Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/vh7nL-3MmbQg1peamRL6NqTHmj4.roa
File: vh7nL-3MmbQg1peamRL6NqTHmj4.roa (raw, json)
Hash identifier: ffCMyDP1NgSj0HuJy2Bla0O0qPg2+IwYyX33pqonK14=
Subject key identifier: BE:1E:E7:2F:ED:CC:99:B4:20:D6:97:9A:99:12:FA:36:A4:C7:9A:3E
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018571B9EE4652D025FDAD171D73F8840935
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/vh7nL-3MmbQg1peamRL6NqTHmj4.roa
Signing time: Mon 02 Jan 2023 09:04:48 +0000
ROA not before: Mon 02 Jan 2023 09:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 20
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 20
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.192.0/19 maxlen: 19
2.188.212.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 09 Apr 2023 16:27:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:ee:46:52:d0:25:fd:ad:17:1d:73:f8:84:09:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 09:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be1ee72fedcc99b420d6979a9912fa36a4c79a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b4:0b:02:d2:5a:4c:2e:51:59:c2:e9:df:45:
ac:5a:dc:a6:3f:1c:0c:14:fb:12:ca:2c:96:3c:9f:
a8:dd:7a:26:ef:c3:0a:6d:8e:95:b6:4e:33:fd:e4:
ca:4f:3f:09:3d:29:7b:ae:09:91:57:5d:31:cf:d1:
28:18:60:6e:f1:a9:0c:b2:89:e5:42:e2:b6:cb:7b:
6e:4e:ef:9a:c1:fd:d5:cb:28:d0:f9:ec:67:43:64:
1b:72:51:96:be:20:79:0f:e5:04:0d:20:df:d1:2c:
fb:b6:42:7b:ea:e7:97:5f:d8:b6:46:b4:9c:51:4c:
6a:19:9d:39:78:2e:5e:30:98:ed:c5:54:00:5f:e1:
b4:dd:0e:cb:0d:9c:f7:f1:25:6f:74:4e:9f:9a:95:
8a:3f:03:65:1b:db:04:57:f8:95:6a:06:6f:fb:5d:
72:06:58:4d:bc:ed:d0:94:fe:fa:99:79:ed:72:b4:
c5:78:24:4a:fb:e7:88:2e:ff:3c:45:7b:34:a4:43:
9b:c5:c7:bd:7f:e1:b2:cf:19:87:00:8e:81:f5:bd:
74:e5:79:6a:ca:a2:7a:ad:d6:05:18:8b:66:0c:ec:
58:a4:a7:5b:3f:f4:8a:4b:ad:95:de:51:bc:a2:c9:
8f:6d:e1:71:90:69:45:97:cc:e0:58:e8:87:9b:21:
93:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1E:E7:2F:ED:CC:99:B4:20:D6:97:9A:99:12:FA:36:A4:C7:9A:3E
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/vh7nL-3MmbQg1peamRL6NqTHmj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.160.0/21
2.188.192.0/18
Signature Algorithm: sha256WithRSAEncryption
a9:c1:93:98:02:40:06:8e:d8:3a:34:3f:0f:4f:7e:4c:12:26:
1a:db:1b:d6:f9:07:da:a0:f4:3c:26:9c:28:c1:2b:97:dd:b0:
0c:61:a3:00:e4:7d:cc:5b:21:3c:b4:de:a1:bd:2e:9b:f4:7a:
ac:81:0b:b9:d7:50:5b:75:a3:93:94:d5:be:10:a1:da:d8:1e:
a7:48:bd:3d:e7:a3:7f:98:b5:db:c2:f1:a7:b6:84:3c:39:78:
a0:9a:d1:63:c5:bd:9b:35:11:21:a4:f8:3b:7d:30:1d:3c:ae:
01:f0:d3:9f:40:28:c7:ce:cd:a3:f1:d4:ec:5c:67:71:ce:a1:
29:06:31:36:ef:56:d6:72:14:4f:55:ea:61:3d:4e:f3:9d:db:
11:d6:69:3a:21:7c:ce:d4:b0:63:1e:5c:b6:67:23:eb:a7:e0:
e1:74:fa:f6:d0:67:f2:62:c9:14:75:de:5d:70:fd:cd:19:5a:
fb:f0:5e:fe:f8:2a:65:66:04:d5:51:2d:90:1d:4e:ce:5d:a9:
66:18:3b:4f:8a:b7:c7:e6:01:20:36:c5:88:7f:9d:20:f2:31:
6e:cd:51:01:10:74:26:a5:ac:e5:73:8c:74:a5:26:8c:6a:8f:
a9:04:75:65:54:e0:4b:49:3b:e4:de:ff:d5:e2:da:cf:fd:75:
c7:2b:58:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxue5GUtAl/a0XHXP4hAk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwMTAyMDkwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFlZTcyZmVkY2M5OWI0MjBkNjk3OWE5OTEyZmEzNmE0Yzc5YTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLQLAtJaTC5RWcLp30WsWtymPxwM
FPsSyiyWPJ+o3Xom78MKbY6Vtk4z/eTKTz8JPSl7rgmRV10xz9EoGGBu8akMsonl
QuK2y3tuTu+awf3VyyjQ+exnQ2QbclGWviB5D+UEDSDf0Sz7tkJ76ueXX9i2RrSc
UUxqGZ05eC5eMJjtxVQAX+G03Q7LDZz38SVvdE6fmpWKPwNlG9sEV/iVagZv+11y
BlhNvO3QlP76mXntcrTFeCRK++eILv88RXs0pEObxce9f+GyzxmHAI6B9b105Xlq
yqJ6rdYFGItmDOxYpKdbP/SKS62V3lG8osmPbeFxkGlFl8zgWOiHmyGTOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL4e5y/tzJm0INaXmpkS+jakx5o+MB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvdmg3bkwtM01tYlFnMXBlYW1STDZOcVRIbWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDArygAwQG
ArzAMA0GCSqGSIb3DQEBCwUAA4IBAQCpwZOYAkAGjtg6ND8PT35MEiYa2xvW+Qfa
oPQ8JpwowSuX3bAMYaMA5H3MWyE8tN6hvS6b9HqsgQu511BbdaOTlNW+EKHa2B6n
SL0956N/mLXbwvGntoQ8OXigmtFjxb2bNREhpPg7fTAdPK4B8NOfQCjHzs2j8dTs
XGdxzqEpBjE271bWchRPVephPU7zndsR1mk6IXzO1LBjHly2ZyPrp+DhdPr20Gfy
YskUdd5dcP3NGVr78F7++CplZgTVUS2QHU7OXalmGDtPirfH5gEgNsWIf50g8jFu
zVEBEHQmpazlc4x0pSaMao+pBHVlVOBLSTvk3v/V4trP/XXHK1he
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org