Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/iUdKO5tINbqo6NAgKqD6U1hXALs.roa
File: iUdKO5tINbqo6NAgKqD6U1hXALs.roa (raw, json)
Hash identifier: ZS3omieDmU+07uP0y7YON0IDKGM2Zznzz0iTCXp+nns=
Subject key identifier: 89:47:4A:3B:9B:48:35:BA:A8:E8:D0:20:2A:A0:FA:53:58:57:00:BB
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0187D29A032B9DCE3C1983F5DB4EA2EACF52
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/iUdKO5tINbqo6NAgKqD6U1hXALs.roa
Signing time: Sun 30 Apr 2023 14:38:41 +0000
ROA not before: Sun 30 Apr 2023 14:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.40.0/21 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
2.188.72.0/22 maxlen: 24
2.189.48.0/21 maxlen: 24
2.189.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 May 2023 16:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d2:9a:03:2b:9d:ce:3c:19:83:f5:db:4e:a2:ea:cf:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 30 14:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89474a3b9b4835baa8e8d0202aa0fa53585700bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:15:38:d9:6f:fb:85:fa:20:3e:c4:2b:6b:99:
10:e2:0d:8d:5e:f0:5c:e8:c6:ee:54:6a:ca:c3:a6:
e0:bd:15:4b:fe:2b:2f:27:63:88:bc:d7:be:40:f0:
4c:cf:d9:dd:7c:e7:8d:2e:5e:cf:04:95:3a:07:76:
32:b7:37:e8:c9:6c:39:09:ec:3e:24:8c:3c:5e:76:
44:99:61:6b:63:43:60:7e:6d:68:69:ca:dc:2e:ba:
e3:5d:ee:64:73:e5:28:34:71:83:39:ed:82:72:7c:
b3:39:f1:60:11:0a:08:a5:1a:1c:4b:43:be:95:da:
fb:3d:71:fb:67:69:63:ff:26:b8:8a:29:d0:4c:b1:
04:db:9f:54:dd:6d:94:3e:e3:df:9e:fb:81:40:d2:
2b:77:5a:f0:31:5a:26:9a:1c:a8:e6:9a:1d:9d:dc:
8b:92:f6:f5:9b:4a:18:0a:ba:0e:23:99:f0:25:a4:
32:86:f8:89:a9:02:03:7d:5c:b1:3a:00:7a:45:0e:
37:30:0a:c1:94:d4:b2:de:12:00:5a:99:6c:ee:5f:
3f:44:5f:d3:4b:6f:30:fa:b1:be:22:09:a6:92:1b:
41:94:b2:1a:06:7a:51:35:ee:5f:b5:55:14:be:e3:
d6:ac:3f:d2:0d:89:2a:0d:bb:5d:b6:c2:5b:74:39:
11:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:47:4A:3B:9B:48:35:BA:A8:E8:D0:20:2A:A0:FA:53:58:57:00:BB
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/iUdKO5tINbqo6NAgKqD6U1hXALs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.40.0/21
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.64.0/22
2.189.80.0/20
2.189.160.0/20
Signature Algorithm: sha256WithRSAEncryption
5a:73:58:2e:c8:ee:d8:a1:93:3b:4b:7a:97:74:b3:cc:70:18:
b9:5f:0f:a7:fc:e8:f6:d8:65:8a:00:bc:71:a8:22:74:f9:62:
06:71:b1:8a:c8:1f:52:2b:e6:9c:bd:9b:f6:80:e3:e7:35:18:
bd:d8:f8:a4:bb:cd:12:b9:f5:aa:38:d6:8d:68:9e:13:71:09:
1d:1c:67:3f:37:3d:90:d4:84:12:8d:ea:35:90:ec:e6:cf:c1:
1b:bc:9e:7c:bb:2b:32:72:7e:e6:b9:1f:3c:03:06:9b:7c:a3:
77:e6:88:ea:04:f0:ac:cb:3e:83:32:fb:18:98:b8:10:9d:0c:
22:79:fc:de:b5:2e:d0:35:04:19:5a:7f:5a:f3:4e:fb:5b:da:
cb:eb:ef:35:23:37:a3:c0:b3:59:bc:49:cb:0e:d8:83:59:fe:
9e:90:f1:57:90:36:02:2d:43:08:a1:89:2e:37:2e:a8:88:cb:
d6:79:67:99:20:16:6e:8d:74:12:90:8c:b1:b6:1c:07:f5:e1:
ec:1e:39:0b:5c:68:47:69:6a:60:ec:32:fa:55:c3:74:33:64:
6a:68:a0:c0:19:6a:ed:e5:f0:0f:43:61:e3:fa:73:6c:f9:49:
a9:e0:36:a4:97:39:e5:a7:f3:ce:a7:ac:8c:57:65:7b:5d:05:
c7:7b:5a:06
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYfSmgMrnc48GYP1206i6s9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDMwMTQzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQ3NGEzYjliNDgzNWJhYThlOGQwMjAyYWEwZmE1MzU4NTcwMGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxU42W/7hfogPsQra5kQ4g2NXvBc
6MbuVGrKw6bgvRVL/isvJ2OIvNe+QPBMz9ndfOeNLl7PBJU6B3YytzfoyWw5Cew+
JIw8XnZEmWFrY0Ngfm1oacrcLrrjXe5kc+UoNHGDOe2CcnyzOfFgEQoIpRocS0O+
ldr7PXH7Z2lj/ya4iinQTLEE259U3W2UPuPfnvuBQNIrd1rwMVommhyo5podndyL
kvb1m0oYCroOI5nwJaQyhviJqQIDfVyxOgB6RQ43MArBlNSy3hIAWpls7l8/RF/T
S28w+rG+IgmmkhtBlLIaBnpRNe5ftVUUvuPWrD/SDYkqDbtdtsJbdDkRjwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIlHSjubSDW6qOjQICqg+lNYVwC7MB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvaVVkS081dElOYnFvNk5BZ0txRDZVMWhYQUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDArwoAwQC
ArxIAwQDArygAwQBArywAwQGArzAAwQDAr0wAwQCAr1AAwQEAr1QAwQEAr2gMA0G
CSqGSIb3DQEBCwUAA4IBAQBac1guyO7YoZM7S3qXdLPMcBi5Xw+n/Oj22GWKALxx
qCJ0+WIGcbGKyB9SK+acvZv2gOPnNRi92Piku80SufWqONaNaJ4TcQkdHGc/Nz2Q
1IQSjeo1kOzmz8EbvJ58uysycn7muR88AwabfKN35ojqBPCsyz6DMvsYmLgQnQwi
efzetS7QNQQZWn9a8077W9rL6+81IzejwLNZvEnLDtiDWf6ekPFXkDYCLUMIoYku
Ny6oiMvWeWeZIBZujXQSkIyxthwH9eHsHjkLXGhHaWpg7DL6VcN0M2RqaKDAGWrt
5fAPQ2Hj+nNs+Ump4Daklznlp/POp6yMV2V7XQXHe1oG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org