Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/cmolk67K2oHp9sgLLB5H5WG0D60.roa
File: cmolk67K2oHp9sgLLB5H5WG0D60.roa (raw, json)
Hash identifier: p3hYqRAZ5gSxe0yG86lmQh51vMkFqPoQ6EUQNgVL2Uw=
Subject key identifier: 72:6A:25:93:AE:CA:DA:81:E9:F6:C8:0B:2C:1E:47:E5:61:B4:0F:AD
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018766EC624114CBCD5B9F01FEAF8623F06A
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/cmolk67K2oHp9sgLLB5H5WG0D60.roa
Signing time: Sun 09 Apr 2023 16:49:40 +0000
ROA not before: Sun 09 Apr 2023 16:49:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 20
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 20
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.192.0/19 maxlen: 19
2.188.212.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 15 Apr 2023 16:19:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:66:ec:62:41:14:cb:cd:5b:9f:01:fe:af:86:23:f0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 9 16:49:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=726a2593aecada81e9f6c80b2c1e47e561b40fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b1:f2:2c:e0:a8:b5:1b:3d:4d:d7:1e:68:55:
1d:99:fa:6c:59:67:ff:77:71:57:f7:2f:08:ee:3c:
cf:b9:8d:26:cc:02:ad:fd:33:63:d9:a7:5c:61:8f:
47:34:87:71:05:87:31:12:98:1f:c1:87:4c:12:0a:
5d:1f:7c:28:6b:28:b7:82:ad:51:ce:0a:f5:31:23:
40:ef:3d:15:a5:db:c3:05:be:91:ee:66:b5:64:20:
51:16:8b:a5:8a:36:04:88:d5:60:49:75:15:00:a2:
d5:fb:05:6a:ee:ac:d4:fe:b4:0b:f4:99:13:f4:7a:
67:3b:20:bf:78:ba:8c:13:3e:80:b5:58:30:23:52:
1a:a4:ed:15:79:56:b5:0e:33:92:c1:8a:99:68:a4:
74:57:9b:b4:a8:af:30:b5:dd:89:62:8a:36:99:7d:
e3:99:f8:19:4a:85:52:32:ac:e8:da:91:0c:03:44:
42:18:d4:80:86:b1:d0:23:0c:05:dc:1f:e6:68:d9:
53:f7:fc:17:6a:a3:37:b7:9f:37:ac:da:dd:78:a8:
50:b8:b6:06:31:61:8b:26:f2:46:66:6b:2e:06:89:
87:e3:c4:ca:c4:24:da:49:d7:0b:28:8f:f9:f5:ec:
6a:80:b3:a9:1b:d5:2e:85:f4:78:5b:5c:a0:84:92:
20:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6A:25:93:AE:CA:DA:81:E9:F6:C8:0B:2C:1E:47:E5:61:B4:0F:AD
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/cmolk67K2oHp9sgLLB5H5WG0D60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.160.0/21
2.188.192.0/18
Signature Algorithm: sha256WithRSAEncryption
80:87:c2:97:43:5b:90:7d:7c:aa:16:c9:48:7f:45:c8:0a:83:
24:e8:94:65:13:84:a5:45:1c:d6:f7:ae:35:b3:6e:ec:c3:db:
ea:3e:de:72:8c:5c:88:3a:31:9a:44:16:c1:80:75:53:90:de:
f6:07:e2:b3:9e:1d:0b:72:7a:4e:7b:9c:f6:2d:a2:5a:22:85:
73:0e:b0:3f:9a:4d:19:1c:b2:fb:b9:7e:66:70:bb:b2:2b:27:
4a:66:3d:ff:de:cf:4f:15:71:aa:cd:52:b0:45:d4:48:6a:67:
3d:13:57:78:94:96:c6:79:a8:f2:d3:3a:f9:78:ce:43:f0:5d:
02:97:67:54:4c:f7:89:fe:a1:17:ef:68:7f:76:79:2e:df:d9:
47:0c:ee:59:05:66:75:e3:e6:ab:62:2f:af:22:1c:37:8a:18:
41:7e:9e:07:51:25:6e:d8:1c:6f:63:4b:90:7e:ec:37:55:05:
ba:9a:eb:50:5e:ee:31:7e:8b:a4:cb:0f:53:45:b2:76:05:57:
b0:ad:43:9c:8e:0a:d7:76:6e:fb:11:b1:6f:3c:a0:49:51:ff:
af:6a:db:3c:74:1b:17:be:b1:cd:2c:df:06:0e:2c:b3:85:ab:
a7:22:ac:38:02:8f:b6:73:8e:ce:f7:d3:84:24:11:96:ff:31:
40:21:d7:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdm7GJBFMvNW58B/q+GI/BqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDA5MTY0OTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjZhMjU5M2FlY2FkYTgxZTlmNmM4MGIyYzFlNDdlNTYxYjQwZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rHyLOCotRs9TdceaFUdmfpsWWf/
d3FX9y8I7jzPuY0mzAKt/TNj2adcYY9HNIdxBYcxEpgfwYdMEgpdH3woayi3gq1R
zgr1MSNA7z0VpdvDBb6R7ma1ZCBRFoulijYEiNVgSXUVAKLV+wVq7qzU/rQL9JkT
9HpnOyC/eLqMEz6AtVgwI1IapO0VeVa1DjOSwYqZaKR0V5u0qK8wtd2JYoo2mX3j
mfgZSoVSMqzo2pEMA0RCGNSAhrHQIwwF3B/maNlT9/wXaqM3t583rNrdeKhQuLYG
MWGLJvJGZmsuBomH48TKxCTaSdcLKI/59exqgLOpG9UuhfR4W1yghJIgSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHJqJZOuytqB6fbICyweR+VhtA+tMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvY21vbGs2N0syb0hwOXNnTExCNUg1V0cwRDYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDArygAwQG
ArzAMA0GCSqGSIb3DQEBCwUAA4IBAQCAh8KXQ1uQfXyqFslIf0XICoMk6JRlE4Sl
RRzW9641s27sw9vqPt5yjFyIOjGaRBbBgHVTkN72B+Kznh0LcnpOe5z2LaJaIoVz
DrA/mk0ZHLL7uX5mcLuyKydKZj3/3s9PFXGqzVKwRdRIamc9E1d4lJbGeajy0zr5
eM5D8F0Cl2dUTPeJ/qEX72h/dnku39lHDO5ZBWZ14+arYi+vIhw3ihhBfp4HUSVu
2BxvY0uQfuw3VQW6mutQXu4xfoukyw9TRbJ2BVewrUOcjgrXdm77EbFvPKBJUf+v
ats8dBsXvrHNLN8GDiyzhaunIqw4Ao+2c47O99OEJBGW/zFAIdc5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org