Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/GalNzZer0hJvM69TyLs9ZCaw9CA.roa
File: GalNzZer0hJvM69TyLs9ZCaw9CA.roa (raw, json)
Hash identifier: eJ6wRgMYP6QXoMmgZUzM/yw5TgUKNqcQ4NPpc6kxtVM=
Subject key identifier: 19:A9:4D:CD:97:AB:D2:12:6F:33:AF:53:C8:BB:3D:64:26:B0:F4:20
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0191DD18D23FAB8C9BD3F5D2F29E9175F661
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/GalNzZer0hJvM69TyLs9ZCaw9CA.roa
Signing time: Tue 10 Sep 2024 18:01:17 +0000
ROA not before: Tue 10 Sep 2024 18:01:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.187.9.0/24 maxlen: 24
89.187.20.0/24 maxlen: 24
89.187.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 17:37:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dd:18:d2:3f:ab:8c:9b:d3:f5:d2:f2:9e:91:75:f6:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Sep 10 18:01:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19a94dcd97abd2126f33af53c8bb3d6426b0f420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:69:9d:b4:04:6a:dd:e0:94:cd:90:df:8a:07:
3e:26:56:f3:7a:c3:80:80:8d:c6:ac:e4:61:2e:cf:
6f:bd:5a:ef:33:0d:dc:c8:45:36:ff:2d:37:05:d6:
77:70:16:ef:30:cf:e1:ab:06:4e:2c:35:cd:7c:05:
a0:ae:27:8d:df:64:f2:a9:77:ad:dc:58:f8:8f:d5:
4f:b1:82:c2:b9:1d:94:39:2e:21:7b:37:24:6c:98:
7d:2d:4e:4a:4a:17:a3:a2:62:05:47:82:86:17:32:
f3:7d:5a:67:12:a0:ec:c2:7c:00:6d:de:72:e3:ab:
56:21:9e:5b:32:4d:cc:8d:93:74:42:a7:d2:6c:86:
d5:37:71:5e:bb:0a:ea:12:89:36:2a:83:fc:e4:5b:
02:8c:9a:50:a4:e8:78:71:7c:df:a8:5b:f6:4d:52:
12:26:99:5d:8e:75:7c:57:c0:fe:a8:69:0e:fb:54:
8b:8b:87:98:fd:32:56:96:0d:4e:69:6c:74:96:f5:
1f:34:22:a6:3a:2d:3c:4e:da:45:29:3f:e4:55:90:
bf:2f:e2:35:40:33:e2:98:76:33:87:38:e4:fa:08:
f2:3d:05:6a:0c:3c:17:17:de:8b:ce:59:f7:f8:fc:
4e:46:c5:b5:c7:50:0e:f2:73:be:a3:cc:f7:39:f8:
06:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A9:4D:CD:97:AB:D2:12:6F:33:AF:53:C8:BB:3D:64:26:B0:F4:20
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/GalNzZer0hJvM69TyLs9ZCaw9CA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.9.0/24
89.187.20.0/24
89.187.27.0/24
Signature Algorithm: sha256WithRSAEncryption
73:95:ba:b3:54:90:61:42:e2:ea:cf:d3:64:c1:0e:68:c2:23:
d2:25:f2:e8:56:9c:cb:4d:75:37:be:da:c5:41:21:f6:c9:7a:
4e:61:1b:74:d2:a5:b7:ce:62:93:f4:98:ba:d0:0f:34:5d:3c:
55:ab:4d:e4:0b:4c:5c:2d:d6:8e:79:3b:9e:b9:92:73:13:3d:
33:22:17:b0:d9:fe:da:00:67:21:50:9e:1e:b4:71:a5:ba:58:
db:78:bf:d6:2b:b9:ff:0b:53:d3:a5:dd:95:45:55:07:3b:a6:
e2:af:47:04:6d:2a:a4:06:95:e3:65:18:98:e4:3b:31:06:60:
cf:bf:18:d9:a5:91:cd:e9:42:fa:36:24:65:de:46:2d:89:06:
01:0c:f2:7e:95:6f:e4:4a:81:26:30:08:5d:61:04:c1:f7:04:
90:30:4c:11:19:c7:79:f5:ed:1d:34:8b:24:5a:64:96:85:30:
18:3c:a7:0c:1c:61:1e:e0:66:64:15:b5:e5:28:69:bc:50:cf:
e1:81:dc:8f:3c:22:5a:5d:65:8f:6a:70:89:4f:58:e3:9f:3f:
52:0a:d7:e7:cb:e6:05:e9:91:33:f9:dd:0e:c9:16:8e:0b:b8:
30:b2:f3:14:fb:ce:c7:0a:78:b0:1d:df:75:f0:d8:4a:eb:ff:
ae:b4:9a:51
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHdGNI/q4yb0/XS8p6RdfZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjQwOTEwMTgwMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE5NGRjZDk3YWJkMjEyNmYzM2FmNTNjOGJiM2Q2NDI2YjBmNDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmmdtARq3eCUzZDfigc+JlbzesOA
gI3GrORhLs9vvVrvMw3cyEU2/y03BdZ3cBbvMM/hqwZOLDXNfAWgrieN32TyqXet
3Fj4j9VPsYLCuR2UOS4hezckbJh9LU5KShejomIFR4KGFzLzfVpnEqDswnwAbd5y
46tWIZ5bMk3MjZN0QqfSbIbVN3FeuwrqEok2KoP85FsCjJpQpOh4cXzfqFv2TVIS
JpldjnV8V8D+qGkO+1SLi4eY/TJWlg1OaWx0lvUfNCKmOi08TtpFKT/kVZC/L+I1
QDPimHYzhzjk+gjyPQVqDDwXF96Lzln3+PxORsW1x1AO8nO+o8z3OfgGYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBmpTc2Xq9ISbzOvU8i7PWQmsPQgMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvR2FsTnpaZXIwaEp2TTY5VHlMczlaQ2F3OUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWbsJAwQA
WbsUAwQAWbsbMA0GCSqGSIb3DQEBCwUAA4IBAQBzlbqzVJBhQuLqz9NkwQ5owiPS
JfLoVpzLTXU3vtrFQSH2yXpOYRt00qW3zmKT9Ji60A80XTxVq03kC0xcLdaOeTue
uZJzEz0zIhew2f7aAGchUJ4etHGluljbeL/WK7n/C1PTpd2VRVUHO6bir0cEbSqk
BpXjZRiY5DsxBmDPvxjZpZHN6UL6NiRl3kYtiQYBDPJ+lW/kSoEmMAhdYQTB9wSQ
MEwRGcd59e0dNIskWmSWhTAYPKcMHGEe4GZkFbXlKGm8UM/hgdyPPCJaXWWPanCJ
T1jjnz9SCtfny+YF6ZEz+d0OyRaOC7gwsvMU+87HCniwHd918NhK6/+utJpR
-----END CERTIFICATE-----
Generated at Sat Nov 2 19:25:19 2024 by rpki-client on console-fra.rpki-client.org