Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/oCmxuYYCoYCCmVl4OhYm7x_L40c.roa
File: oCmxuYYCoYCCmVl4OhYm7x_L40c.roa (raw, json)
Hash identifier: A9CM7wVP/JaBJ6YqaPdZNBAD3+TU19VWQ0jAfd26Ado=
Subject key identifier: A0:29:B1:B9:86:02:A1:80:82:99:59:78:3A:16:26:EF:1F:CB:E3:47
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0187B4FC887FC86DC9C792F0719C3B8A19B6
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/oCmxuYYCoYCCmVl4OhYm7x_L40c.roa
Signing time: Mon 24 Apr 2023 20:37:41 +0000
ROA not before: Mon 24 Apr 2023 20:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.40.0/21 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
2.188.72.0/22 maxlen: 24
2.189.48.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:fc:88:7f:c8:6d:c9:c7:92:f0:71:9c:3b:8a:19:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 24 20:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a029b1b98602a180829959783a1626ef1fcbe347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:28:c9:a5:02:f5:d3:9c:f6:ab:39:01:34:2a:
59:6a:f6:95:45:27:df:62:aa:f2:b5:a8:72:5a:7f:
93:bb:09:09:fb:01:e6:13:ba:4d:d9:b9:f8:5a:fb:
6b:aa:68:5c:f8:fc:bb:e2:21:b4:7e:84:f5:63:d8:
50:eb:86:11:4f:96:1a:05:d2:50:ba:1a:4c:8f:8d:
c2:e3:ab:dc:a3:1a:15:ec:45:1a:01:19:ad:ca:8b:
fa:24:03:03:4f:62:f5:6d:24:1a:9a:41:74:9f:62:
a4:9c:31:cb:a8:15:35:9e:b5:8f:0f:06:b8:12:0c:
72:f4:84:42:f3:d4:65:db:6d:72:c5:ea:e2:71:0c:
01:a8:38:8c:ef:4a:fa:a8:04:6e:c3:a1:66:a5:5d:
18:10:9b:1d:ae:a9:25:4a:dc:e5:6c:23:77:37:97:
55:b8:74:0e:70:3e:09:04:3c:ba:64:1d:3d:e3:8c:
7f:6d:f2:82:c1:ab:7e:62:54:45:95:d0:95:e1:56:
c0:b4:b8:30:9b:e6:37:8f:fd:2b:01:5e:39:99:f2:
21:bd:51:16:b1:7d:aa:1f:6c:b1:91:07:ab:29:a9:
10:8d:55:7d:3e:3f:5c:9e:33:3b:a5:5a:c9:ce:75:
71:07:fb:db:64:c3:19:c1:ce:37:80:a0:89:93:54:
7f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:29:B1:B9:86:02:A1:80:82:99:59:78:3A:16:26:EF:1F:CB:E3:47
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/oCmxuYYCoYCCmVl4OhYm7x_L40c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.40.0/21
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.80.0/20
2.189.160.0/20
Signature Algorithm: sha256WithRSAEncryption
7c:b4:94:eb:7f:72:0e:41:56:69:c6:4f:1b:b1:6c:48:19:b3:
31:a1:ae:7b:07:9d:74:f9:9c:5d:94:70:56:b1:09:ed:73:a4:
92:0b:27:b5:bf:31:24:70:16:28:43:7a:16:44:20:2a:1d:b9:
72:37:cf:69:ae:97:33:22:f8:56:88:73:d6:e2:86:76:1e:2a:
a9:a4:ab:39:e8:90:77:21:e4:ae:ce:0c:c9:86:ed:22:34:cc:
52:68:5c:b9:63:db:da:89:b4:fd:ec:85:08:3a:0d:23:11:67:
ac:e3:32:ce:9a:f5:e2:ac:b4:00:e5:76:a6:98:e2:eb:46:dd:
be:62:0b:d6:b6:b9:80:4a:55:0e:0e:8d:73:67:f9:53:9b:7c:
eb:c3:6e:9b:71:3b:90:18:1d:00:b9:d6:ce:10:ef:79:fe:17:
23:39:d6:40:a4:6a:40:06:e8:c6:d2:54:ee:d0:76:d6:47:63:
18:eb:97:31:09:4a:3d:c6:6c:61:3c:7e:4f:7b:63:fd:c5:12:
2f:02:15:02:e7:48:1f:02:8c:6b:42:d5:a1:56:29:cc:9a:84:
dd:e4:90:67:6a:9b:26:eb:86:a8:00:e6:9e:42:ca:d9:53:c6:
41:14:53:3e:f2:be:1c:a9:e3:d4:97:be:41:1f:9c:c1:f2:1a:
63:1b:fb:4a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYe0/Ih/yG3Jx5LwcZw7ihm2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDI0MjAzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDI5YjFiOTg2MDJhMTgwODI5OTU5NzgzYTE2MjZlZjFmY2JlMzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSjJpQL105z2qzkBNCpZavaVRSff
YqrytahyWn+TuwkJ+wHmE7pN2bn4Wvtrqmhc+Py74iG0foT1Y9hQ64YRT5YaBdJQ
uhpMj43C46vcoxoV7EUaARmtyov6JAMDT2L1bSQamkF0n2KknDHLqBU1nrWPDwa4
Egxy9IRC89Rl221yxericQwBqDiM70r6qARuw6FmpV0YEJsdrqklStzlbCN3N5dV
uHQOcD4JBDy6ZB0944x/bfKCwat+YlRFldCV4VbAtLgwm+Y3j/0rAV45mfIhvVEW
sX2qH2yxkQerKakQjVV9Pj9cnjM7pVrJznVxB/vbZMMZwc43gKCJk1R/lQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKApsbmGAqGAgplZeDoWJu8fy+NHMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvb0NteHVZWUNvWUNDbVZsNE9oWW03eF9MNDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDArwoAwQC
ArxIAwQDArygAwQBArywAwQGArzAAwQDAr0wAwQEAr1QAwQEAr2gMA0GCSqGSIb3
DQEBCwUAA4IBAQB8tJTrf3IOQVZpxk8bsWxIGbMxoa57B510+ZxdlHBWsQntc6SS
Cye1vzEkcBYoQ3oWRCAqHblyN89prpczIvhWiHPW4oZ2HiqppKs56JB3IeSuzgzJ
hu0iNMxSaFy5Y9vaibT97IUIOg0jEWes4zLOmvXirLQA5XammOLrRt2+YgvWtrmA
SlUODo1zZ/lTm3zrw26bcTuQGB0AudbOEO95/hcjOdZApGpABujG0lTu0HbWR2MY
65cxCUo9xmxhPH5Pe2P9xRIvAhUC50gfAoxrQtWhVinMmoTd5JBnapsm64aoAOae
QsrZU8ZBFFM+8r4cqePUl75BH5zB8hpjG/tK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:02 2023 by rpki-client on console-fra.rpki-client.org