Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/CGSDqBL4MDnlTba8UTsIEJdUqKk.roa
File: CGSDqBL4MDnlTba8UTsIEJdUqKk.roa (raw, json)
Hash identifier: jKYnEjth5mpLZq+UOy/F6tk+js6jodFjeTCuttxvT3A=
Subject key identifier: 08:64:83:A8:12:F8:30:39:E5:4D:B6:BC:51:3B:08:10:97:54:A8:A9
Certificate issuer: /CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Certificate serial: 018CC64AB97FBACDD16EBE9F46C4A4DCED7C
Authority key identifier: 22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/CGSDqBL4MDnlTba8UTsIEJdUqKk.roa
Signing time: Mon 01 Jan 2024 18:30:35 +0000
ROA not before: Mon 01 Jan 2024 18:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200845
IP address blocks: 91.209.234.0/24 maxlen: 24
213.148.221.0/24 maxlen: 24
212.121.248.0/24 maxlen: 24
77.75.176.0/21 maxlen: 24
185.154.8.0/22 maxlen: 24
77.75.180.0/24 maxlen: 24
185.193.68.0/22 maxlen: 24
213.148.192.0/19 maxlen: 24
185.184.148.0/22 maxlen: 24
212.121.224.0/19 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 16:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:b9:7f:ba:cd:d1:6e:be:9f:46:c4:a4:dc:ed:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Validity
Not Before: Jan 1 18:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=086483a812f83039e54db6bc513b08109754a8a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c8:44:3c:0e:d8:9c:be:74:41:ff:cc:41:60:
a4:6a:a8:b0:bc:46:e3:2c:42:cd:7b:b9:ca:a8:6f:
a4:4a:16:25:51:a9:bf:c7:cf:f9:34:0b:de:1e:40:
06:58:66:99:ea:81:28:8a:9a:46:fb:4f:ae:ff:85:
2f:02:cc:94:e0:33:b7:dc:25:7e:71:08:08:c6:b3:
22:a9:93:da:a8:84:39:ca:e9:fb:e4:e2:50:65:d1:
1f:a8:91:0a:30:a5:6c:22:19:22:30:60:4a:94:9d:
22:8a:78:f9:1e:14:5f:d1:c6:04:bd:07:97:45:bb:
47:75:45:3f:ff:f7:e9:6d:35:dc:be:02:a8:67:db:
fc:c7:54:f7:0f:4b:55:0f:08:06:76:25:61:fa:d1:
a3:88:f1:0f:a1:44:c2:fe:0e:b7:d2:25:4b:ca:25:
39:77:57:e6:4f:c7:8a:64:b4:72:2f:10:2c:a6:6e:
cd:36:86:ec:55:84:a8:8f:a2:9c:6c:31:ec:8e:11:
1e:7d:99:b0:fd:7f:4f:52:d3:20:6c:ee:71:76:ae:
41:c8:c3:c0:07:15:2c:e6:2c:04:c5:34:09:47:06:
a0:75:c4:49:43:79:bc:3d:f3:8e:29:07:b2:80:8f:
34:4b:21:f1:8b:66:47:a1:4a:cd:87:d9:4d:eb:8e:
74:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:64:83:A8:12:F8:30:39:E5:4D:B6:BC:51:3B:08:10:97:54:A8:A9
X509v3 Authority Key Identifier:
keyid:22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/CGSDqBL4MDnlTba8UTsIEJdUqKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.176.0/21
91.209.234.0/24
185.154.8.0/22
185.184.148.0/22
185.193.68.0/22
212.121.224.0/19
213.148.192.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:9a:cf:0b:05:4b:39:69:95:58:90:69:15:9c:15:fe:fc:3d:
de:42:b8:41:45:b4:46:c2:a8:82:76:63:10:bb:04:49:27:1f:
6e:a0:0b:3b:42:69:8f:73:b1:eb:34:ed:ac:1d:5d:d1:f9:79:
bd:93:53:66:de:89:b0:3a:ce:dc:eb:6e:2d:f3:48:34:77:7b:
76:36:80:0c:2a:3e:2d:2d:41:88:f0:61:09:12:9d:99:13:03:
c7:10:0e:fd:40:76:93:d2:c5:d5:a9:0e:4f:26:2b:08:ef:00:
94:07:f6:4d:0d:42:0f:e0:4e:3f:f9:0c:64:b8:fb:7f:ad:9d:
ce:20:3c:79:66:b8:d2:8d:e6:c7:5a:f3:39:cd:69:90:fa:d3:
a8:ca:00:a8:6b:1c:aa:b1:c5:59:a1:28:33:c9:b9:54:e6:96:
d8:4f:ea:e8:69:e7:12:3d:0e:29:1d:96:13:4f:9a:77:91:a4:
c2:99:44:8a:ec:65:8d:bb:22:59:af:39:04:92:fa:04:32:66:
13:28:97:8d:ba:b6:fd:86:e0:55:d6:67:63:bf:67:53:9d:88:
05:67:53:cd:68:e9:4b:f6:0d:eb:16:51:01:74:5a:8c:44:2d:
76:23:6f:ed:c2:75:dd:38:a7:83:39:bc:26:96:a4:50:67:2f:
17:61:61:9a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzGSrl/us3Rbr6fRsSk3O18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzdjZGE3NWY0ZTE1ZTQ4NmRlZTVhNjUwMWNiZTIwMThi
YzBlMGYwHhcNMjQwMTAxMTgzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODY0ODNhODEyZjgzMDM5ZTU0ZGI2YmM1MTNiMDgxMDk3NTRhOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMhEPA7YnL50Qf/MQWCkaqiwvEbj
LELNe7nKqG+kShYlUam/x8/5NAveHkAGWGaZ6oEoippG+0+u/4UvAsyU4DO33CV+
cQgIxrMiqZPaqIQ5yun75OJQZdEfqJEKMKVsIhkiMGBKlJ0iinj5HhRf0cYEvQeX
RbtHdUU///fpbTXcvgKoZ9v8x1T3D0tVDwgGdiVh+tGjiPEPoUTC/g630iVLyiU5
d1fmT8eKZLRyLxAspm7NNobsVYSoj6KcbDHsjhEefZmw/X9PUtMgbO5xdq5ByMPA
BxUs5iwExTQJRwagdcRJQ3m8PfOOKQeygI80SyHxi2ZHoUrNh9lN6450swIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAhkg6gS+DA55U22vFE7CBCXVKipMB8GA1UdIwQY
MBaAFCLHzadfThXkht7lplAcviAYvA4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5Nzgt
NzUxYjE3ZDFjNDM3LzEvQ0dTRHFCTDRNRG5sVGJhOFVUc0lFSmRVcUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5NzgtNzUxYjE3ZDFjNDM3
LzEvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDTUuwAwQA
W9HqAwQCuZoIAwQCubiUAwQCucFEAwQF1HngAwQF1ZTAMA0GCSqGSIb3DQEBCwUA
A4IBAQCams8LBUs5aZVYkGkVnBX+/D3eQrhBRbRGwqiCdmMQuwRJJx9uoAs7QmmP
c7HrNO2sHV3R+Xm9k1Nm3omwOs7c624t80g0d3t2NoAMKj4tLUGI8GEJEp2ZEwPH
EA79QHaT0sXVqQ5PJisI7wCUB/ZNDUIP4E4/+QxkuPt/rZ3OIDx5ZrjSjebHWvM5
zWmQ+tOoygCoaxyqscVZoSgzyblU5pbYT+roaecSPQ4pHZYTT5p3kaTCmUSK7GWN
uyJZrzkEkvoEMmYTKJeNurb9huBV1mdjv2dTnYgFZ1PNaOlL9g3rFlEBdFqMRC12
I2/twnXdOKeDObwmlqRQZy8XYWGa
-----END CERTIFICATE-----
Generated at Fri Mar 15 21:23:10 2024 by rpki-client on console-fra.rpki-client.org