Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XGI4ciLbl3x6ryvcR0zh-9CWvuQ.roa
File: XGI4ciLbl3x6ryvcR0zh-9CWvuQ.roa (raw, json)
Hash identifier: kKmL+zhtd4omL6k0Jo54FsCGvJ2P5LkE4KxJCjT7J5U=
Subject key identifier: 5C:62:38:72:22:DB:97:7C:7A:AF:2B:DC:47:4C:E1:FB:D0:96:BE:E4
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0188165772933ADDB6AF0EDC44CACD3F5C6E
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XGI4ciLbl3x6ryvcR0zh-9CWvuQ.roa
Signing time: Sat 13 May 2023 18:20:09 +0000
ROA not before: Sat 13 May 2023 18:20:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.0.0/16 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
78.39.155.0/24 maxlen: 24
78.38.0.0/16 maxlen: 24
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.176.128.0/17 maxlen: 17
2.188.76.0/24 maxlen: 24
195.146.63.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.245.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.189.0.0/16 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.186.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
217.219.0.0/16 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.72.0/24 maxlen: 24
217.218.0.0/16 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 May 2023 18:52:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:16:57:72:93:3a:dd:b6:af:0e:dc:44:ca:cd:3f:5c:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 13 18:20:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c62387222db977c7aaf2bdc474ce1fbd096bee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f6:ac:e1:d9:ee:5e:41:13:d6:27:a0:3a:f8:
1b:90:3a:ed:2f:35:b3:e1:19:29:96:be:91:63:06:
42:10:ee:47:75:fd:af:e7:a1:5b:dd:ff:9d:38:99:
5f:3c:0c:bb:fa:71:9c:a8:00:de:7e:fe:0d:d9:6e:
49:2c:42:f9:bd:9e:5c:30:ea:46:20:90:5e:dd:64:
f8:b9:e4:4f:98:f3:e4:62:4a:66:2e:cd:80:ae:93:
e8:0f:c3:60:6a:3e:5b:0a:72:80:9f:05:80:07:73:
51:21:2c:2b:e3:6e:76:1c:86:bf:c5:c1:db:51:0c:
5a:b0:df:2c:2e:fc:ae:25:51:c6:75:9f:b5:e6:f9:
1b:a4:5d:25:3b:ae:db:ff:14:b5:e2:90:71:40:ab:
59:13:b7:43:b7:07:34:9f:cf:64:97:e3:b7:92:4e:
98:ac:bd:90:c3:8e:5e:71:27:a0:e9:bf:6d:d2:83:
fc:9c:fa:f2:ef:7e:3c:ed:a8:9c:e4:b6:5f:74:46:
48:50:42:18:2b:0f:99:51:fa:57:7a:e3:f4:8e:ec:
8f:93:c1:9a:fa:c0:89:1e:04:18:1d:aa:ab:3f:ae:
fd:89:41:7f:5b:12:bb:01:12:e3:bd:fc:e9:e7:14:
77:99:48:88:40:1a:64:27:da:cf:99:77:8e:d9:07:
01:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:62:38:72:22:DB:97:7C:7A:AF:2B:DC:47:4C:E1:FB:D0:96:BE:E4
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XGI4ciLbl3x6ryvcR0zh-9CWvuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/15
78.38.0.0/15
195.146.63.0/24
217.218.0.0/15
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
40:e1:76:9d:e1:12:6a:0c:65:44:68:fc:4b:61:36:9b:cb:1e:
62:51:e8:82:3f:1b:02:48:58:4a:c1:40:ac:21:fc:cd:5e:8d:
d8:70:18:e0:b7:dd:a6:1f:70:83:a4:dc:30:9b:c5:cf:5e:7c:
db:be:49:28:4a:f6:08:2b:0f:49:08:f9:44:49:d4:04:23:03:
9c:af:ba:67:ae:3d:91:d3:41:14:ee:ac:b5:2d:ac:14:0c:6a:
1c:08:5a:88:c1:9a:d7:e9:5d:eb:db:d1:2a:6d:64:83:a5:af:
63:55:ef:5a:c4:49:d2:8d:10:44:e1:87:1f:2a:43:b6:08:37:
8e:0a:8e:8f:90:ad:c4:82:53:d2:dc:c2:1e:86:a2:c6:18:8b:
16:5f:dc:e0:57:e8:63:7b:21:57:04:fc:5f:68:a4:5c:1e:61:
8f:12:38:ab:9a:b4:20:c3:43:0b:27:e3:5b:77:5d:db:5d:48:
14:b9:5f:77:49:65:53:59:c5:02:83:81:6d:30:65:23:bf:56:
d0:5f:72:50:65:9d:f8:a8:37:c5:55:99:e8:58:bf:5b:e8:c5:
25:d9:f0:45:82:67:c9:5c:b2:58:f9:e5:15:ee:74:b8:25:d8:
51:7b:b6:cb:b1:75:69:e1:5e:53:05:69:b2:58:17:31:a9:ae:
e0:84:b1:46
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYgWV3KTOt22rw7cRMrNP1xuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTEzMTgyMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzYyMzg3MjIyZGI5NzdjN2FhZjJiZGM0NzRjZTFmYmQwOTZiZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPas4dnuXkET1iegOvgbkDrtLzWz
4Rkplr6RYwZCEO5Hdf2v56Fb3f+dOJlfPAy7+nGcqADefv4N2W5JLEL5vZ5cMOpG
IJBe3WT4ueRPmPPkYkpmLs2ArpPoD8Ngaj5bCnKAnwWAB3NRISwr4252HIa/xcHb
UQxasN8sLvyuJVHGdZ+15vkbpF0lO67b/xS14pBxQKtZE7dDtwc0n89kl+O3kk6Y
rL2Qw45ecSeg6b9t0oP8nPry73487aic5LZfdEZIUEIYKw+ZUfpXeuP0juyPk8Ga
+sCJHgQYHaqrP679iUF/WxK7ARLjvfzp5xR3mUiIQBpkJ9rPmXeO2QcBSwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFxiOHIi25d8eq8r3EdM4fvQlr7kMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvWEdJNGNpTGJsM3g2cnl2Y1IwemgtOUNXdnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAlBAIAATAfAwMBArADAwAC
uQMDAQK8AwMBTiYDBADDkj8DAwHZ2jAPBAIAAjAJAwcAIAFBiAACMA0GCSqGSIb3
DQEBCwUAA4IBAQBA4Xad4RJqDGVEaPxLYTabyx5iUeiCPxsCSFhKwUCsIfzNXo3Y
cBjgt92mH3CDpNwwm8XPXnzbvkkoSvYIKw9JCPlESdQEIwOcr7pnrj2R00EU7qy1
LawUDGocCFqIwZrX6V3r29EqbWSDpa9jVe9axEnSjRBE4YcfKkO2CDeOCo6PkK3E
glPS3MIehqLGGIsWX9zgV+hjeyFXBPxfaKRcHmGPEjirmrQgw0MLJ+Nbd13bXUgU
uV93SWVTWcUCg4FtMGUjv1bQX3JQZZ34qDfFVZnoWL9b6MUl2fBFgmfJXLJY+eUV
7nS4JdhRe7bLsXVp4V5TBWmyWBcxqa7ghLFG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org