Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Mqg_2K4leQ1IvtTmDCu-bt_dt6E.roa
File: Mqg_2K4leQ1IvtTmDCu-bt_dt6E.roa (raw, json)
Hash identifier: UiKIfGteo6db2bSzZ+3W4i26HFVWmRHr8MVWHFUZb8E=
Subject key identifier: 32:A8:3F:D8:AE:25:79:0D:48:BE:D4:E6:0C:2B:BE:6E:DF:DD:B7:A1
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018CC4E8C5410F11B4A53E1DA7F11E6D3FF7
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Mqg_2K4leQ1IvtTmDCu-bt_dt6E.roa
Signing time: Mon 01 Jan 2024 12:03:58 +0000
ROA not before: Mon 01 Jan 2024 12:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 185.239.1.0/24 maxlen: 24
89.44.240.0/24 maxlen: 24
89.42.44.0/22 maxlen: 22
45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:e8:c5:41:0f:11:b4:a5:3e:1d:a7:f1:1e:6d:3f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 1 12:03:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32a83fd8ae25790d48bed4e60c2bbe6edfddb7a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:93:2c:b4:10:5b:92:7d:de:c1:4b:0e:a3:86:
55:7c:17:e0:1a:1f:e4:73:14:d2:56:16:b9:ac:1e:
a0:96:a5:ab:21:23:66:7e:ba:56:cb:99:71:14:44:
db:f7:4e:bd:55:98:64:44:ac:e4:1c:35:f8:72:13:
44:5e:b9:6d:30:d5:84:c1:9d:c4:03:87:7a:2e:5b:
32:7a:6c:ee:6d:3c:35:91:2d:71:3d:9e:33:a1:4e:
51:f6:64:5b:fc:0b:72:94:fa:f4:b4:3a:17:d9:ce:
d3:e7:7d:3e:db:12:de:1e:ce:98:b5:1f:83:d8:eb:
76:a9:52:5f:78:2b:54:75:44:7d:d4:9c:ca:50:22:
49:7b:61:ce:d6:07:ac:c0:32:67:5c:c8:c2:3c:38:
27:36:39:4a:ca:bb:34:41:e6:4d:92:56:da:40:82:
7e:51:c1:53:01:99:12:35:9b:1b:89:6e:3f:cc:2b:
34:b1:ab:17:72:64:68:34:1e:1b:b2:36:c1:90:93:
d5:77:42:e9:5d:2d:4b:7a:89:06:5d:7d:bd:6b:2d:
3e:e5:b5:1b:e2:90:4e:b3:a5:40:06:a2:8f:fd:0a:
a8:db:99:c3:d8:3d:03:49:73:50:47:10:b7:ba:77:
43:72:ca:03:6d:24:57:69:6d:0f:e0:66:a5:04:3d:
28:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A8:3F:D8:AE:25:79:0D:48:BE:D4:E6:0C:2B:BE:6E:DF:DD:B7:A1
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Mqg_2K4leQ1IvtTmDCu-bt_dt6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/23
89.42.44.0/22
89.44.240.0/24
89.46.217.0/24
185.239.1.0/24
Signature Algorithm: sha256WithRSAEncryption
35:78:ad:50:c3:78:d0:f1:82:3d:b7:90:98:c4:05:01:8d:13:
bd:8e:ed:60:a2:c8:54:47:0b:a0:21:f1:00:d1:5e:ed:4f:30:
65:0e:7e:d1:99:e8:2d:5a:1a:60:77:1d:75:f4:55:fa:47:b9:
60:be:2b:d3:00:9a:79:5e:de:1b:ca:d7:da:88:24:a7:e3:50:
e5:6f:34:83:ba:b8:d6:08:40:65:87:94:92:f4:ce:5d:83:e1:
9e:bf:87:b7:ae:d4:81:e0:0c:8a:da:32:29:78:70:62:bf:cf:
01:4d:c9:5d:d5:29:c3:c5:da:36:f1:23:ab:5d:02:97:e0:11:
cf:d2:4e:f2:2c:40:35:d4:c3:7a:cc:51:6e:97:a6:b2:56:7c:
0c:d4:5f:de:56:7f:cb:f7:12:2d:4b:d2:7a:e8:c6:db:f1:3f:
92:b2:7a:a6:b7:c1:d2:2f:0d:e3:37:3e:1b:ee:d5:b3:23:ae:
5d:89:f4:62:b0:10:28:a4:4d:5d:10:8b:6d:c9:04:32:e8:24:
5f:55:e7:2d:ad:61:a4:bb:49:43:d5:de:07:10:18:b5:8c:7d:
a2:a5:6e:30:1d:b4:65:3d:61:62:0a:15:2e:20:41:3f:5b:eb:
49:c7:49:3e:26:3e:e3:df:3e:8d:a5:30:67:07:11:d2:9d:b3:
a4:bf:12:f6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzE6MVBDxG0pT4dp/EebT/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMTAxMTIwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmE4M2ZkOGFlMjU3OTBkNDhiZWQ0ZTYwYzJiYmU2ZWRmZGRiN2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJMstBBbkn3ewUsOo4ZVfBfgGh/k
cxTSVha5rB6glqWrISNmfrpWy5lxFETb9069VZhkRKzkHDX4chNEXrltMNWEwZ3E
A4d6LlsyemzubTw1kS1xPZ4zoU5R9mRb/AtylPr0tDoX2c7T530+2xLeHs6YtR+D
2Ot2qVJfeCtUdUR91JzKUCJJe2HO1geswDJnXMjCPDgnNjlKyrs0QeZNklbaQIJ+
UcFTAZkSNZsbiW4/zCs0sasXcmRoNB4bsjbBkJPVd0LpXS1LeokGXX29ay0+5bUb
4pBOs6VABqKP/Qqo25nD2D0DSXNQRxC3undDcsoDbSRXaW0P4GalBD0odwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDKoP9iuJXkNSL7U5gwrvm7f3behMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvTXFnXzJLNGxlUTFJdnRUbURDdS1idF9kdDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLV7WAwQC
WSosAwQAWSzwAwQAWS7ZAwQAue8BMA0GCSqGSIb3DQEBCwUAA4IBAQA1eK1Qw3jQ
8YI9t5CYxAUBjRO9ju1goshURwugIfEA0V7tTzBlDn7RmegtWhpgdx119FX6R7lg
vivTAJp5Xt4bytfaiCSn41DlbzSDurjWCEBlh5SS9M5dg+Gev4e3rtSB4AyK2jIp
eHBiv88BTcld1SnDxdo28SOrXQKX4BHP0k7yLEA11MN6zFFul6ayVnwM1F/eVn/L
9xItS9J66Mbb8T+Ssnqmt8HSLw3jNz4b7tWzI65difRisBAopE1dEIttyQQy6CRf
VectrWGku0lD1d4HEBi1jH2ipW4wHbRlPWFiChUuIEE/W+tJx0k+Jj7j3z6NpTBn
BxHSnbOkvxL2
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:01:48 2024 by rpki-client on console.sobornost.net