Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/gtaKdRx5PJvu0gY0K50l7EMnkiQ.roa
File: gtaKdRx5PJvu0gY0K50l7EMnkiQ.roa (raw, json)
Hash identifier: Afl2dVavfYokWTdsizL1yn118EyuRgRTH8tFIf8xiY4=
Subject key identifier: 82:D6:8A:75:1C:79:3C:9B:EE:D2:06:34:2B:9D:25:EC:43:27:92:24
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018793D4ACD820957C71BEB816C1142B11AA
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/gtaKdRx5PJvu0gY0K50l7EMnkiQ.roa
Signing time: Tue 18 Apr 2023 10:06:41 +0000
ROA not before: Tue 18 Apr 2023 10:06:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.0.0/16 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.176.128.0/17 maxlen: 17
2.188.76.0/24 maxlen: 24
195.146.63.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.245.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.186.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.72.0/24 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 18 Apr 2023 10:15:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:d4:ac:d8:20:95:7c:71:be:b8:16:c1:14:2b:11:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 18 10:06:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82d68a751c793c9beed206342b9d25ec43279224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2f:5b:ca:1b:27:09:df:89:b7:55:38:53:18:
f7:7b:44:d1:46:37:bf:91:35:20:a4:e2:81:dc:3d:
46:90:9c:4d:7b:02:49:16:a8:3e:58:f9:9a:6b:61:
24:d2:22:dd:6a:ad:c2:84:5f:19:93:31:59:69:e5:
b6:11:42:71:02:0a:64:64:ad:46:6d:b2:04:93:15:
03:b4:2f:92:3e:d8:15:9d:5c:05:5e:d0:b3:bd:d1:
3a:1d:b7:5e:78:c8:e8:75:b3:14:c6:62:70:94:e6:
f9:46:3e:9e:56:95:fd:9e:7e:31:da:5e:57:6a:ff:
9b:2f:ce:8d:c4:05:a8:91:e2:29:31:43:a7:7a:16:
cb:84:59:2b:b6:ba:25:27:e1:75:fe:c5:35:b9:d7:
47:5a:3b:39:6c:37:a2:80:90:11:44:a4:e4:70:3c:
7c:6a:7d:6d:d6:7c:4d:1b:04:43:e9:7c:0d:d8:26:
11:36:71:77:61:ff:b5:ab:39:54:db:9e:90:d6:13:
92:cc:4e:7b:37:bf:87:63:96:5e:3b:a1:ce:08:8b:
60:ba:9a:1e:9d:be:da:e5:75:50:67:94:6f:3c:e4:
64:d7:ac:e5:35:6e:ea:82:ae:07:1f:91:6e:67:76:
18:c5:44:7e:ec:93:32:81:d1:cf:fe:2d:1f:b1:ed:
42:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D6:8A:75:1C:79:3C:9B:EE:D2:06:34:2B:9D:25:EC:43:27:92:24
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/gtaKdRx5PJvu0gY0K50l7EMnkiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/16
2.189.1.0/24
2.189.3.0/24
2.189.44.0/24
2.189.63.0/24
2.189.72.0/24
78.38.245.0/24
78.38.253.0/24
195.146.63.0/24
217.218.67.0/24
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
1d:8d:83:9c:4c:18:e1:63:4f:1d:02:d6:7d:52:2c:a3:cb:c2:
70:68:08:bf:84:62:d4:9a:78:29:c0:a5:83:1e:48:0c:06:e2:
0f:df:52:04:0d:c4:9e:12:45:fa:12:a7:ac:ca:7b:6d:9f:44:
f6:c0:2f:b1:57:d1:be:35:70:73:bf:d0:74:39:5f:ad:32:b8:
a6:90:25:a7:a5:84:36:bf:41:c8:70:eb:f8:a5:f9:5d:8f:cc:
3b:90:67:15:2a:cd:85:dd:cb:e3:4f:9d:1a:2c:6c:02:bc:92:
c0:0a:08:d5:30:f0:77:cf:4e:43:5b:f5:d1:42:f2:f3:c0:bc:
35:f5:b7:70:7a:07:2d:9d:75:04:0a:e1:db:73:a0:e2:8d:e3:
84:94:6b:c3:f7:d0:69:b0:9a:15:98:77:e3:1a:a3:3a:0d:37:
82:cb:dd:34:73:de:89:6a:70:7a:2d:89:a0:b7:53:9f:13:bb:
02:55:0d:f5:55:15:85:f8:cf:09:dc:cd:ba:ed:1a:b2:8c:65:
8b:3e:db:3f:af:72:04:16:12:be:28:41:5d:9f:94:1e:56:03:
85:ae:4c:6d:4c:51:6b:71:47:a2:71:09:90:17:c5:8f:db:cd:
0f:0b:68:cb:12:ad:27:f6:af:c2:c8:b1:26:0d:75:0a:f4:7b:
5f:0e:74:28
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYeT1KzYIJV8cb64FsEUKxGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDE4MTAwNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQ2OGE3NTFjNzkzYzliZWVkMjA2MzQyYjlkMjVlYzQzMjc5MjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi9byhsnCd+Jt1U4Uxj3e0TRRje/
kTUgpOKB3D1GkJxNewJJFqg+WPmaa2Ek0iLdaq3ChF8ZkzFZaeW2EUJxAgpkZK1G
bbIEkxUDtC+SPtgVnVwFXtCzvdE6HbdeeMjodbMUxmJwlOb5Rj6eVpX9nn4x2l5X
av+bL86NxAWokeIpMUOnehbLhFkrtrolJ+F1/sU1uddHWjs5bDeigJARRKTkcDx8
an1t1nxNGwRD6XwN2CYRNnF3Yf+1qzlU256Q1hOSzE57N7+HY5ZeO6HOCItgupoe
nb7a5XVQZ5RvPORk16zlNW7qgq4HH5FuZ3YYxUR+7JMygdHP/i0fse1CpwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFILWinUceTyb7tIGNCudJexDJ5IkMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvZ3RhS2RSeDVQSnZ1MGdZMEs1MGw3RU1ua2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBLBAIAATBFAwMBArADAwAC
uQMDAAK8AwQAAr0BAwQAAr0DAwQAAr0sAwQAAr0/AwQAAr1IAwQATib1AwQATib9
AwQAw5I/AwQA2dpDMA8EAgACMAkDBwAgAUGIAAIwDQYJKoZIhvcNAQELBQADggEB
AB2Ng5xMGOFjTx0C1n1SLKPLwnBoCL+EYtSaeCnApYMeSAwG4g/fUgQNxJ4SRfoS
p6zKe22fRPbAL7FX0b41cHO/0HQ5X60yuKaQJaelhDa/Qchw6/il+V2PzDuQZxUq
zYXdy+NPnRosbAK8ksAKCNUw8HfPTkNb9dFC8vPAvDX1t3B6By2ddQQK4dtzoOKN
44SUa8P30GmwmhWYd+MaozoNN4LL3TRz3olqcHotiaC3U58TuwJVDfVVFYX4zwnc
zbrtGrKMZYs+2z+vcgQWEr4oQV2flB5WA4WuTG1MUWtxR6JxCZAXxY/bzQ8LaMsS
rSf2r8LIsSYNdQr0e18OdCg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org