73:
66:59:6d:81:88:43:5c:39:5a:8a:62:cc:59:ee:9e:
70:2b:c3:98:04:bb:2d:65:31:20:5c:48:47:0f:e5:
cb:31:87:fd:6b:13:b6:47:4a:db:02:3d:87:85:64:
9c:0d:ed:b8:36:fd:f6:6c:78:0a:51:80:94:22:35:
de:3d:06:81:d8:a3:99:00:49:8e:d3:0b:09:b1:2b:
58:59:de:73:9e:f0:80:c6:b5:40:ac:b5:65:7c:40:
aa:ea:92:29:cd:7d:02:8e:c1:54:19:56:f6:cf:a5:
c0:10:f0:e7:c7:5b:9f:b3:76:cc:64:9b:dc:27:b0:
fd:2c:7c:b2:94:e1:e6:9e:17:70:85:dc:c5:8d:6a:
33:15:d2:6c:3a:c1:9f:f6:c5:b9:7d:d5:ad:52:18:
ac:3c:25:cc:e4:77:a6:d3:ab:4c:da:46:6b:08:6a:
ec:2c:bf:4d:b9:8e:a4:48:52:80:52:a4:c0:5f:9e:
8f:82:11:c6:71:69:92:2f:b2:62:a5:fc:fb:6d:0f:
22:ad:04:f2:dc:74:9d:25:ea:54:2e:66:e8:25:5c:
ab:33:d1:8b:80:fa:78:7d:11:1f:02:13:91:74:49:
ac:0a:65:a6:6d:66:3e:3e:b0:2e:61:9b:ab:b5:5b:
a0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AA:E2:11:E5:D7:83:FC:98:15:BF:35:98:DF:58:61:9C:1C:6A:43
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/R6riEeXXg_yYFb81mN9YYZwcakM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.40.0/21
2.188.60.0/22
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.80.0/20
2.189.160.0/20
Signature Algorithm: sha256WithRSAEncryption
81:6b:47:90:65:8e:30:7f:89:f9:5a:d7:94:36:f7:fe:b7:bf:
de:23:89:ab:90:c0:18:84:0b:f9:57:30:e6:b4:25:40:1f:6f:
67:f6:8e:48:86:d9:74:af:6a:77:c8:83:80:31:46:b4:d5:9f:
b6:f1:c3:85:66:56:57:6f:85:53:63:26:46:62:f8:34:f9:81:
cb:cc:5d:d5:81:e9:fa:62:03:ed:f4:02:af:49:5e:93:27:ab:
39:8b:02:7c:f4:dd:34:ba:fc:a7:82:98:29:1f:3c:8c:5d:81:
50:5e:89:fe:67:09:2a:3b:46:63:06:83:0a:cc:fc:72:90:1c:
d6:b2:a8:0a:4e:a1:6f:a2:78:58:d1:44:dd:21:a2:7b:6b:6c:
e0:47:c0:a9:ac:97:68:30:f2:83:41:04:3c:12:1e:57:8c:a5:
78:b4:1c:cb:6e:5f:07:95:a9:4b:51:d6:c6:60:f3:f7:d6:eb:
f2:c7:6e:79:a0:4e:d9:38:08:5c:ab:20:1b:13:df:18:dd:37:
eb:d9:a6:f4:95:f2:ef:7b:27:9a:eb:e3:0b:85:b3:90:bb:dc:
ff:96:52:4a:f7:ae:24:2d:58:69:45:7c:4d:9b:37:92:f3:69:
a3:15:0c:e1:1c:35:47:bb:f3:66:4b:5c:2a:d9:91:11:e3:d4:
c2:63:0c:b2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYeKyyRXZJfFQdaaL8h7hqrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDE2MTU1OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2FhZTIxMWU1ZDc4M2ZjOTgxNWJmMzU5OGRmNTg2MTljMWM2YTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv16v8FsJLF527beoAXNmWW2BiENc
OVqKYsxZ7p5wK8OYBLstZTEgXEhHD+XLMYf9axO2R0rbAj2HhWScDe24Nv32bHgK
UYCUIjXePQaB2KOZAEmO0wsJsStYWd5znvCAxrVArLVlfECq6pIpzX0CjsFUGVb2
z6XAEPDnx1ufs3bMZJvcJ7D9LHyylOHmnhdwhdzFjWozFdJsOsGf9sW5fdWtUhis
PCXM5Hem06tM2kZrCGrsLL9NuY6kSFKAUqTAX56PghHGcWmSL7Jipfz7bQ8irQTy
3HSdJepULmboJVyrM9GLgPp4fREfAhORdEmsCmWmbWY+PrAuYZurtVugxQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEeq4hHl14P8mBW/NZjfWGGcHGpDMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvUjZyaUVlWFhnX3lZRmI4MW1OOVlZWndjYWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDArwoAwQC
Arw8AwQCArxIAwQDArygAwQBArywAwQGArzAAwQEAr1QAwQEAr2gMA0GCSqGSIb3
DQEBCwUAA4IBAQCBa0eQZY4wf4n5WteUNvf+t7/eI4mrkMAYhAv5VzDmtCVAH29n
9o5Ihtl0r2p3yIOAMUa01Z+28cOFZlZXb4VTYyZGYvg0+YHLzF3Vgen6YgPt9AKv
SV6TJ6s5iwJ89N00uvyngpgpHzyMXYFQXon+ZwkqO0ZjBoMKzPxykBzWsqgKTqFv
onhY0UTdIaJ7a2zgR8CprJdoMPKDQQQ8Eh5XjKV4tBzLbl8HlalLUdbGYPP31uvy
x255oE7ZOAhcqyAbE98Y3Tfr2ab0lfLveyea6+MLhbOQu9z/llJK964kLVhpRXxN
mzeS82mjFQzhHDVHu/NmS1wq2ZER49TCYwyy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org