Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/YkDtWy3YQLksGmPZ4WKC5iDDuqY.roa
File: YkDtWy3YQLksGmPZ4WKC5iDDuqY.roa (raw, json)
Hash identifier: X4qn252+AgY3dALARSpxS9fC1iqx/aPInsC4Ns/8Hr8=
Subject key identifier: 62:40:ED:5B:2D:D8:40:B9:2C:1A:63:D9:E1:62:82:E6:20:C3:BA:A6
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018B5907F65B12475134F5FF2E7405697E05
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/YkDtWy3YQLksGmPZ4WKC5iDDuqY.roa
Signing time: Sun 22 Oct 2023 20:16:15 +0000
ROA not before: Sun 22 Oct 2023 20:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.40.0/21 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
78.39.153.0/24 maxlen: 24
2.188.72.0/22 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.243.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
2.181.0.0/16 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.59.0/24 maxlen: 24
78.38.25.0/24 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.182.0.0/16 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
2.189.48.0/21 maxlen: 24
2.189.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Oct 2023 20:21:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:59:07:f6:5b:12:47:51:34:f5:ff:2e:74:05:69:7e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Oct 22 20:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6240ed5b2dd840b92c1a63d9e16282e620c3baa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:51:c6:e3:ed:cf:c7:90:84:ba:7b:af:57:79:
79:e0:f2:d6:18:06:29:d6:e9:b3:4d:74:f1:b8:ac:
d0:f6:66:1e:51:03:bc:04:c0:08:6d:92:6d:9b:f3:
e8:b6:95:28:91:55:e5:5f:a7:96:55:29:df:e7:81:
23:e7:36:ea:c6:c1:47:7c:0b:c1:7b:9f:a4:35:4a:
51:06:5b:ec:7b:ae:97:da:21:11:ad:5f:17:4b:48:
96:55:47:34:7a:ab:95:dc:75:e4:58:b7:f1:3e:38:
c5:c5:f5:f5:d4:7d:ca:e6:07:cf:6d:77:60:06:4a:
a8:46:b4:62:23:f8:54:fa:89:2a:2c:4d:6b:cf:b0:
8b:96:52:32:86:4b:33:68:f1:2b:06:48:a0:9b:17:
fc:ae:88:34:9e:b2:08:b4:5c:d6:93:08:1f:39:ba:
2a:66:f0:f4:5f:1c:c8:e8:68:16:11:60:72:9e:43:
04:f4:ee:32:46:26:dd:58:69:b7:66:0b:a9:7a:19:
25:bd:bc:f2:24:28:fe:de:af:2f:85:5d:e8:55:4e:
fb:ee:84:3a:c1:7c:6d:04:50:2e:28:9c:cc:49:c5:
d0:43:0a:5b:24:8f:a4:cb:6e:c9:a9:77:83:bb:1c:
c7:be:36:66:59:f8:69:e8:05:1c:40:0a:64:d5:15:
82:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:40:ED:5B:2D:D8:40:B9:2C:1A:63:D9:E1:62:82:E6:20:C3:BA:A6
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/YkDtWy3YQLksGmPZ4WKC5iDDuqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.181.0.0-2.182.255.255
2.188.40.0/21
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.64.0/22
2.189.80.0/20
2.189.160.0/20
78.38.25.0/24
78.38.243.0/24
78.38.246.0/24
78.38.248.0/24
78.38.250.0/23
78.38.254.0/24
78.39.40.0/24
78.39.43.0/24
78.39.46.0-78.39.51.255
78.39.53.0-78.39.59.255
78.39.62.0/23
78.39.153.0/24
78.39.155.0-78.39.156.255
Signature Algorithm: sha256WithRSAEncryption
25:14:2e:99:3b:f7:95:30:4b:ee:10:f3:29:9f:66:db:45:ca:
45:35:70:32:b3:18:fd:38:1f:f0:05:41:40:c1:a8:86:04:69:
e9:43:0c:bb:30:cb:7c:59:84:6b:dc:e4:95:1e:5c:c1:91:38:
b2:20:05:55:c0:5d:3e:87:7d:a5:29:eb:f3:cb:b3:bb:b6:e1:
ee:0d:db:07:c2:f0:04:db:47:e7:3c:f8:2d:56:a4:44:b4:d9:
65:d1:93:4b:80:30:69:8a:94:7f:ca:d8:ee:d7:a6:d5:30:68:
43:e8:de:5d:2f:95:6b:99:46:18:57:0c:33:ad:44:dc:5a:93:
83:a9:9d:19:15:ca:af:68:81:52:52:13:cb:12:ca:7b:bc:5a:
6f:12:3a:8f:c3:a4:f6:8c:2c:9b:76:db:ea:74:67:f1:0e:2e:
19:2f:3e:6a:e3:4e:57:ef:65:05:fc:7d:b3:d0:73:6a:12:fb:
94:9f:f9:bf:77:ae:1e:c1:72:fd:23:d8:ba:b7:7e:81:38:56:
0a:be:47:c7:8b:ed:97:29:25:9a:9d:68:a2:b3:a8:d8:de:31:
86:43:e4:5d:dc:b2:b2:49:85:82:82:c4:af:82:20:cd:73:7e:
15:b8:fb:e7:cb:b7:74:45:6e:54:07:ec:2c:d7:43:86:ab:37:
24:b1:b8:bf
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYtZB/ZbEkdRNPX/LnQFaX4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMxMDIyMjAxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjQwZWQ1YjJkZDg0MGI5MmMxYTYzZDllMTYyODJlNjIwYzNiYWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVHG4+3Px5CEunuvV3l54PLWGAYp
1umzTXTxuKzQ9mYeUQO8BMAIbZJtm/PotpUokVXlX6eWVSnf54Ej5zbqxsFHfAvB
e5+kNUpRBlvse66X2iERrV8XS0iWVUc0equV3HXkWLfxPjjFxfX11H3K5gfPbXdg
BkqoRrRiI/hU+okqLE1rz7CLllIyhkszaPErBkigmxf8rog0nrIItFzWkwgfOboq
ZvD0XxzI6GgWEWBynkME9O4yRibdWGm3ZgupehklvbzyJCj+3q8vhV3oVU777oQ6
wXxtBFAuKJzMScXQQwpbJI+ky27JqXeDuxzHvjZmWfhp6AUcQApk1RWCLwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFGJA7Vst2EC5LBpj2eFiguYgw7qmMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvWWtEdFd5M1lRTGtzR21QWjRXS0M1aUREdXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagwCgMD
AAK1AwMAArYDBAMCvCgDBAICvEgDBAMCvKADBAECvLADBAYCvMADBAMCvTADBAIC
vUADBAQCvVADBAQCvaADBABOJhkDBABOJvMDBABOJvYDBABOJvgDBAFOJvoDBABO
Jv4DBABOJygDBABOJyswDAMEAU4nLgMEAk4nMDAMAwQATic1AwQCTic4AwQBTic+
AwQATieZMAwDBABOJ5sDBABOJ5wwDQYJKoZIhvcNAQELBQADggEBACUULpk795Uw
S+4Q8ymfZttFykU1cDKzGP04H/AFQUDBqIYEaelDDLswy3xZhGvc5JUeXMGROLIg
BVXAXT6HfaUp6/PLs7u24e4N2wfC8ATbR+c8+C1WpES02WXRk0uAMGmKlH/K2O7X
ptUwaEPo3l0vlWuZRhhXDDOtRNxak4OpnRkVyq9ogVJSE8sSynu8Wm8SOo/DpPaM
LJt22+p0Z/EOLhkvPmrjTlfvZQX8fbPQc2oS+5Sf+b93rh7Bcv0j2Lq3foE4Vgq+
R8eL7ZcpJZqdaKKzqNjeMYZD5F3csrJJhYKCxK+CIM1zfhW4++fLt3RFblQH7CzX
Q4arNySxuL8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org