Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/r51059ygIvFdyHVFaR9rUY71O-8.roa
File: r51059ygIvFdyHVFaR9rUY71O-8.roa (raw, json)
Hash identifier: VF5Eu8ac6j1I4bx+WtaFB6bhZ6z181x/GruGOfme/vg=
Subject key identifier: AF:9D:74:E7:DC:A0:22:F1:5D:C8:75:45:69:1F:6B:51:8E:F5:3B:EF
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018C97371428CD5CFA5FE827CF81B65FF9D6
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/r51059ygIvFdyHVFaR9rUY71O-8.roa
Signing time: Sat 23 Dec 2023 15:06:58 +0000
ROA not before: Sat 23 Dec 2023 15:06:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 78.38.25.0/24 maxlen: 24
2.188.40.0/21 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
2.188.72.0/22 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.243.0/24 maxlen: 24
2.188.225.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
2.182.172.0/24 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.59.0/24 maxlen: 24
2.189.48.0/21 maxlen: 24
2.189.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:37:14:28:cd:5c:fa:5f:e8:27:cf:81:b6:5f:f9:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Dec 23 15:06:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af9d74e7dca022f15dc87545691f6b518ef53bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4e:e7:6e:61:e6:1e:c3:a6:ea:29:ad:2f:2a:
84:dd:49:9d:4c:d4:95:4d:a7:14:2e:0b:7a:28:e5:
09:cb:0c:6e:de:96:bb:f2:23:e1:00:7a:9d:f3:4f:
13:f5:7c:36:2a:66:b6:26:63:71:f2:81:07:d3:2e:
14:c2:e7:8f:a5:d8:ed:09:63:23:60:64:7a:47:60:
56:38:d7:6f:98:3f:8c:e1:68:18:32:0a:08:e3:8e:
3c:fc:93:34:29:e4:4a:60:d0:af:f1:69:5f:e3:12:
b0:1f:49:61:fa:6b:3c:5f:81:45:ed:ca:cb:d3:7e:
72:01:e0:f4:a3:dd:26:8b:07:7d:22:d6:8e:16:58:
41:6a:dc:20:6d:d3:f9:dc:07:af:47:5a:03:94:db:
43:6f:ee:46:5f:38:b4:c2:5a:3e:1c:74:ec:81:be:
aa:cc:32:2d:b0:39:6e:f9:ae:c5:1f:34:e7:86:f6:
dd:d4:32:a8:fa:45:6a:a4:22:be:85:eb:d9:82:78:
03:a4:e5:00:f6:46:8d:7a:26:38:cc:74:70:40:d1:
25:60:e4:e1:bd:1e:0a:1a:f0:5a:f3:ee:a7:3b:64:
24:e1:fb:cd:7e:7c:73:f2:4c:fc:86:21:e0:8c:88:
eb:55:39:8d:d4:2b:62:64:b1:2d:6f:bd:c6:61:33:
5c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:9D:74:E7:DC:A0:22:F1:5D:C8:75:45:69:1F:6B:51:8E:F5:3B:EF
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/r51059ygIvFdyHVFaR9rUY71O-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.182.172.0/24
2.188.40.0/21
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.64.0/22
2.189.80.0/20
2.189.160.0/20
78.38.25.0/24
78.38.243.0/24
78.38.246.0/24
78.38.248.0/24
78.38.250.0/23
78.38.254.0/24
78.39.40.0/24
78.39.43.0/24
78.39.46.0-78.39.51.255
78.39.53.0-78.39.59.255
78.39.62.0/23
78.39.155.0-78.39.156.255
Signature Algorithm: sha256WithRSAEncryption
11:50:52:e6:29:82:1d:25:13:e4:d6:16:76:28:1b:60:96:77:
86:ac:51:df:44:be:18:49:7c:fc:bd:4f:4f:99:4c:6f:6d:3e:
36:3e:21:2d:e9:b5:fe:2c:2d:8c:72:f7:20:56:d6:44:e1:e6:
e0:74:19:cd:81:2c:2b:a9:b8:f1:a9:3b:72:d6:59:aa:fd:b2:
7d:cb:38:04:94:f3:f9:bd:51:fc:77:8c:96:b4:a0:05:ec:27:
87:d9:66:43:9c:8d:b2:31:b5:a2:8a:08:c4:d3:cf:18:2b:b6:
83:e4:cf:28:cf:f1:bc:0e:95:b2:a7:6c:fe:37:81:c8:f9:e2:
09:7e:99:98:36:93:ad:ac:7d:e2:34:9d:49:2c:79:2f:6d:be:
e1:be:ff:53:25:cc:6d:43:64:6e:81:96:fc:86:f8:3e:69:c1:
60:69:14:1a:4c:9e:1d:88:8f:55:43:18:3d:24:66:8f:41:c3:
01:20:b4:5c:8e:87:06:0f:54:b0:08:1e:ca:42:91:ac:61:56:
87:c3:88:ff:c5:fa:f0:c3:5f:8b:9e:a4:3d:86:11:8b:87:c1:
15:35:3b:0d:dd:30:9d:77:e8:82:28:1a:9c:68:9d:3d:81:0d:
17:59:96:7d:5e:11:9c:4f:01:0f:37:e8:bb:0c:82:c2:80:63:
91:cd:c9:4d
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYyXNxQozVz6X+gnz4G2X/nWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMxMjIzMTUwNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjlkNzRlN2RjYTAyMmYxNWRjODc1NDU2OTFmNmI1MThlZjUzYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu07nbmHmHsOm6imtLyqE3UmdTNSV
TacULgt6KOUJywxu3pa78iPhAHqd808T9Xw2Kma2JmNx8oEH0y4UwuePpdjtCWMj
YGR6R2BWONdvmD+M4WgYMgoI4448/JM0KeRKYNCv8Wlf4xKwH0lh+ms8X4FF7crL
035yAeD0o90miwd9ItaOFlhBatwgbdP53AevR1oDlNtDb+5GXzi0wlo+HHTsgb6q
zDItsDlu+a7FHzTnhvbd1DKo+kVqpCK+hevZgngDpOUA9kaNeiY4zHRwQNElYOTh
vR4KGvBa8+6nO2Qk4fvNfnxz8kz8hiHgjIjrVTmN1CtiZLEtb73GYTNcbQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFK+ddOfcoCLxXch1RWkfa1GO9TvvMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvcjUxMDU5eWdJdkZkeUhWRmFSOXJVWTcxTy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAAC
tqwDBAMCvCgDBAICvEgDBAMCvKADBAECvLADBAYCvMADBAMCvTADBAICvUADBAQC
vVADBAQCvaADBABOJhkDBABOJvMDBABOJvYDBABOJvgDBAFOJvoDBABOJv4DBABO
JygDBABOJyswDAMEAU4nLgMEAk4nMDAMAwQATic1AwQCTic4AwQBTic+MAwDBABO
J5sDBABOJ5wwDQYJKoZIhvcNAQELBQADggEBABFQUuYpgh0lE+TWFnYoG2CWd4as
Ud9EvhhJfPy9T0+ZTG9tPjY+IS3ptf4sLYxy9yBW1kTh5uB0Gc2BLCupuPGpO3LW
War9sn3LOASU8/m9Ufx3jJa0oAXsJ4fZZkOcjbIxtaKKCMTTzxgrtoPkzyjP8bwO
lbKnbP43gcj54gl+mZg2k62sfeI0nUkseS9tvuG+/1MlzG1DZG6BlvyG+D5pwWBp
FBpMnh2Ij1VDGD0kZo9BwwEgtFyOhwYPVLAIHspCkaxhVofDiP/F+vDDX4uepD2G
EYuHwRU1Ow3dMJ136IIoGpxonT2BDRdZln1eEZxPAQ836LsMgsKAY5HNyU0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org