Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/gaVkBA730_9CjnWHPI61T0yG6Ak.roa
File: gaVkBA730_9CjnWHPI61T0yG6Ak.roa (raw, json)
Hash identifier: fUltAiMHiN/oJ2u09UbRUu+CX9fo6uixU4A3SRoREIw=
Subject key identifier: 81:A5:64:04:0E:F7:D3:FF:42:8E:75:87:3C:8E:B5:4F:4C:86:E8:09
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 018D56A43947B1FA3FC1D74D6343C7E9D662
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/gaVkBA730_9CjnWHPI61T0yG6Ak.roa
Signing time: Mon 29 Jan 2024 19:13:39 +0000
ROA not before: Mon 29 Jan 2024 19:13:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 89.187.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:a4:39:47:b1:fa:3f:c1:d7:4d:63:43:c7:e9:d6:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Jan 29 19:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81a564040ef7d3ff428e75873c8eb54f4c86e809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d7:7c:8b:08:a3:5f:be:13:58:4d:7c:84:f8:
2d:1c:e6:8f:db:87:65:10:f6:44:e0:32:83:08:8e:
c5:bf:a9:38:7c:e5:6c:3a:98:6c:19:6a:86:36:38:
f4:8c:33:86:84:f8:60:ce:f7:df:a6:5f:33:ab:53:
69:28:8d:b8:86:1a:26:f4:f6:9b:bf:ee:45:9d:db:
bf:b3:83:c5:2f:b6:de:9d:f2:e9:a4:61:b3:f2:21:
69:8d:4a:1b:57:ee:17:51:64:ed:67:26:87:ec:e8:
51:53:e8:be:6f:7f:66:ff:00:88:c0:27:95:0c:5b:
63:07:c3:f6:e4:6b:5b:b7:21:74:a9:3b:f2:79:48:
5c:41:87:c1:c8:a8:cb:3f:78:fb:6a:b3:4f:a3:bf:
ad:1c:21:2e:17:4f:03:ee:b7:60:12:bf:21:09:8f:
54:dc:32:67:cf:cc:d8:50:1b:83:5a:b4:4a:3c:9e:
97:13:40:21:0a:3c:59:4d:d4:cf:12:97:37:76:f2:
8a:51:83:9d:77:10:7b:e6:54:42:f1:28:95:ac:89:
79:cd:5d:ee:aa:d2:8e:13:fa:9f:30:eb:ca:a9:e5:
4a:81:60:86:7b:78:ef:5d:c8:81:8b:16:f2:45:d9:
c8:ca:b9:0c:5e:b0:93:c6:61:2e:a4:de:d5:95:e7:
e8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A5:64:04:0E:F7:D3:FF:42:8E:75:87:3C:8E:B5:4F:4C:86:E8:09
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/gaVkBA730_9CjnWHPI61T0yG6Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.28.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:86:aa:db:86:ce:ef:43:35:57:a7:38:c7:34:67:56:42:98:
cc:97:63:b2:63:02:36:e4:03:72:5c:83:42:c3:8b:0f:8d:36:
c4:12:13:6a:ab:b2:42:d9:8c:b9:6f:c5:3b:14:55:b9:55:9a:
8d:3a:e3:45:9a:38:bd:69:6e:1b:52:e2:c9:9c:73:be:30:bb:
0f:27:78:2e:ce:02:86:65:0e:a8:76:04:b9:36:f3:66:dd:a4:
98:0b:6d:dd:32:85:3f:e1:69:b9:84:5a:d3:d8:fb:99:6e:f2:
02:cc:3d:e4:7f:33:41:10:c1:68:87:da:94:6f:63:ff:d4:1a:
bd:6d:84:82:9c:fb:ef:2f:20:5c:24:d3:bb:46:8d:1c:5c:7a:
8b:c8:9f:2e:42:4b:18:a4:f0:2a:ac:d8:fb:83:97:e8:06:c9:
3f:50:9d:c8:b5:4d:e4:2c:a3:8e:65:14:fd:cf:2a:27:d8:bb:
90:06:3b:bc:51:06:6b:aa:36:ef:f8:9f:ba:61:42:6f:fb:49:
2b:29:b9:59:ee:a9:30:a0:07:e2:0f:47:e2:fe:8e:87:78:72:
84:a9:c8:8c:24:b9:ea:cc:af:29:c3:bc:67:a7:09:c0:b7:d1:
ca:f0:27:ca:f2:f5:37:b1:97:40:3e:b3:33:08:59:ef:c2:e6:
bb:94:70:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1WpDlHsfo/wddNY0PH6dZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjQwMTI5MTkxMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWE1NjQwNDBlZjdkM2ZmNDI4ZTc1ODczYzhlYjU0ZjRjODZlODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytd8iwijX74TWE18hPgtHOaP24dl
EPZE4DKDCI7Fv6k4fOVsOphsGWqGNjj0jDOGhPhgzvffpl8zq1NpKI24hhom9Pab
v+5Fndu/s4PFL7benfLppGGz8iFpjUobV+4XUWTtZyaH7OhRU+i+b39m/wCIwCeV
DFtjB8P25GtbtyF0qTvyeUhcQYfByKjLP3j7arNPo7+tHCEuF08D7rdgEr8hCY9U
3DJnz8zYUBuDWrRKPJ6XE0AhCjxZTdTPEpc3dvKKUYOddxB75lRC8SiVrIl5zV3u
qtKOE/qfMOvKqeVKgWCGe3jvXciBixbyRdnIyrkMXrCTxmEupN7Vlefo1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGlZAQO99P/Qo51hzyOtU9MhugJMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvZ2FWa0JBNzMwXzlDam5XSFBJNjFUMHlHNkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbscMA0G
CSqGSIb3DQEBCwUAA4IBAQC3hqrbhs7vQzVXpzjHNGdWQpjMl2OyYwI25ANyXINC
w4sPjTbEEhNqq7JC2Yy5b8U7FFW5VZqNOuNFmji9aW4bUuLJnHO+MLsPJ3guzgKG
ZQ6odgS5NvNm3aSYC23dMoU/4Wm5hFrT2PuZbvICzD3kfzNBEMFoh9qUb2P/1Bq9
bYSCnPvvLyBcJNO7Ro0cXHqLyJ8uQksYpPAqrNj7g5foBsk/UJ3ItU3kLKOOZRT9
zyon2LuQBju8UQZrqjbv+J+6YUJv+0krKblZ7qkwoAfiD0fi/o6HeHKEqciMJLnq
zK8pw7xnpwnAt9HK8CfK8vU3sZdAPrMzCFnvwua7lHCI
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:37:10 2025 by rpki-client