Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/a6d124-04e6-4def-a16b-d652368299d5/1/ovoMAd9GU8LYuhe-cwKbBFnIovc.roa
File: ovoMAd9GU8LYuhe-cwKbBFnIovc.roa (raw, json)
Hash identifier: g5R4VSqYrbk+C8muHfYO7UgSe+CZot81G6lTB2cie8w=
Subject key identifier: A2:FA:0C:01:DF:46:53:C2:D8:BA:17:BE:73:02:9B:04:59:C8:A2:F7
Certificate issuer: /CN=d408cf09b6ab005ba933b2a7a4a6d27ea6bb72ca
Certificate serial: 0192512BD1967C3F5E0E7721D8F3E4D3C8D3
Authority key identifier: D4:08:CF:09:B6:AB:00:5B:A9:33:B2:A7:A4:A6:D2:7E:A6:BB:72:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1AjPCbarAFupM7KnpKbSfqa7cso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/a6d124-04e6-4def-a16b-d652368299d5/1/ovoMAd9GU8LYuhe-cwKbBFnIovc.roa
Signing time: Thu 03 Oct 2024 06:57:59 +0000
ROA not before: Thu 03 Oct 2024 06:57:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213066
IP address blocks: 193.163.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:2b:d1:96:7c:3f:5e:0e:77:21:d8:f3:e4:d3:c8:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d408cf09b6ab005ba933b2a7a4a6d27ea6bb72ca
Validity
Not Before: Oct 3 06:57:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2fa0c01df4653c2d8ba17be73029b0459c8a2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4b:18:8e:3e:53:ab:c9:03:85:9b:cd:54:48:
3d:6d:a7:9a:ac:ee:58:50:13:7b:6b:54:30:02:da:
e4:5f:82:a5:cb:73:57:71:32:7d:6e:39:c7:86:1c:
bf:ab:a0:4d:fe:fd:46:7c:dd:56:1e:cb:40:1e:79:
bf:56:5e:cb:a1:9d:c8:06:3c:36:f1:1d:a9:63:60:
7d:d5:09:66:d0:99:47:1a:5e:cb:6e:f0:f7:4a:d2:
b3:94:bd:24:4e:c2:7c:ab:e6:dc:fc:4b:0d:09:86:
14:2f:91:24:4b:41:68:8d:c5:d4:26:27:91:3e:8c:
ca:54:16:0e:08:95:d6:09:95:05:62:58:04:10:1d:
00:a3:04:5f:6f:2c:c8:10:c4:54:65:24:05:0d:16:
04:2e:e5:23:5c:be:fb:92:7b:1d:bf:c2:91:c3:c5:
d4:63:b6:7f:6d:52:25:f0:77:1c:32:59:67:a7:2b:
4e:f9:cd:0a:dd:7c:b9:ba:2f:05:f1:cb:e7:e6:1a:
fa:16:b6:1e:9f:55:26:14:b2:fb:4e:84:20:16:ef:
56:f7:37:8c:ac:88:c8:d2:1f:30:61:4d:28:0c:ea:
e7:a5:c6:65:86:2c:8f:c7:5b:6f:98:45:a5:58:64:
97:74:01:87:60:7e:b4:19:36:0a:d1:d9:15:cc:a4:
15:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:FA:0C:01:DF:46:53:C2:D8:BA:17:BE:73:02:9B:04:59:C8:A2:F7
X509v3 Authority Key Identifier:
keyid:D4:08:CF:09:B6:AB:00:5B:A9:33:B2:A7:A4:A6:D2:7E:A6:BB:72:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1AjPCbarAFupM7KnpKbSfqa7cso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a6d124-04e6-4def-a16b-d652368299d5/1/ovoMAd9GU8LYuhe-cwKbBFnIovc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a6d124-04e6-4def-a16b-d652368299d5/1/1AjPCbarAFupM7KnpKbSfqa7cso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.1.0/24
Signature Algorithm: sha256WithRSAEncryption
04:c1:2c:8e:f5:d1:86:a5:7b:bb:04:28:7f:2f:db:68:26:b4:
14:60:c6:bc:be:fa:44:51:48:12:6e:18:1f:a1:24:46:19:db:
80:bf:52:34:4b:90:ac:5c:c4:e0:ff:33:3e:a9:e1:39:92:88:
b4:26:97:84:e8:f8:a1:9a:93:d1:69:60:db:a9:70:d4:49:1f:
e7:02:fb:31:26:5e:73:d8:d8:ea:f0:26:eb:d4:24:03:d3:d7:
40:9c:6d:43:e7:ae:0f:c3:c1:78:27:57:50:7e:d7:6f:71:7c:
3d:71:5e:df:76:df:5b:1b:ee:3a:ec:18:00:0c:ed:53:f8:21:
9f:42:15:c8:da:84:81:71:1f:59:63:a3:2b:36:32:d1:5c:80:
b9:88:1e:cf:42:f1:1a:0e:82:7b:18:a8:bb:4e:50:dd:97:7a:
cf:b0:04:9f:6c:3b:88:be:77:e5:f1:1d:f4:40:b8:f8:6a:3d:
3c:45:51:c9:5f:25:23:31:fe:ae:40:0e:37:ee:ed:de:8e:9b:
90:6d:ae:8c:57:7e:14:67:aa:50:8e:a9:af:ee:61:56:86:3c:
8f:96:28:06:9c:fb:88:41:ed:1c:75:4f:3f:03:e1:83:94:f8:
8e:b8:b3:8e:7b:3f:34:f4:bc:f2:61:05:a5:ce:ab:23:59:e3:
ea:0a:ae:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJRK9GWfD9eDnch2PPk08jTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MDhjZjA5YjZhYjAwNWJhOTMzYjJhN2E0YTZkMjdlYTZi
YjcyY2EwHhcNMjQxMDAzMDY1NzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmZhMGMwMWRmNDY1M2MyZDhiYTE3YmU3MzAyOWIwNDU5YzhhMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEsYjj5Tq8kDhZvNVEg9baearO5Y
UBN7a1QwAtrkX4Kly3NXcTJ9bjnHhhy/q6BN/v1GfN1WHstAHnm/Vl7LoZ3IBjw2
8R2pY2B91Qlm0JlHGl7LbvD3StKzlL0kTsJ8q+bc/EsNCYYUL5EkS0FojcXUJieR
PozKVBYOCJXWCZUFYlgEEB0AowRfbyzIEMRUZSQFDRYELuUjXL77knsdv8KRw8XU
Y7Z/bVIl8HccMllnpytO+c0K3Xy5ui8F8cvn5hr6FrYen1UmFLL7ToQgFu9W9zeM
rIjI0h8wYU0oDOrnpcZlhiyPx1tvmEWlWGSXdAGHYH60GTYK0dkVzKQV0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKL6DAHfRlPC2LoXvnMCmwRZyKL3MB8GA1UdIwQY
MBaAFNQIzwm2qwBbqTOyp6Sm0n6mu3LKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUFqUENiYXJBRnVwTTdLbnBLYlNmcWE3Y3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hNmQxMjQtMDRlNi00ZGVmLWExNmIt
ZDY1MjM2ODI5OWQ1LzEvb3ZvTUFkOUdVOExZdWhlLWN3S2JCRm5Jb3ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hNmQxMjQtMDRlNi00ZGVmLWExNmItZDY1MjM2ODI5OWQ1
LzEvMUFqUENiYXJBRnVwTTdLbnBLYlNmcWE3Y3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaMBMA0G
CSqGSIb3DQEBCwUAA4IBAQAEwSyO9dGGpXu7BCh/L9toJrQUYMa8vvpEUUgSbhgf
oSRGGduAv1I0S5CsXMTg/zM+qeE5koi0JpeE6PihmpPRaWDbqXDUSR/nAvsxJl5z
2Njq8Cbr1CQD09dAnG1D564Pw8F4J1dQftdvcXw9cV7fdt9bG+467BgADO1T+CGf
QhXI2oSBcR9ZY6MrNjLRXIC5iB7PQvEaDoJ7GKi7TlDdl3rPsASfbDuIvnfl8R30
QLj4aj08RVHJXyUjMf6uQA437u3ejpuQba6MV34UZ6pQjqmv7mFWhjyPligGnPuI
Qe0cdU8/A+GDlPiOuLOOez809LzyYQWlzqsjWePqCq63
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:34 2025 by rpki-client