Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/Ovc2scPt-16REaDMP5pgjb5hx_s.roa
File: Ovc2scPt-16REaDMP5pgjb5hx_s.roa (raw, json)
Hash identifier: 7bg77eYCT8Un9Nx1IB77sLKPd4qsjA9SW58e2MMDijA=
Subject key identifier: 3A:F7:36:B1:C3:ED:FB:5E:91:11:A0:CC:3F:9A:60:8D:BE:61:C7:FB
Certificate issuer: /CN=4e426c87dfbcc552dc790fec3ed1cde7a8f886e9
Certificate serial: 0186D6000DEF21055E4D468FF84D7B83CED9
Authority key identifier: 4E:42:6C:87:DF:BC:C5:52:DC:79:0F:EC:3E:D1:CD:E7:A8:F8:86:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TkJsh9-8xVLceQ_sPtHN56j4huk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/Ovc2scPt-16REaDMP5pgjb5hx_s.roa
Signing time: Sun 12 Mar 2023 13:26:13 +0000
ROA not before: Sun 12 Mar 2023 13:26:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48197
IP address blocks: 94.127.152.0/23 maxlen: 25
94.127.152.0/24 maxlen: 25
94.127.153.0/24 maxlen: 25
94.127.157.0/24 maxlen: 25
94.127.156.0/23 maxlen: 25
94.127.156.0/24 maxlen: 25
94.127.156.0/22 maxlen: 25
94.127.155.0/24 maxlen: 25
94.127.159.0/24 maxlen: 25
94.127.154.0/23 maxlen: 25
94.127.154.0/24 maxlen: 25
94.127.158.0/24 maxlen: 25
Validation: Failed, certificate revoked on Sun 12 Mar 2023 14:32:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d6:00:0d:ef:21:05:5e:4d:46:8f:f8:4d:7b:83:ce:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e426c87dfbcc552dc790fec3ed1cde7a8f886e9
Validity
Not Before: Mar 12 13:26:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3af736b1c3edfb5e9111a0cc3f9a608dbe61c7fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:96:3b:5f:bf:35:1a:63:e7:06:a0:ba:4b:7c:
32:21:be:d2:44:7b:a4:c1:c1:dc:eb:e1:bc:91:b5:
1c:a9:0f:ac:e2:e8:d7:0c:a1:1f:b4:d2:2e:8b:ec:
3f:43:f1:cd:e5:28:02:96:89:91:37:41:7c:9a:34:
67:9a:95:f1:99:62:dd:3e:39:a6:b2:9a:e0:b4:3a:
93:04:57:e7:20:c4:91:e5:c9:c4:30:8b:b5:87:89:
75:d5:99:cf:90:4d:64:ea:44:92:c5:f4:39:0c:03:
da:89:73:5b:a1:1a:8d:63:2d:d5:1d:18:b4:68:4a:
42:81:df:5d:d0:28:27:4a:1c:62:91:8d:56:0e:a9:
f1:f2:a4:e1:ea:e5:65:6a:cf:cf:40:85:ce:7c:6d:
af:6a:54:57:c7:da:9c:50:9d:91:79:2b:98:73:3c:
5a:bb:f1:d1:99:92:99:5e:4f:83:7a:c5:79:2b:f7:
d1:13:87:eb:83:ef:e2:fd:ea:3b:be:67:14:b2:2b:
e2:f4:3f:52:9c:2e:ac:17:1f:71:58:1f:d8:8c:bd:
e2:7e:19:ad:ed:78:8d:0c:cf:9e:11:f8:80:6a:f6:
b7:41:ef:cc:94:b0:6e:9b:c5:47:20:d9:e6:4c:e1:
62:df:40:7e:90:be:21:ae:0e:d9:76:30:6f:cf:d7:
51:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F7:36:B1:C3:ED:FB:5E:91:11:A0:CC:3F:9A:60:8D:BE:61:C7:FB
X509v3 Authority Key Identifier:
keyid:4E:42:6C:87:DF:BC:C5:52:DC:79:0F:EC:3E:D1:CD:E7:A8:F8:86:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkJsh9-8xVLceQ_sPtHN56j4huk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/Ovc2scPt-16REaDMP5pgjb5hx_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/TkJsh9-8xVLceQ_sPtHN56j4huk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.152.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:ca:5e:ce:e9:97:b1:15:db:5c:ed:73:39:15:a2:6f:4c:c9:
56:45:e8:30:87:e0:d0:88:a9:be:86:e0:58:8c:53:97:b6:4f:
0f:27:48:df:1a:74:ce:ef:27:f6:bf:4a:95:16:ba:9e:c1:11:
ef:09:16:1d:71:5c:eb:e0:d0:ad:20:e2:06:fa:84:9c:cc:da:
4d:3d:48:e4:15:41:c6:99:53:4a:10:24:6a:14:22:33:e7:64:
3c:7d:00:83:56:9e:76:25:cf:88:4f:4f:88:3c:1e:30:f4:ac:
bd:d0:3a:c4:06:47:8f:7a:c3:0a:bd:cc:82:4c:8b:a9:5f:d7:
b7:ed:8e:15:6a:3d:c5:23:b2:e6:49:c2:05:81:77:4d:cd:2f:
19:7d:10:17:4d:f9:d9:b9:8e:a8:b8:83:90:64:0d:6b:ec:09:
8a:23:45:2a:5c:39:46:a3:8b:19:e1:96:5d:52:6d:e7:9b:a8:
e1:a4:03:b2:53:79:c0:79:f6:0c:86:36:12:f2:7c:bd:33:98:
54:52:48:72:8f:e6:3c:2d:8b:d6:fa:b1:6d:77:73:42:d5:58:
49:8c:25:9b:bd:fc:1a:d7:ad:3f:8a:7a:c8:8b:14:1d:03:04:
02:72:04:5a:4d:1e:a6:3f:0c:df:df:ff:d6:77:5e:3f:98:17:
58:b8:a4:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbWAA3vIQVeTUaP+E17g87ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDI2Yzg3ZGZiY2M1NTJkYzc5MGZlYzNlZDFjZGU3YThm
ODg2ZTkwHhcNMjMwMzEyMTMyNjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWY3MzZiMWMzZWRmYjVlOTExMWEwY2MzZjlhNjA4ZGJlNjFjN2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJY7X781GmPnBqC6S3wyIb7SRHuk
wcHc6+G8kbUcqQ+s4ujXDKEftNIui+w/Q/HN5SgClomRN0F8mjRnmpXxmWLdPjmm
sprgtDqTBFfnIMSR5cnEMIu1h4l11ZnPkE1k6kSSxfQ5DAPaiXNboRqNYy3VHRi0
aEpCgd9d0CgnShxikY1WDqnx8qTh6uVlas/PQIXOfG2valRXx9qcUJ2ReSuYczxa
u/HRmZKZXk+DesV5K/fRE4frg+/i/eo7vmcUsivi9D9SnC6sFx9xWB/YjL3ifhmt
7XiNDM+eEfiAava3Qe/MlLBum8VHINnmTOFi30B+kL4hrg7ZdjBvz9dRiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDr3NrHD7ftekRGgzD+aYI2+Ycf7MB8GA1UdIwQY
MBaAFE5CbIffvMVS3HkP7D7Rzeeo+IbpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtKc2g5LTh4VkxjZVFfc1B0SE41Nmo0aHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lNWJkYzctZWIwNi00NjI2LTg0ZDct
MTNkYTc0Y2QzNWE0LzEvT3ZjMnNjUHQtMTZSRWFETVA1cGdqYjVoeF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lNWJkYzctZWIwNi00NjI2LTg0ZDctMTNkYTc0Y2QzNWE0
LzEvVGtKc2g5LTh4VkxjZVFfc1B0SE41Nmo0aHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXn+YMA0G
CSqGSIb3DQEBCwUAA4IBAQCKyl7O6ZexFdtc7XM5FaJvTMlWRegwh+DQiKm+huBY
jFOXtk8PJ0jfGnTO7yf2v0qVFrqewRHvCRYdcVzr4NCtIOIG+oSczNpNPUjkFUHG
mVNKECRqFCIz52Q8fQCDVp52Jc+IT0+IPB4w9Ky90DrEBkePesMKvcyCTIupX9e3
7Y4Vaj3FI7LmScIFgXdNzS8ZfRAXTfnZuY6ouIOQZA1r7AmKI0UqXDlGo4sZ4ZZd
Um3nm6jhpAOyU3nAefYMhjYS8ny9M5hUUkhyj+Y8LYvW+rFtd3NC1VhJjCWbvfwa
160/inrIixQdAwQCcgRaTR6mPwzf3//Wd14/mBdYuKRt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:03 2024 by rpki-client on console-fra.rpki-client.org