Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/w_4_jlFkYJ9tY4kPPFoM3S1enVw.roa
File: w_4_jlFkYJ9tY4kPPFoM3S1enVw.roa (raw, json)
Hash identifier: uByePnm+mq9RzLXYBeh51rMKrsaM20leQ1jsSF2TuMs=
Subject key identifier: C3:FE:3F:8E:51:64:60:9F:6D:63:89:0F:3C:5A:0C:DD:2D:5E:9D:5C
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018819FE32C0D4014BD78086A0698C73B274
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/w_4_jlFkYJ9tY4kPPFoM3S1enVw.roa
Signing time: Sun 14 May 2023 11:21:09 +0000
ROA not before: Sun 14 May 2023 11:21:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 78.38.25.0/24 maxlen: 24
2.188.40.0/21 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
78.39.153.0/24 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
2.188.72.0/22 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.243.0/24 maxlen: 24
2.188.225.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.59.0/24 maxlen: 24
2.189.48.0/21 maxlen: 24
2.189.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Oct 2023 20:10:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:19:fe:32:c0:d4:01:4b:d7:80:86:a0:69:8c:73:b2:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 14 11:21:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3fe3f8e5164609f6d63890f3c5a0cdd2d5e9d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f0:85:d8:21:05:98:e3:3d:e8:a3:e6:25:62:
c7:e5:af:05:d4:65:4b:b5:28:9e:6e:dc:79:54:56:
8e:79:91:fd:0b:d0:2b:a0:70:b9:c5:55:63:8a:9f:
cc:1b:c7:8a:c1:de:40:b3:ec:1d:d8:cb:45:56:ef:
a7:7c:14:f0:ee:8f:bf:7e:10:dc:2b:34:1d:17:36:
78:9b:aa:47:39:1b:0c:e2:2d:e7:05:14:ca:3a:0d:
94:bd:58:9e:30:3d:59:0f:39:66:e0:d3:cc:76:fd:
f3:ed:38:26:32:15:53:aa:09:d0:0d:52:62:31:44:
c1:05:f2:8b:58:44:33:90:b8:36:50:59:df:61:83:
0c:92:39:b1:6c:2f:11:93:cf:f0:3f:71:e7:7c:ec:
76:53:04:dc:e3:a1:58:2d:08:33:10:0f:72:d0:cb:
2a:af:09:a8:49:59:79:5e:25:43:20:c0:ad:dc:db:
15:2c:a7:8f:7f:1d:14:6c:f7:4b:19:bb:15:71:fb:
2a:4f:6e:9a:66:9e:d3:8a:26:bc:c4:af:46:6e:ee:
40:04:ef:e2:af:35:63:f7:88:00:f1:1c:c7:0d:2b:
6a:58:e6:7c:3b:a8:1d:5d:7f:d8:6c:05:42:00:05:
fb:75:91:4f:a6:db:df:d8:4b:2a:8b:0f:41:23:bf:
e4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:FE:3F:8E:51:64:60:9F:6D:63:89:0F:3C:5A:0C:DD:2D:5E:9D:5C
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/w_4_jlFkYJ9tY4kPPFoM3S1enVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.40.0/21
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.64.0/22
2.189.80.0/20
2.189.160.0/20
78.38.25.0/24
78.38.243.0/24
78.38.246.0/24
78.38.248.0/24
78.38.250.0/23
78.38.254.0/24
78.39.40.0/24
78.39.43.0/24
78.39.46.0-78.39.51.255
78.39.53.0-78.39.59.255
78.39.62.0/23
78.39.153.0/24
78.39.155.0-78.39.156.255
Signature Algorithm: sha256WithRSAEncryption
63:ee:4d:89:c3:55:5b:53:cf:ff:a1:a1:01:e5:4c:d0:e9:d3:
32:45:ce:dd:12:01:81:39:ef:a0:cc:63:b9:5d:47:84:ad:88:
67:ea:18:90:09:ff:29:19:63:d8:68:df:97:00:85:69:18:03:
97:55:5d:c6:21:b0:a8:93:39:cb:d9:b0:20:c9:4b:04:c9:cb:
96:4c:53:e9:df:07:7f:89:fc:40:ad:7a:d4:df:4d:65:1d:1b:
f9:1a:74:fb:5c:ad:52:48:ff:e8:e4:62:53:d6:4a:d9:87:15:
90:f1:41:a0:5c:54:36:f6:c8:7d:5c:98:4a:02:92:99:c5:8b:
16:dc:5b:c6:58:72:06:74:fd:7e:8c:1e:64:0b:8c:8f:01:4a:
f1:b5:66:e9:43:5e:c9:64:47:d6:3b:0d:48:0e:56:8c:ab:cf:
64:c8:93:eb:ed:07:1e:be:db:2a:e7:03:49:36:ea:8c:ff:88:
7d:6d:23:17:41:47:c3:7b:6f:01:3a:24:cf:d3:e0:ac:94:41:
3e:a6:8b:cf:43:3f:c2:d0:bf:25:da:5a:88:ab:07:0d:0a:91:
1a:01:fd:92:f4:c2:bf:c0:20:42:4c:a5:55:e2:d6:7a:de:35:
e3:45:e7:99:bf:f5:bd:1e:ad:f9:3b:cd:6f:c0:63:bd:3c:3f:
07:90:cc:62
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYgZ/jLA1AFL14CGoGmMc7J0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTE0MTEyMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2ZlM2Y4ZTUxNjQ2MDlmNmQ2Mzg5MGYzYzVhMGNkZDJkNWU5ZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPCF2CEFmOM96KPmJWLH5a8F1GVL
tSiebtx5VFaOeZH9C9AroHC5xVVjip/MG8eKwd5As+wd2MtFVu+nfBTw7o+/fhDc
KzQdFzZ4m6pHORsM4i3nBRTKOg2UvVieMD1ZDzlm4NPMdv3z7TgmMhVTqgnQDVJi
MUTBBfKLWEQzkLg2UFnfYYMMkjmxbC8Rk8/wP3HnfOx2UwTc46FYLQgzEA9y0Msq
rwmoSVl5XiVDIMCt3NsVLKePfx0UbPdLGbsVcfsqT26aZp7Tiia8xK9Gbu5ABO/i
rzVj94gA8RzHDStqWOZ8O6gdXX/YbAVCAAX7dZFPptvf2Esqiw9BI7/k/QIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFMP+P45RZGCfbWOJDzxaDN0tXp1cMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvd180X2psRmtZSjl0WTRrUFBGb00zUzFlblZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAMC
vCgDBAICvEgDBAMCvKADBAECvLADBAYCvMADBAMCvTADBAICvUADBAQCvVADBAQC
vaADBABOJhkDBABOJvMDBABOJvYDBABOJvgDBAFOJvoDBABOJv4DBABOJygDBABO
JyswDAMEAU4nLgMEAk4nMDAMAwQATic1AwQCTic4AwQBTic+AwQATieZMAwDBABO
J5sDBABOJ5wwDQYJKoZIhvcNAQELBQADggEBAGPuTYnDVVtTz/+hoQHlTNDp0zJF
zt0SAYE576DMY7ldR4StiGfqGJAJ/ykZY9ho35cAhWkYA5dVXcYhsKiTOcvZsCDJ
SwTJy5ZMU+nfB3+J/ECtetTfTWUdG/kadPtcrVJI/+jkYlPWStmHFZDxQaBcVDb2
yH1cmEoCkpnFixbcW8ZYcgZ0/X6MHmQLjI8BSvG1ZulDXslkR9Y7DUgOVoyrz2TI
k+vtBx6+2yrnA0k26oz/iH1tIxdBR8N7bwE6JM/T4KyUQT6mi89DP8LQvyXaWoir
Bw0KkRoB/ZL0wr/AIEJMpVXi1nreNeNF55m/9b0erfk7zW/AY708PweQzGI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org