Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/GalPZdz88QirCwvPzOj6PGyFI1o.roa
File: GalPZdz88QirCwvPzOj6PGyFI1o.roa (raw, json)
Hash identifier: 36/Hh1ShuS3HgHgCRhpzOo2IZhSdy8DbvVTBMr/ilIY=
Subject key identifier: 19:A9:4F:65:DC:FC:F1:08:AB:0B:0B:CF:CC:E8:FA:3C:6C:85:23:5A
Certificate issuer: /CN=d4f92129df7aaa7157e15973c24753e118c9057d
Certificate serial: 01856C0A3C269AE3D6C0E07C5759D4D79166
Authority key identifier: D4:F9:21:29:DF:7A:AA:71:57:E1:59:73:C2:47:53:E1:18:C9:05:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1PkhKd96qnFX4VlzwkdT4RjJBX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/GalPZdz88QirCwvPzOj6PGyFI1o.roa
Signing time: Sun 01 Jan 2023 06:34:48 +0000
ROA not before: Sun 01 Jan 2023 06:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204631
IP address blocks: 185.136.120.0/22 maxlen: 22
193.27.218.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:3c:26:9a:e3:d6:c0:e0:7c:57:59:d4:d7:91:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4f92129df7aaa7157e15973c24753e118c9057d
Validity
Not Before: Jan 1 06:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19a94f65dcfcf108ab0b0bcfcce8fa3c6c85235a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2e:eb:06:bf:51:57:c7:b0:e2:3b:dc:ad:49:
8c:aa:cf:3f:b1:93:8b:c9:b5:8f:95:7d:d8:cd:3b:
87:1c:40:17:27:ba:86:95:0a:d9:fd:8c:47:18:c4:
57:38:65:82:af:a0:05:4e:cc:46:c2:43:c9:ad:64:
a3:19:80:e5:31:fb:27:71:43:14:8a:c0:f9:f7:f2:
80:9b:03:a1:6f:4d:c2:fe:cb:f8:d9:f4:40:9c:b5:
fb:c5:24:17:46:08:bc:16:6e:db:eb:b4:50:39:01:
74:e7:45:d1:53:da:12:31:be:d8:71:53:d3:6d:0e:
82:56:cf:84:93:02:b4:5b:fd:84:ca:48:14:00:45:
83:68:68:fb:09:f1:f3:b9:82:0e:14:ba:a6:c8:2c:
ed:14:5a:7f:64:ae:2a:50:13:8c:13:8a:23:29:ea:
9b:09:07:42:de:7e:8f:1f:90:73:bf:a0:33:87:56:
d5:74:86:bd:23:d5:82:66:85:bf:a8:3c:be:bc:25:
d0:0e:3b:53:70:dd:ba:e2:45:81:f4:8b:b0:06:f7:
14:b6:e4:3a:9b:5d:ab:1d:d4:87:51:22:20:db:ce:
c2:2e:3d:3f:0d:c7:04:e8:ce:02:af:89:f1:12:1e:
10:28:9c:fe:fc:ba:d1:d9:b3:64:c2:92:c7:24:96:
41:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A9:4F:65:DC:FC:F1:08:AB:0B:0B:CF:CC:E8:FA:3C:6C:85:23:5A
X509v3 Authority Key Identifier:
keyid:D4:F9:21:29:DF:7A:AA:71:57:E1:59:73:C2:47:53:E1:18:C9:05:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1PkhKd96qnFX4VlzwkdT4RjJBX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/GalPZdz88QirCwvPzOj6PGyFI1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/1PkhKd96qnFX4VlzwkdT4RjJBX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.120.0/22
193.27.218.0/23
Signature Algorithm: sha256WithRSAEncryption
44:ed:5e:c2:fb:37:37:29:6b:bd:1e:2a:1b:f4:8b:bb:fc:40:
0c:29:a3:2c:db:24:83:d0:e2:60:fe:f7:d4:72:fc:4f:cd:e6:
52:38:0a:0a:83:d3:db:44:24:d8:8f:97:84:51:0c:71:0d:da:
9c:78:90:1d:d3:04:af:a3:e1:32:1c:08:92:94:1b:81:6a:f1:
86:d9:40:e0:b7:a0:61:ed:46:e4:44:44:28:b2:19:71:5f:b4:
c4:4c:e0:e7:0b:46:57:66:20:ec:44:e5:30:71:56:cb:91:e9:
2b:1c:12:7e:5d:fc:f1:bd:ca:ae:51:d6:db:bd:bc:d6:d0:d9:
ad:69:52:5d:68:9b:7c:70:81:ca:81:54:19:b2:06:75:a8:b4:
20:06:1e:d0:38:e8:43:23:b3:b3:4c:97:0d:44:01:2d:8d:9b:
57:fd:d2:ad:04:e7:69:a9:6d:de:f4:bd:1c:ff:fb:a6:1c:8b:
f9:8b:43:68:5d:33:6d:c9:9e:39:f8:3d:7c:86:13:04:00:06:
28:80:b7:8d:64:65:9a:68:63:64:3d:44:90:00:f4:ab:1f:79:
8d:9b:4d:0c:3a:5c:f7:c7:af:d6:e3:e5:7f:be:57:d7:ee:85:
cc:ae:64:16:1c:34:12:bd:7e:40:b5:34:36:b3:c8:d1:1a:2b:
1b:6e:fb:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsCjwmmuPWwOB8V1nU15FmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZjkyMTI5ZGY3YWFhNzE1N2UxNTk3M2MyNDc1M2UxMThj
OTA1N2QwHhcNMjMwMTAxMDYzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE5NGY2NWRjZmNmMTA4YWIwYjBiY2ZjY2U4ZmEzYzZjODUyMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti7rBr9RV8ew4jvcrUmMqs8/sZOL
ybWPlX3YzTuHHEAXJ7qGlQrZ/YxHGMRXOGWCr6AFTsxGwkPJrWSjGYDlMfsncUMU
isD59/KAmwOhb03C/sv42fRAnLX7xSQXRgi8Fm7b67RQOQF050XRU9oSMb7YcVPT
bQ6CVs+EkwK0W/2EykgUAEWDaGj7CfHzuYIOFLqmyCztFFp/ZK4qUBOME4ojKeqb
CQdC3n6PH5Bzv6Azh1bVdIa9I9WCZoW/qDy+vCXQDjtTcN264kWB9IuwBvcUtuQ6
m12rHdSHUSIg287CLj0/DccE6M4Cr4nxEh4QKJz+/LrR2bNkwpLHJJZBXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBmpT2Xc/PEIqwsLz8zo+jxshSNaMB8GA1UdIwQY
MBaAFNT5ISnfeqpxV+FZc8JHU+EYyQV9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVBraEtkOTZxbkZYNFZsendrZFQ0UmpKQlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC85Y2ZlNWQtNTc3MC00YjVkLTg5MzUt
OWYzOGM4YjhhOTI4LzEvR2FsUFpkejg4UWlyQ3d2UHpPajZQR3lGSTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC85Y2ZlNWQtNTc3MC00YjVkLTg5MzUtOWYzOGM4YjhhOTI4
LzEvMVBraEtkOTZxbkZYNFZsendrZFQ0UmpKQlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYh4AwQB
wRvaMA0GCSqGSIb3DQEBCwUAA4IBAQBE7V7C+zc3KWu9Hiob9Iu7/EAMKaMs2ySD
0OJg/vfUcvxPzeZSOAoKg9PbRCTYj5eEUQxxDdqceJAd0wSvo+EyHAiSlBuBavGG
2UDgt6Bh7UbkREQoshlxX7TETODnC0ZXZiDsROUwcVbLkekrHBJ+XfzxvcquUdbb
vbzW0NmtaVJdaJt8cIHKgVQZsgZ1qLQgBh7QOOhDI7OzTJcNRAEtjZtX/dKtBOdp
qW3e9L0c//umHIv5i0NoXTNtyZ45+D18hhMEAAYogLeNZGWaaGNkPUSQAPSrH3mN
m00MOlz3x6/W4+V/vlfX7oXMrmQWHDQSvX5AtTQ2s8jRGisbbvsF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:49 2024 by rpki-client on console-ams.rpki-client.org