Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/w6d9Ed7gcGKnSOkzAg6VxP-9yRU.roa
File: w6d9Ed7gcGKnSOkzAg6VxP-9yRU.roa (raw, json)
Hash identifier: wSoyTbnyJWKR2dPINorkLUoPFCKYtGHv6TSecNgz4XM=
Subject key identifier: C3:A7:7D:11:DE:E0:70:62:A7:48:E9:33:02:0E:95:C4:FF:BD:C9:15
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 01881A6C10B8108E5CC39FC08689CF750174
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/w6d9Ed7gcGKnSOkzAg6VxP-9yRU.roa
Signing time: Sun 14 May 2023 13:21:09 +0000
ROA not before: Sun 14 May 2023 13:21:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.0.0/16 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
78.39.153.0/24 maxlen: 25
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.246.0/24 maxlen: 24
78.38.245.0/24 maxlen: 24
78.38.243.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
2.177.0.0/16 maxlen: 16
80.191.0.0/16 maxlen: 24
217.218.0.0/16 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.59.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
78.38.0.0/16 maxlen: 24
2.176.128.0/17 maxlen: 17
195.146.63.0/24 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.189.0.0/16 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.186.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
217.219.0.0/16 maxlen: 24
2.188.187.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.189.44.0/24 maxlen: 24
2.189.63.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 May 2023 14:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1a:6c:10:b8:10:8e:5c:c3:9f:c0:86:89:cf:75:01:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 14 13:21:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3a77d11dee07062a748e933020e95c4ffbdc915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:78:65:4a:f2:83:91:8f:18:1a:f8:f5:01:6f:
41:96:19:6d:a9:45:25:8a:b2:32:dd:9b:49:b7:b3:
c6:0a:32:11:d0:c9:7c:6d:66:f1:5c:1f:6b:f5:49:
17:38:0d:30:57:be:57:8b:f6:d4:0f:2d:64:ce:2d:
41:31:2b:f2:85:92:d0:68:95:72:6d:ee:28:e2:21:
78:1a:fb:3a:3e:d5:7f:3b:25:2d:fb:b4:c3:70:e7:
ce:da:59:56:b4:15:7c:27:28:81:64:5b:df:fa:47:
1e:80:03:ff:61:47:cd:26:22:39:6c:eb:09:5a:a2:
56:59:fc:33:22:70:d1:44:42:65:f7:f5:15:7a:64:
c4:50:23:de:f2:57:d5:f8:e6:e7:29:d1:40:a3:f9:
39:55:cd:a8:a1:e5:d2:1f:04:fe:e2:2b:ea:ff:bc:
97:70:07:ac:10:5e:49:0e:52:fd:7e:57:14:b3:31:
a4:29:23:56:db:8c:9d:8a:af:ce:11:d0:17:17:98:
35:2d:f1:9d:34:f2:9e:3f:38:df:33:e1:35:e5:6e:
10:2d:bf:7d:4a:9f:65:f9:3e:56:85:f2:03:0e:fc:
31:af:94:75:a1:39:ef:e7:87:f2:b0:c5:f9:13:58:
21:48:fc:b6:28:10:c0:ed:01:c1:8d:34:d7:17:d2:
0d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A7:7D:11:DE:E0:70:62:A7:48:E9:33:02:0E:95:C4:FF:BD:C9:15
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/w6d9Ed7gcGKnSOkzAg6VxP-9yRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/15
78.38.0.0/15
80.191.0.0/16
195.146.63.0/24
217.218.0.0/15
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
a1:06:81:a2:e1:ee:3b:d6:49:0e:aa:2e:33:23:2f:38:7b:b6:
60:9d:ce:29:fe:61:e3:0f:07:3d:a1:96:41:a2:2d:52:62:20:
7a:a3:ca:23:70:49:0a:af:c2:29:cd:ce:90:1c:30:c3:54:15:
0c:5d:89:5a:a1:aa:c4:d0:e0:2f:43:b4:b6:76:88:8f:9b:d2:
a6:cd:1b:0a:83:35:54:b9:f3:b2:83:c6:20:8b:cc:70:05:c6:
37:ee:f2:82:6b:9e:de:48:ad:57:b3:ea:1e:1b:d5:ef:e3:e3:
5e:84:b9:bd:b3:e9:92:d8:41:d7:4d:1c:07:7e:e7:7c:af:ce:
1b:f9:6f:58:3f:85:6c:2c:d7:d2:e8:56:cc:db:82:65:6d:4b:
0f:bc:1c:5a:7b:27:f3:fb:92:46:b0:d0:c3:72:47:55:fe:1a:
22:86:98:dd:6e:ab:fc:6f:59:c5:42:47:00:1f:82:46:09:a1:
6d:34:02:5c:e2:a9:b5:3c:de:bc:3e:be:44:bf:63:1c:38:80:
5b:20:f1:14:7d:4d:27:11:a3:56:67:e4:eb:1b:cb:c0:de:18:
be:5f:ce:aa:1a:f4:a6:84:05:f4:7b:6f:6e:75:72:dd:bc:a5:
1d:18:83:92:d4:8d:f0:4e:f4:27:0e:8f:53:0d:b5:87:98:7b:
43:2e:e6:25
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYgabBC4EI5cw5/AhonPdQF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTE0MTMyMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2E3N2QxMWRlZTA3MDYyYTc0OGU5MzMwMjBlOTVjNGZmYmRjOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHhlSvKDkY8YGvj1AW9BlhltqUUl
irIy3ZtJt7PGCjIR0Ml8bWbxXB9r9UkXOA0wV75Xi/bUDy1kzi1BMSvyhZLQaJVy
be4o4iF4Gvs6PtV/OyUt+7TDcOfO2llWtBV8JyiBZFvf+kcegAP/YUfNJiI5bOsJ
WqJWWfwzInDRREJl9/UVemTEUCPe8lfV+ObnKdFAo/k5Vc2ooeXSHwT+4ivq/7yX
cAesEF5JDlL9flcUszGkKSNW24ydiq/OEdAXF5g1LfGdNPKePzjfM+E15W4QLb99
Sp9l+T5WhfIDDvwxr5R1oTnv54fysMX5E1ghSPy2KBDA7QHBjTTXF9INgwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFMOnfRHe4HBip0jpMwIOlcT/vckVMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvdzZkOUVkN2djR0tuU09rekFnNlZ4UC05eVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwMBArADAwAC
uQMDAQK8AwMBTiYDAwBQvwMEAMOSPwMDAdnaMA8EAgACMAkDBwAgAUGIAAIwDQYJ
KoZIhvcNAQELBQADggEBAKEGgaLh7jvWSQ6qLjMjLzh7tmCdzin+YeMPBz2hlkGi
LVJiIHqjyiNwSQqvwinNzpAcMMNUFQxdiVqhqsTQ4C9DtLZ2iI+b0qbNGwqDNVS5
87KDxiCLzHAFxjfu8oJrnt5IrVez6h4b1e/j416Eub2z6ZLYQddNHAd+53yvzhv5
b1g/hWws19LoVszbgmVtSw+8HFp7J/P7kkaw0MNyR1X+GiKGmN1uq/xvWcVCRwAf
gkYJoW00AlziqbU83rw+vkS/Yxw4gFsg8RR9TScRo1Zn5Osby8DeGL5fzqoa9KaE
BfR7b251ct28pR0Yg5LUjfBO9CcOj1MNtYeYe0Mu5iU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org