Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ocZkdaOQAVKgnacyb07F_FNA6jM.roa
File: ocZkdaOQAVKgnacyb07F_FNA6jM.roa (raw, json)
Hash identifier: QOIuqwKEg/qL60YlIEGw2PHqm65V/M8birAZNFJoeGc=
Subject key identifier: A1:C6:64:75:A3:90:01:52:A0:9D:A7:32:6F:4E:C5:FC:53:40:EA:33
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018790A31CF312540FBED780BCFFF36471CB
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ocZkdaOQAVKgnacyb07F_FNA6jM.roa
Signing time: Mon 17 Apr 2023 19:13:41 +0000
ROA not before: Mon 17 Apr 2023 19:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.176.128.0/17 maxlen: 17
2.188.76.0/24 maxlen: 24
195.146.63.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.245.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.186.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.72.0/24 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 18 Apr 2023 10:06:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:90:a3:1c:f3:12:54:0f:be:d7:80:bc:ff:f3:64:71:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 17 19:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1c66475a3900152a09da7326f4ec5fc5340ea33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f3:b3:27:f1:7b:de:53:24:29:bf:57:27:78:
2e:db:1a:cc:2b:6c:65:8a:08:43:09:9b:ba:8c:94:
7e:0f:ed:0e:68:f1:ce:8d:62:f5:d4:a0:7a:bd:6e:
25:e4:0e:1b:2f:cb:f8:43:53:c2:3c:f4:a0:d9:fa:
d2:be:90:f2:27:98:85:68:25:7b:30:2c:17:58:d6:
02:b1:1a:bb:50:2f:f7:85:d5:e3:32:6b:90:1e:38:
e8:e8:fb:59:6b:5e:eb:78:a5:5f:8a:a0:de:e2:35:
7d:db:14:f5:c2:98:f9:25:a0:3f:5e:d1:32:1a:c2:
67:e1:9d:0c:04:99:55:f7:35:8f:b6:ae:c9:c5:52:
63:33:ce:c5:2f:d0:17:99:d7:3e:9d:3b:13:e3:ff:
fc:94:d8:b2:da:54:95:cd:85:0b:ea:32:01:b7:35:
c4:03:83:cb:ae:31:88:91:11:13:1b:e6:45:5e:8c:
48:96:df:08:29:e6:7c:8a:f7:a8:17:25:b9:c7:5d:
f2:08:b6:7c:52:58:ee:d8:31:5f:45:ab:d8:49:55:
85:84:ef:cb:fc:c0:21:b9:5d:25:67:3c:e5:d8:84:
45:b3:34:8d:23:25:31:75:1e:4c:cf:60:84:74:7b:
e4:cf:6d:9c:49:af:fb:da:36:02:2e:97:00:15:f2:
2a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C6:64:75:A3:90:01:52:A0:9D:A7:32:6F:4E:C5:FC:53:40:EA:33
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ocZkdaOQAVKgnacyb07F_FNA6jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/23
2.188.7.0/24
2.188.9.0/24
2.188.12.0/22
2.188.17.0/24
2.188.22.0/23
2.188.28.0/24
2.188.30.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.181.0/24
2.188.184.0/22
2.189.1.0/24
2.189.3.0/24
2.189.44.0/24
2.189.63.0/24
2.189.72.0/24
78.38.245.0/24
78.38.253.0/24
195.146.63.0/24
217.218.67.0/24
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
50:aa:8c:0a:90:9a:d8:ef:f9:9e:4f:1c:ef:c2:9e:43:38:0b:
8a:1f:87:10:a0:d9:b1:58:80:4a:8d:85:c9:ee:56:3c:b3:60:
6a:c3:bc:97:7f:1f:e6:44:d4:03:fc:a7:ff:20:fe:62:f3:bd:
79:89:49:73:88:38:d9:54:02:cd:a3:94:e4:c6:5c:4b:dc:8f:
c3:d6:b4:50:ee:dd:fb:35:93:4f:a8:cc:b3:52:bd:a4:c2:5d:
9a:25:01:73:31:14:31:3e:f7:68:f0:cf:87:e8:71:f4:79:59:
38:9c:43:3d:44:83:fc:2e:f4:3a:ab:74:37:b7:ec:eb:a8:7a:
69:8a:f5:fb:5e:da:41:b0:c5:a1:d4:3c:45:8c:91:51:68:5c:
cd:1d:13:d2:d7:cc:52:cb:6b:5c:0f:c3:a0:f3:87:20:fc:a5:
ac:7d:90:67:95:5f:f6:dd:cb:1f:47:fc:44:49:14:24:8f:c2:
9b:2b:d2:f8:c0:a3:b9:dc:a6:bb:7d:29:a8:66:1b:6b:c0:d6:
95:4a:d5:e9:32:9f:ec:b5:30:00:20:ea:0d:01:0c:b2:9c:61:
54:fb:dc:1a:3a:59:9e:7b:3f:db:ab:66:18:2a:f3:91:c3:35:
ec:4b:30:71:4c:d5:13:5d:c1:56:ee:26:3a:5f:6f:df:db:47:
cd:f0:f8:3b
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYeQoxzzElQPvteAvP/zZHHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDE3MTkxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM2NjQ3NWEzOTAwMTUyYTA5ZGE3MzI2ZjRlYzVmYzUzNDBlYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvOzJ/F73lMkKb9XJ3gu2xrMK2xl
ighDCZu6jJR+D+0OaPHOjWL11KB6vW4l5A4bL8v4Q1PCPPSg2frSvpDyJ5iFaCV7
MCwXWNYCsRq7UC/3hdXjMmuQHjjo6PtZa17reKVfiqDe4jV92xT1wpj5JaA/XtEy
GsJn4Z0MBJlV9zWPtq7JxVJjM87FL9AXmdc+nTsT4//8lNiy2lSVzYUL6jIBtzXE
A4PLrjGIkRETG+ZFXoxIlt8IKeZ8iveoFyW5x13yCLZ8Ulju2DFfRavYSVWFhO/L
/MAhuV0lZzzl2IRFszSNIyUxdR5Mz2CEdHvkz22cSa/72jYCLpcAFfIq4wIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFKHGZHWjkAFSoJ2nMm9OxfxTQOozMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvb2Naa2RhT1FBVktnbmFjeWIwN0ZfRk5BNmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlQQCAAEwgY4DAwEC
sAMDAAK5AwQBArwAAwQAArwHAwQAArwJAwQCArwMAwQAArwRAwQBArwWAwQAArwc
AwQAArweAwQDArxAAwQAArxMAwQAAryzAwQAAry1AwQCAry4AwQAAr0BAwQAAr0D
AwQAAr0sAwQAAr0/AwQAAr1IAwQATib1AwQATib9AwQAw5I/AwQA2dpDMA8EAgAC
MAkDBwAgAUGIAAIwDQYJKoZIhvcNAQELBQADggEBAFCqjAqQmtjv+Z5PHO/CnkM4
C4ofhxCg2bFYgEqNhcnuVjyzYGrDvJd/H+ZE1AP8p/8g/mLzvXmJSXOIONlUAs2j
lOTGXEvcj8PWtFDu3fs1k0+ozLNSvaTCXZolAXMxFDE+92jwz4focfR5WTicQz1E
g/wu9DqrdDe37OuoemmK9fte2kGwxaHUPEWMkVFoXM0dE9LXzFLLa1wPw6DzhyD8
pax9kGeVX/bdyx9H/ERJFCSPwpsr0vjAo7ncprt9KahmG2vA1pVK1ekyn+y1MAAg
6g0BDLKcYVT73Bo6WZ57P9urZhgq85HDNexLMHFM1RNdwVbuJjpfb9/bR83w+Ds=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org