Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CSNY_tW67H50i4Kg27ttM1TE7dw.roa
File: CSNY_tW67H50i4Kg27ttM1TE7dw.roa (raw, json)
Hash identifier: TUJHwLfFYjNZCG/lG2rf6CN7kze1g/9QBRqhVOUACsw=
Subject key identifier: 09:23:58:FE:D5:BA:EC:7E:74:8B:82:A0:DB:BB:6D:33:54:C4:ED:DC
Certificate issuer: /CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Certificate serial: 018FEBEC5F8110E2109EA7C548558D9CE12D
Authority key identifier: 0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CSNY_tW67H50i4Kg27ttM1TE7dw.roa
Signing time: Thu 06 Jun 2024 05:01:27 +0000
ROA not before: Thu 06 Jun 2024 05:01:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29182
IP address blocks: 37.46.128.0/23 maxlen: 23
37.46.130.0/23 maxlen: 23
37.46.132.0/23 maxlen: 23
37.46.134.0/23 maxlen: 23
62.109.0.0/20 maxlen: 20
62.109.0.0/21 maxlen: 21
62.109.8.0/21 maxlen: 21
62.109.16.0/21 maxlen: 21
62.109.24.0/22 maxlen: 22
62.109.28.0/22 maxlen: 22
77.246.156.0/22 maxlen: 22
77.246.156.0/23 maxlen: 23
77.246.158.0/23 maxlen: 23
80.87.192.0/23 maxlen: 23
80.87.194.0/23 maxlen: 23
80.87.196.0/23 maxlen: 23
80.87.198.0/23 maxlen: 23
80.87.200.0/23 maxlen: 23
80.87.202.0/24 maxlen: 24
80.87.203.0/24 maxlen: 24
82.146.32.0/21 maxlen: 21
82.146.32.0/23 maxlen: 23
82.146.34.0/23 maxlen: 23
82.146.36.0/23 maxlen: 23
82.146.38.0/23 maxlen: 23
82.146.40.0/21 maxlen: 21
82.146.48.0/23 maxlen: 23
82.146.50.0/23 maxlen: 23
82.146.52.0/23 maxlen: 23
82.146.54.0/23 maxlen: 23
82.146.56.0/21 maxlen: 21
82.202.160.0/23 maxlen: 23
82.202.162.0/23 maxlen: 23
82.202.165.0/24 maxlen: 24
82.202.166.0/23 maxlen: 23
82.202.168.0/23 maxlen: 23
82.202.170.0/23 maxlen: 23
82.202.172.0/23 maxlen: 23
82.202.174.0/23 maxlen: 23
83.220.168.0/23 maxlen: 23
83.220.170.0/23 maxlen: 23
83.220.172.0/23 maxlen: 23
83.220.174.0/23 maxlen: 23
91.240.84.0/23 maxlen: 23
91.240.86.0/23 maxlen: 23
92.63.96.0/21 maxlen: 21
92.63.104.0/22 maxlen: 22
92.63.108.0/22 maxlen: 22
92.63.108.0/24 maxlen: 24
92.63.109.0/24 maxlen: 24
92.63.110.0/23 maxlen: 23
185.43.4.0/23 maxlen: 23
185.43.6.0/23 maxlen: 23
185.63.188.0/22 maxlen: 22
185.146.156.0/23 maxlen: 23
185.146.158.0/23 maxlen: 23
185.246.64.0/23 maxlen: 23
185.246.66.0/23 maxlen: 23
185.253.32.0/23 maxlen: 23
185.253.34.0/23 maxlen: 23
195.140.144.0/23 maxlen: 23
195.140.146.0/23 maxlen: 23
212.109.192.0/22 maxlen: 22
212.109.196.0/23 maxlen: 23
212.109.198.0/23 maxlen: 23
212.109.216.0/23 maxlen: 23
212.109.218.0/23 maxlen: 23
212.109.220.0/23 maxlen: 23
212.109.222.0/24 maxlen: 24
212.109.223.0/24 maxlen: 24
213.159.208.0/23 maxlen: 23
213.159.210.0/23 maxlen: 23
213.159.212.0/23 maxlen: 23
213.159.214.0/23 maxlen: 23
2a09:f900::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 03 Aug 2024 04:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:eb:ec:5f:81:10:e2:10:9e:a7:c5:48:55:8d:9c:e1:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Validity
Not Before: Jun 6 05:01:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=092358fed5baec7e748b82a0dbbb6d3354c4eddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a6:e7:87:8d:84:50:4b:d3:a0:aa:cd:a0:db:
78:51:82:7c:7c:e3:da:47:42:2b:a0:37:0a:f4:87:
e9:0f:9a:b5:d1:d5:65:7b:82:be:65:e7:c7:4a:8c:
a5:7e:44:97:98:a5:3b:a5:b7:e0:87:57:d6:11:b3:
0e:37:1c:8e:f8:69:6e:63:46:6c:a9:49:db:e5:97:
39:d8:a7:ff:fa:c8:5c:ac:be:2c:55:85:51:19:c8:
29:1e:dd:d5:2e:07:2f:0c:68:fb:4b:8f:1e:03:08:
15:e2:ff:1a:39:71:3b:0d:8d:ea:8e:5e:c2:b6:11:
3b:88:aa:9c:4c:50:1f:05:45:ac:74:2a:aa:70:02:
d9:7d:d1:ce:a3:32:0c:40:16:bb:bd:2d:85:4d:ca:
a5:6a:4f:fd:14:f2:e7:c9:e5:36:a2:c6:9b:33:84:
a7:0a:b6:1b:72:12:28:d7:75:86:3b:7f:ff:15:9f:
ee:7f:75:93:4b:ad:ee:38:4d:d7:54:44:12:1f:21:
b8:75:15:6e:bf:b3:05:0b:9e:1a:ea:ca:0f:bb:5d:
bf:f6:5e:24:a4:63:63:7a:02:db:a4:b5:6c:5a:01:
f6:20:ce:5f:65:55:8c:a0:b4:ac:ee:91:64:89:de:
dc:7c:9b:5d:20:48:2e:55:68:9b:9c:05:37:fa:9c:
35:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:23:58:FE:D5:BA:EC:7E:74:8B:82:A0:DB:BB:6D:33:54:C4:ED:DC
X509v3 Authority Key Identifier:
keyid:0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CSNY_tW67H50i4Kg27ttM1TE7dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.128.0/21
62.109.0.0/19
77.246.156.0/22
80.87.192.0-80.87.203.255
82.146.32.0/19
82.202.160.0/22
82.202.165.0-82.202.175.255
83.220.168.0/21
91.240.84.0/22
92.63.96.0/20
185.43.4.0/22
185.63.188.0/22
185.146.156.0/22
185.246.64.0/22
185.253.32.0/22
195.140.144.0/22
212.109.192.0/21
212.109.216.0/21
213.159.208.0/21
IPv6:
2a09:f900::/48
Signature Algorithm: sha256WithRSAEncryption
9f:5d:7e:d1:f5:23:a7:b2:f0:56:b1:e7:50:ed:b5:85:b7:d0:
49:76:78:42:4d:60:99:2f:7a:db:bb:9a:b2:99:d0:67:7e:05:
f0:81:69:bf:48:21:77:0e:32:9f:79:25:47:a5:6a:91:f9:f7:
b0:fb:d4:ef:26:e8:42:09:06:40:cf:ae:17:0f:7d:df:7f:f5:
dc:3e:c0:a1:73:ad:09:61:9d:12:17:05:4c:b1:c9:90:d3:74:
d8:69:45:d0:b6:38:60:e6:d8:b1:9b:aa:5e:e2:5b:92:96:b5:
fd:61:b3:6a:3a:84:47:d2:9e:2e:dd:ba:dc:91:08:cb:c2:d7:
9e:4c:3c:4c:53:91:5c:ee:e6:74:11:ca:02:09:cb:70:ad:67:
5a:8e:75:8f:d5:c1:f4:a5:9c:98:c8:d3:34:a8:78:bb:18:89:
47:67:d4:2b:8d:21:a5:1e:d4:87:32:1c:1c:67:69:e2:45:ff:
a8:e1:f3:1e:08:59:f1:8b:0d:26:ed:8f:32:46:fa:12:a5:d8:
df:98:b1:ef:ca:0a:10:b5:b6:5f:bc:9f:2b:d0:35:e4:24:38:
1e:b0:06:77:13:1a:85:b6:53:65:f2:65:9b:a4:49:bd:27:59:
68:ee:27:48:b6:01:57:ec:59:c4:67:6e:b1:9e:b7:6d:05:f8:
06:1f:34:2d
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAY/r7F+BEOIQnqfFSFWNnOEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDFhNWEyYTE4MzM5NjI5Y2MxMzAzZTZkZWM4YmI2MDVk
ZGNhNjUwHhcNMjQwNjA2MDUwMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTIzNThmZWQ1YmFlYzdlNzQ4YjgyYTBkYmJiNmQzMzU0YzRlZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1abnh42EUEvToKrNoNt4UYJ8fOPa
R0IroDcK9IfpD5q10dVle4K+ZefHSoylfkSXmKU7pbfgh1fWEbMONxyO+GluY0Zs
qUnb5Zc52Kf/+shcrL4sVYVRGcgpHt3VLgcvDGj7S48eAwgV4v8aOXE7DY3qjl7C
thE7iKqcTFAfBUWsdCqqcALZfdHOozIMQBa7vS2FTcqlak/9FPLnyeU2osabM4Sn
CrYbchIo13WGO3//FZ/uf3WTS63uOE3XVEQSHyG4dRVuv7MFC54a6soPu12/9l4k
pGNjegLbpLVsWgH2IM5fZVWMoLSs7pFkid7cfJtdIEguVWibnAU3+pw1HwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFAkjWP7Vuux+dIuCoNu7bTNUxO3cMB8GA1UdIwQY
MBaAFApBpaKhgzlinMEwPm3si7YF3cplMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjIt
ODBmN2ZkNmVhOWM5LzEvQ1NOWV90VzY3SDUwaTRLZzI3dHRNMVRFN2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjItODBmN2ZkNmVhOWM5
LzEvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiQQCAAEwgYIDBAMl
LoADBAU+bQADBAJN9pwwDAMEBlBXwAMEAlBXyAMEBVKSIAMEAlLKoDAMAwQAUsql
AwQEUsqgAwQDU9yoAwQCW/BUAwQEXD9gAwQCuSsEAwQCuT+8AwQCuZKcAwQCufZA
AwQCuf0gAwQCw4yQAwQD1G3AAwQD1G3YAwQD1Z/QMA8EAgACMAkDBwAqCfkAAAAw
DQYJKoZIhvcNAQELBQADggEBAJ9dftH1I6ey8Fax51DttYW30El2eEJNYJkvetu7
mrKZ0Gd+BfCBab9IIXcOMp95JUelapH597D71O8m6EIJBkDPrhcPfd9/9dw+wKFz
rQlhnRIXBUyxyZDTdNhpRdC2OGDm2LGbql7iW5KWtf1hs2o6hEfSni7dutyRCMvC
155MPExTkVzu5nQRygIJy3CtZ1qOdY/VwfSlnJjI0zSoeLsYiUdn1CuNIaUe1Icy
HBxnaeJF/6jh8x4IWfGLDSbtjzJG+hKl2N+Yse/KChC1tl+8nyvQNeQkOB6wBncT
GoW2U2XyZZukSb0nWWjuJ0i2AVfsWcRnbrGet20F+AYfNC0=
-----END CERTIFICATE-----
Generated at Sat Aug 3 07:47:30 2024 by rpki-client on console-ams.rpki-client.org