Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Mz-6LHLjyOUxU_vsTv0U6o9kkyM.roa
File: Mz-6LHLjyOUxU_vsTv0U6o9kkyM.roa (raw, json)
Hash identifier: HPTHIK7z/i367bBdL8GTdpw3yeF7ptqvLRnx5alofeg=
Subject key identifier: 33:3F:BA:2C:72:E3:C8:E5:31:53:FB:EC:4E:FD:14:EA:8F:64:93:23
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018AEF9739FD53EF77C9DF469CF92DCC7917
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Mz-6LHLjyOUxU_vsTv0U6o9kkyM.roa
Signing time: Mon 02 Oct 2023 08:52:59 +0000
ROA not before: Mon 02 Oct 2023 08:52:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207724
IP address blocks: 185.239.2.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:97:39:fd:53:ef:77:c9:df:46:9c:f9:2d:cc:79:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 2 08:52:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=333fba2c72e3c8e53153fbec4efd14ea8f649323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:37:9e:87:30:7a:ce:95:cd:52:f7:4e:e9:c7:
b3:79:52:3f:83:ad:34:14:88:18:05:9a:e0:50:e4:
f2:6f:f3:81:0e:e4:b0:cd:97:06:ae:33:e6:09:d6:
a2:81:0b:79:73:1a:76:74:92:2d:89:5c:c5:e0:18:
63:bc:60:ce:72:6a:a9:e0:30:99:23:48:5b:9d:55:
13:80:18:6a:70:8f:d6:5c:40:b2:54:bb:f0:55:6f:
bf:44:94:53:07:92:f5:48:8f:bd:7b:04:8d:5e:87:
8b:ac:af:e0:a3:61:cd:ed:00:f6:0a:0f:1d:b8:3f:
0b:53:26:a0:cb:dc:16:51:47:07:59:e5:b2:68:f3:
09:ba:ed:62:3f:cd:ac:f9:27:5d:0b:24:fb:97:3a:
ac:34:38:f9:83:3f:a5:04:0c:44:a3:11:90:1e:57:
58:94:44:5a:38:34:d3:10:d2:61:ac:2c:ab:e9:a7:
4d:5a:3f:41:1f:f8:7e:b5:56:ea:37:78:08:cc:06:
d6:57:94:40:9c:44:51:6e:0e:12:21:ce:75:a7:43:
98:c1:e8:f9:ae:c5:db:1f:fa:09:cc:95:55:6a:d6:
c9:8c:7c:6c:fe:1e:87:0b:e0:1a:e6:72:d5:73:6c:
d4:e9:3d:31:d2:23:68:84:7b:ec:9e:2c:b2:ed:c3:
53:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:3F:BA:2C:72:E3:C8:E5:31:53:FB:EC:4E:FD:14:EA:8F:64:93:23
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Mz-6LHLjyOUxU_vsTv0U6o9kkyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0/24
185.3.200.0/24
185.239.2.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:75:01:36:9a:8e:b2:2b:7f:92:13:8d:5c:62:10:24:a7:f6:
1a:da:5b:db:6b:36:08:ab:d8:dd:36:5e:10:e5:22:f9:24:2d:
ec:40:5a:05:9c:41:03:0b:12:98:62:92:5f:48:67:cb:9f:51:
2b:90:97:88:78:ae:e3:cf:1d:40:96:01:cb:38:92:9d:97:8a:
6e:6c:18:8c:ef:91:db:73:46:43:b7:96:35:f6:b7:21:6f:97:
8c:75:9a:f4:64:a9:f8:eb:33:42:5c:cc:cb:47:b3:8c:46:9f:
6b:c0:e1:09:35:dd:50:c8:ae:43:67:dd:3c:69:40:31:ef:af:
83:b5:c3:8b:58:8f:c4:47:46:c1:52:b0:67:02:8d:57:06:8b:
11:72:1b:08:48:2d:c6:58:da:e6:9f:e1:7e:c5:7e:09:d6:0a:
21:e6:3a:0b:c3:9d:e5:ad:10:98:b3:9c:7c:77:c7:6c:1e:a6:
a6:95:59:d8:67:37:f5:ba:fc:62:6d:f8:2f:81:88:40:f5:4e:
88:86:5d:6f:94:aa:12:92:f6:3a:8d:54:c1:79:1b:17:21:3b:
b2:73:cc:93:cc:f7:d0:69:7d:99:de:10:a7:5e:64:c2:c4:0e:
ea:fa:84:fa:73:7f:05:fc:2a:62:79:10:86:11:00:de:d5:84:
3e:db:af:52
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrvlzn9U+93yd9GnPktzHkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMxMDAyMDg1MjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzNmYmEyYzcyZTNjOGU1MzE1M2ZiZWM0ZWZkMTRlYThmNjQ5MzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzeehzB6zpXNUvdO6cezeVI/g600
FIgYBZrgUOTyb/OBDuSwzZcGrjPmCdaigQt5cxp2dJItiVzF4BhjvGDOcmqp4DCZ
I0hbnVUTgBhqcI/WXECyVLvwVW+/RJRTB5L1SI+9ewSNXoeLrK/go2HN7QD2Cg8d
uD8LUyagy9wWUUcHWeWyaPMJuu1iP82s+SddCyT7lzqsNDj5gz+lBAxEoxGQHldY
lERaODTTENJhrCyr6adNWj9BH/h+tVbqN3gIzAbWV5RAnERRbg4SIc51p0OYwej5
rsXbH/oJzJVVatbJjHxs/h6HC+Aa5nLVc2zU6T0x0iNohHvsniyy7cNT1QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDM/uixy48jlMVP77E79FOqPZJMjMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvTXotNkxITGp5T1V4VV92c1R2MFU2bzlra3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABZ8xAwQA
BZ82AwQALV7VAwQAuQPIAwQBue8CMA0GCSqGSIb3DQEBCwUAA4IBAQCPdQE2mo6y
K3+SE41cYhAkp/Ya2lvbazYIq9jdNl4Q5SL5JC3sQFoFnEEDCxKYYpJfSGfLn1Er
kJeIeK7jzx1AlgHLOJKdl4pubBiM75Hbc0ZDt5Y19rchb5eMdZr0ZKn46zNCXMzL
R7OMRp9rwOEJNd1QyK5DZ908aUAx76+DtcOLWI/ER0bBUrBnAo1XBosRchsISC3G
WNrmn+F+xX4J1goh5joLw53lrRCYs5x8d8dsHqamlVnYZzf1uvxibfgvgYhA9U6I
hl1vlKoSkvY6jVTBeRsXITuyc8yTzPfQaX2Z3hCnXmTCxA7q+oT6c38F/CpieRCG
EQDe1YQ+269S
-----END CERTIFICATE-----
Generated at Sun Nov 26 06:41:24 2023 by rpki-client on console-fra.rpki-client.org