Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ov3IHUSxfl3OjPTVnp8QJYG495g.roa
File: ov3IHUSxfl3OjPTVnp8QJYG495g.roa (raw, json)
Hash identifier: KwjQPLWJx2PSTU+D/2BYb8kduYAwpBo+3y0TIq8oD8s=
Subject key identifier: A2:FD:C8:1D:44:B1:7E:5D:CE:8C:F4:D5:9E:9F:10:25:81:B8:F7:98
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0188074F7AFF4BE066F06C77D7AF188F1444
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ov3IHUSxfl3OjPTVnp8QJYG495g.roa
Signing time: Wed 10 May 2023 20:17:09 +0000
ROA not before: Wed 10 May 2023 20:17:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43395
IP address blocks: 2.188.232.0/23 maxlen: 23
2.188.236.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:07:4f:7a:ff:4b:e0:66:f0:6c:77:d7:af:18:8f:14:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 10 20:17:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2fdc81d44b17e5dce8cf4d59e9f102581b8f798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:06:06:01:cd:d8:84:ee:fc:bb:35:e2:54:8e:
91:9d:86:3a:17:f6:dd:bb:e5:28:90:64:fa:03:b2:
d7:84:5f:a1:fa:5d:4d:c5:20:71:d8:d2:58:f1:0a:
e7:7d:d7:ea:f1:91:e4:32:ad:cc:25:fb:77:2f:5b:
69:fd:ee:7d:9a:65:bd:b7:bc:b5:cb:88:14:d2:cf:
ed:cf:84:d2:13:c9:d8:25:6c:6f:9e:54:65:5b:64:
75:91:b3:2f:1c:ee:97:df:bd:63:c2:33:8e:05:be:
6f:af:65:29:57:ef:d6:d3:a4:8a:b2:b8:3a:ad:55:
47:ff:55:1b:ac:4c:b6:3f:3e:c7:e7:00:3a:e6:c1:
25:42:2e:8a:62:a1:63:77:bb:5e:bc:15:22:8c:be:
2d:bd:e4:1a:79:71:d8:14:fb:60:ed:8c:69:75:53:
dc:05:ee:04:d5:a7:a1:df:d3:5b:c3:df:66:b7:a4:
5c:9e:86:5a:5e:93:47:dc:f3:ee:1a:e3:10:33:2d:
f0:90:ff:80:a5:d6:ad:57:6a:fb:6a:34:13:cf:77:
eb:dd:48:c6:29:0c:ab:5d:4a:39:94:89:e7:26:44:
b6:18:d1:51:5b:5e:84:55:58:db:a1:04:01:58:3b:
89:8a:ae:9c:d8:f7:ba:ef:e3:3a:02:73:34:ca:ec:
e0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:FD:C8:1D:44:B1:7E:5D:CE:8C:F4:D5:9E:9F:10:25:81:B8:F7:98
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ov3IHUSxfl3OjPTVnp8QJYG495g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.232.0/23
2.188.236.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:e9:36:0e:ce:57:de:84:8f:d5:04:bc:0e:14:b5:e4:6c:82:
45:9f:6a:64:39:e7:77:74:ae:6f:7e:57:4a:0f:6b:25:c9:d9:
f2:84:22:ce:c2:8f:d0:cd:01:8d:e7:d4:64:8a:f7:2c:0c:fa:
5f:d1:f2:52:78:22:43:36:48:b4:3c:67:0f:79:26:82:69:c3:
34:3d:b0:3f:90:46:6e:71:bb:2e:db:fe:c4:63:f2:74:42:c1:
e0:a5:7b:2d:1e:7e:8f:3e:f7:90:34:86:7c:bb:f1:b6:35:2f:
f5:55:63:cb:e8:f9:34:ca:35:a0:d9:36:de:f6:95:10:30:2c:
61:a8:42:8f:74:1a:fc:b2:ee:0a:ec:71:fa:3a:81:7d:fe:ef:
43:73:b9:96:18:ea:2c:2d:65:cd:25:65:fc:dd:8d:90:c0:2d:
4c:7d:c8:5a:04:03:48:e4:07:08:db:c9:b1:65:35:a1:9e:a2:
85:16:46:62:15:68:76:13:9c:20:99:f0:71:63:7d:b4:70:f0:
ab:e8:cb:01:78:fd:ab:05:c4:6f:53:45:16:27:65:a5:c2:e7:
56:3d:65:a9:55:1d:62:1c:6e:eb:7a:dc:a3:26:56:77:b0:56:
5f:8a:b7:da:a0:94:bd:90:73:93:72:b7:7d:d0:4a:dc:32:3a:
40:5f:2b:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgHT3r/S+Bm8Gx3168YjxREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTEwMjAxNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmZkYzgxZDQ0YjE3ZTVkY2U4Y2Y0ZDU5ZTlmMTAyNTgxYjhmNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgYGAc3YhO78uzXiVI6RnYY6F/bd
u+UokGT6A7LXhF+h+l1NxSBx2NJY8Qrnfdfq8ZHkMq3MJft3L1tp/e59mmW9t7y1
y4gU0s/tz4TSE8nYJWxvnlRlW2R1kbMvHO6X371jwjOOBb5vr2UpV+/W06SKsrg6
rVVH/1UbrEy2Pz7H5wA65sElQi6KYqFjd7tevBUijL4tveQaeXHYFPtg7YxpdVPc
Be4E1aeh39Nbw99mt6RcnoZaXpNH3PPuGuMQMy3wkP+ApdatV2r7ajQTz3fr3UjG
KQyrXUo5lInnJkS2GNFRW16EVVjboQQBWDuJiq6c2Pe67+M6AnM0yuzgawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKL9yB1EsX5dzoz01Z6fECWBuPeYMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvb3YzSUhVU3hmbDNPalBUVm5wOFFKWUc0OTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBArzoAwQB
ArzsMA0GCSqGSIb3DQEBCwUAA4IBAQBO6TYOzlfehI/VBLwOFLXkbIJFn2pkOed3
dK5vfldKD2slydnyhCLOwo/QzQGN59RkivcsDPpf0fJSeCJDNki0PGcPeSaCacM0
PbA/kEZucbsu2/7EY/J0QsHgpXstHn6PPveQNIZ8u/G2NS/1VWPL6Pk0yjWg2Tbe
9pUQMCxhqEKPdBr8su4K7HH6OoF9/u9Dc7mWGOosLWXNJWX83Y2QwC1MfchaBANI
5AcI28mxZTWhnqKFFkZiFWh2E5wgmfBxY320cPCr6MsBeP2rBcRvU0UWJ2WlwudW
PWWpVR1iHG7retyjJlZ3sFZfirfaoJS9kHOTcrd90ErcMjpAXyun
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org