Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CsGRJRaPIIcJNCFTggqw8nvMog0.roa
File: CsGRJRaPIIcJNCFTggqw8nvMog0.roa (raw, json)
Hash identifier: X9j+3uPtEyD5K6KVE9aMeX1ie196TBiYUPZO5Dt86yQ=
Subject key identifier: 0A:C1:91:25:16:8F:20:87:09:34:21:53:82:0A:B0:F2:7B:CC:A2:0D
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018BDCEBC7AA574685A3C946074484028924
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CsGRJRaPIIcJNCFTggqw8nvMog0.roa
Signing time: Fri 17 Nov 2023 10:55:21 +0000
ROA not before: Fri 17 Nov 2023 10:55:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 185.39.204.0/24 maxlen: 24
89.23.103.0/24 maxlen: 24
185.39.207.0/24 maxlen: 24
89.23.107.0/24 maxlen: 24
89.23.108.0/24 maxlen: 24
89.23.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:eb:c7:aa:57:46:85:a3:c9:46:07:44:84:02:89:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Nov 17 10:55:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ac19125168f208709342153820ab0f27bcca20d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6e:5f:c0:15:be:3f:5a:69:30:65:f9:0b:fe:
c6:2a:e1:e4:62:73:a4:61:38:45:c8:e8:9c:b0:36:
b8:4d:38:5b:79:df:a3:9a:3f:bf:f6:fa:93:c6:4e:
d7:c1:09:07:54:c0:9e:85:e1:7a:66:e6:64:2d:dd:
6b:3c:3d:29:7e:08:17:d9:35:a5:04:81:8a:c4:6e:
a6:82:19:2e:af:5b:16:ba:23:96:a4:cc:5b:a9:a3:
06:06:76:60:b1:47:d4:cd:81:ed:0e:11:87:af:f3:
20:07:c0:ca:a8:9a:38:04:39:98:99:c2:d5:72:0b:
1c:ad:06:aa:36:61:26:27:04:6e:cc:1e:b8:35:ae:
3c:8e:5d:60:87:0f:7c:62:b5:6f:98:b2:af:0d:7d:
05:b8:d7:4c:c6:3d:a5:ec:7b:71:bb:0a:36:2d:4c:
75:e2:97:13:37:21:dd:4c:23:a6:6f:3b:bd:0f:db:
30:15:c1:8d:8b:de:5e:e4:34:e7:39:ee:a2:4c:7b:
7c:64:fe:82:db:19:56:f9:32:bd:a2:39:7f:66:f3:
9c:41:7b:6c:de:34:e3:cc:4f:a8:7d:ad:1e:cb:a8:
18:39:38:00:89:24:88:f9:c6:1c:3b:75:51:57:37:
16:39:29:19:2b:12:6d:c3:9d:20:f6:ae:c1:5d:5e:
ae:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C1:91:25:16:8F:20:87:09:34:21:53:82:0A:B0:F2:7B:CC:A2:0D
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CsGRJRaPIIcJNCFTggqw8nvMog0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.103.0/24
89.23.107.0-89.23.108.255
89.23.113.0/24
185.39.204.0/24
185.39.207.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:91:a6:15:f1:f9:fb:fe:cc:94:43:88:51:6d:2f:4a:a2:51:
0e:3c:ed:02:bf:f8:39:36:68:f0:8f:6f:83:b7:79:f8:45:09:
c5:ec:47:2f:62:7c:b5:63:b4:3b:8e:61:2c:da:3d:7e:75:23:
e3:71:91:09:ae:20:11:d1:9e:9a:02:e2:cf:90:2f:36:6d:b1:
ee:e0:d6:8b:70:e7:15:c0:dc:f1:20:04:75:06:c6:da:ef:2c:
67:27:5a:91:e3:2d:4b:86:df:8c:a1:6c:72:a8:d1:c9:e5:50:
15:29:97:c6:59:1e:93:f8:92:69:4b:28:64:c7:db:bf:5d:e9:
1e:9c:b1:36:c8:65:5c:71:8e:27:90:5c:df:3e:17:6b:b4:9e:
5b:c2:33:53:de:9c:bf:81:e5:a7:c4:4a:84:62:bd:41:87:37:
46:34:d5:e8:fa:23:2a:92:1b:48:7f:ff:e9:01:57:1d:04:7b:
4d:88:27:5e:65:05:8a:b4:21:61:41:1d:f4:aa:0a:b5:b5:c7:
8f:2d:5e:81:25:f4:3c:a2:fe:06:fc:ed:9a:b8:51:78:22:c9:
d9:6b:55:a7:e0:a5:dc:be:52:e2:e1:55:63:cb:6e:ac:7a:78:
14:d2:9a:12:10:1b:24:a4:4d:c2:9c:1a:e4:e0:b5:a0:b4:f0:
c8:75:b5:71
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYvc68eqV0aFo8lGB0SEAokkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMxMTE3MTA1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWMxOTEyNTE2OGYyMDg3MDkzNDIxNTM4MjBhYjBmMjdiY2NhMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA025fwBW+P1ppMGX5C/7GKuHkYnOk
YThFyOicsDa4TThbed+jmj+/9vqTxk7XwQkHVMCeheF6ZuZkLd1rPD0pfggX2TWl
BIGKxG6mghkur1sWuiOWpMxbqaMGBnZgsUfUzYHtDhGHr/MgB8DKqJo4BDmYmcLV
cgscrQaqNmEmJwRuzB64Na48jl1ghw98YrVvmLKvDX0FuNdMxj2l7Htxuwo2LUx1
4pcTNyHdTCOmbzu9D9swFcGNi95e5DTnOe6iTHt8ZP6C2xlW+TK9ojl/ZvOcQXts
3jTjzE+ofa0ey6gYOTgAiSSI+cYcO3VRVzcWOSkZKxJtw50g9q7BXV6uaQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFArBkSUWjyCHCTQhU4IKsPJ7zKINMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvQ3NHUkpSYVBJSWNKTkNGVGdncXc4bnZNb2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWRdnMAwD
BABZF2sDBABZF2wDBABZF3EDBAC5J8wDBAC5J88wDQYJKoZIhvcNAQELBQADggEB
AG6RphXx+fv+zJRDiFFtL0qiUQ487QK/+Dk2aPCPb4O3efhFCcXsRy9ifLVjtDuO
YSzaPX51I+NxkQmuIBHRnpoC4s+QLzZtse7g1otw5xXA3PEgBHUGxtrvLGcnWpHj
LUuG34yhbHKo0cnlUBUpl8ZZHpP4kmlLKGTH279d6R6csTbIZVxxjieQXN8+F2u0
nlvCM1PenL+B5afESoRivUGHN0Y01ej6IyqSG0h//+kBVx0Ee02IJ15lBYq0IWFB
HfSqCrW1x48tXoEl9Dyi/gb87Zq4UXgiydlrVafgpdy+UuLhVWPLbqx6eBTSmhIQ
GySkTcKcGuTgtaC08Mh1tXE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:33 2024 by rpki-client on console-ams.rpki-client.org