Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/CNobGkIUgtXIbIZXFpAOiTl8ydg.roa
File: CNobGkIUgtXIbIZXFpAOiTl8ydg.roa (raw, json)
Hash identifier: no1+/FPeaFPcvpvLzpYAk2R4kM9e8tlkV+8cC3dreiU=
Subject key identifier: 08:DA:1B:1A:42:14:82:D5:C8:6C:86:57:16:90:0E:89:39:7C:C9:D8
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 01954E7140C1DE3B8242209E176C1DBC69FB
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/CNobGkIUgtXIbIZXFpAOiTl8ydg.roa
Signing time: Fri 28 Feb 2025 21:23:19 +0000
ROA not before: Fri 28 Feb 2025 21:23:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.24.0/24 maxlen: 24
185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:60::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:100::/45 maxlen: 45
2a14:3f80:108::/45 maxlen: 45
2a14:3f80:3d1::/48 maxlen: 48
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:2000::/38 maxlen: 38
2a14:3f80:2400::/38 maxlen: 38
2a14:3f80:2800::/38 maxlen: 38
2a14:3f80:3000::/38 maxlen: 38
2a14:3f80:3400::/38 maxlen: 38
2a14:3f80:3800::/38 maxlen: 38
2a14:3f80:3c00::/38 maxlen: 38
2a14:3f80:4000::/38 maxlen: 38
2a14:3f80:4400::/38 maxlen: 38
2a14:3f80:5000::/38 maxlen: 38
2a14:3f80:6000::/38 maxlen: 38
2a14:3f80:7000::/38 maxlen: 38
2a14:3f80:8800::/38 maxlen: 38
2a14:3f80:af38::/45 maxlen: 45
2a14:3f81:5800::/38 maxlen: 38
2a14:3f82:4000::/38 maxlen: 38
2a14:3f82:6000::/38 maxlen: 38
2a14:3f82:7000::/38 maxlen: 38
2a14:3f82:8800::/38 maxlen: 38
2a14:3f87:2800::/38 maxlen: 38
2a14:3f87:4800::/38 maxlen: 38
2a14:3f87:6800::/38 maxlen: 38
2a14:3f87:9800::/38 maxlen: 38
2a14:3f87:c800::/38 maxlen: 38
2a14:3f87:e000::/38 maxlen: 38
2a14:3f87:f000::/38 maxlen: 38
2a14:3f87:fc00::/38 maxlen: 38
Validation: Failed, certificate revoked on Sat 01 Mar 2025 23:59:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4e:71:40:c1:de:3b:82:42:20:9e:17:6c:1d:bc:69:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Feb 28 21:23:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08da1b1a421482d5c86c865716900e89397cc9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ab:fa:0e:66:05:a3:17:22:9c:48:be:9b:f8:
ad:e4:e7:0d:c1:ed:75:b7:2d:98:66:49:ef:20:3d:
77:66:b3:a6:fe:6a:47:a8:63:62:06:04:48:64:c8:
27:a4:e0:7f:17:dd:c0:b2:6d:7c:1b:46:57:df:91:
b5:c9:63:ce:bc:9b:19:aa:ee:ea:7f:9f:54:5c:71:
44:71:c1:4d:c8:bb:0a:ec:08:22:4d:f1:bb:da:24:
23:05:69:a3:5d:f0:95:7b:29:45:ce:33:6d:09:cd:
9a:a8:89:04:57:77:96:2f:f4:db:be:41:b0:c1:aa:
e8:69:14:60:c4:6a:8a:48:6a:4a:ae:86:a0:f4:3d:
d8:a6:9c:57:89:ea:93:9f:e8:b7:39:92:cb:f9:c3:
94:87:a1:91:d5:55:b4:d2:c5:93:df:e8:50:5c:6a:
27:e4:ba:74:ca:46:cc:6b:94:dc:ea:29:31:23:70:
c9:3e:79:49:1c:45:a5:54:8c:0d:1a:04:cb:8f:20:
79:36:aa:e9:9e:78:66:07:53:ab:0d:51:51:f9:55:
bc:b4:07:64:7d:8b:2d:77:b8:a8:99:c9:1b:3a:fc:
b6:94:48:05:49:8f:f5:94:be:0f:cd:f1:8e:0e:1a:
f2:5f:11:43:67:ed:63:4f:a2:d6:dc:f3:f4:a2:80:
fd:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:DA:1B:1A:42:14:82:D5:C8:6C:86:57:16:90:0E:89:39:7C:C9:D8
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/CNobGkIUgtXIbIZXFpAOiTl8ydg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.24.0/24
185.225.26.0/24
192.189.157.0/24
IPv6:
2a14:3f80:8::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:60::/45
2a14:3f80:80::/44
2a14:3f80:100::/44
2a14:3f80:3d1::/48
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:3000::-2a14:3f80:47ff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:5000::/38
2a14:3f80:6000::/38
2a14:3f80:7000::/38
2a14:3f80:8800::/38
2a14:3f80:af38::/45
2a14:3f81:5800::/38
2a14:3f82:4000::/38
2a14:3f82:6000::/38
2a14:3f82:7000::/38
2a14:3f82:8800::/38
2a14:3f87:2800::/38
2a14:3f87:4800::/38
2a14:3f87:6800::/38
2a14:3f87:9800::/38
2a14:3f87:c800::/38
2a14:3f87:e000::/38
2a14:3f87:f000::/38
2a14:3f87:fc00::/38
Signature Algorithm: sha256WithRSAEncryption
3a:90:3a:5f:47:64:f2:07:28:88:0e:f1:1c:12:b0:71:db:67:
02:d6:88:ca:6f:ba:be:93:ce:44:b8:1b:aa:da:45:90:b0:e5:
56:8b:21:23:08:51:12:d7:05:c9:76:85:92:f7:64:2c:c7:2b:
07:b0:56:a2:16:e1:fe:3f:22:c9:a5:82:0c:7e:a2:ac:c8:c3:
cf:53:58:c4:7e:8a:19:9b:2a:e0:14:80:85:fa:c7:22:bf:0d:
23:c7:9f:ef:36:ba:5f:5e:b5:2d:77:41:11:0f:39:f2:90:2d:
89:9f:f7:31:da:d1:60:e1:56:7d:d8:f2:c0:49:76:31:ad:61:
7c:31:ce:07:b0:a1:cd:2b:1a:8c:d5:da:6a:0c:70:b3:39:ae:
e4:c3:72:42:c5:58:b6:3a:28:e0:05:db:6c:aa:ae:43:5a:5b:
99:4e:bb:da:45:e2:07:07:0a:5e:5d:cf:ff:9d:ab:83:90:68:
5a:e9:10:ab:cb:51:f0:1a:0c:da:f6:71:be:dd:08:6e:26:46:
8f:44:55:e9:d8:f8:70:fb:9c:c1:6d:ee:2d:a5:0c:db:2a:6e:
b0:e9:c2:49:68:c6:c5:10:1d:49:5b:9b:5c:89:bc:17:04:b2:
8f:85:38:af:14:ba:59:4d:f1:4f:9c:c0:2a:fc:dc:81:25:1e:
a8:50:cc:b6
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISAZVOcUDB3juCQiCeF2wdvGn7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjUwMjI4MjEyMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGRhMWIxYTQyMTQ4MmQ1Yzg2Yzg2NTcxNjkwMGU4OTM5N2NjOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvav6DmYFoxcinEi+m/it5OcNwe11
ty2YZknvID13ZrOm/mpHqGNiBgRIZMgnpOB/F93Asm18G0ZX35G1yWPOvJsZqu7q
f59UXHFEccFNyLsK7AgiTfG72iQjBWmjXfCVeylFzjNtCc2aqIkEV3eWL/TbvkGw
waroaRRgxGqKSGpKroag9D3YppxXieqTn+i3OZLL+cOUh6GR1VW00sWT3+hQXGon
5Lp0ykbMa5Tc6ikxI3DJPnlJHEWlVIwNGgTLjyB5NqrpnnhmB1OrDVFR+VW8tAdk
fYstd7iomckbOvy2lEgFSY/1lL4PzfGODhryXxFDZ+1jT6LW3PP0ooD94QIDAQAB
o4IDJTCCAyEwHQYDVR0OBBYEFAjaGxpCFILVyGyGVxaQDok5fMnYMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvQ05vYkdrSVVndFhJYklaWEZwQU9pVGw4eWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOQYIKwYBBQUHAQcBAf8EggEoMIIBJDAYBAIAATASAwQA
ueEYAwQAueEaAwQAwL2dMIIBBgQCAAIwgf8wEgMHAyoUP4AACAMHBCoUP4AAIAMH
AyoUP4AAYAMHBCoUP4AAgAMHBCoUP4ABAAMHACoUP4AD0TAQAwYDKhQ/gAgDBgIq
FD+AGDAQAwYFKhQ/gCADBgIqFD+AKDAQAwYEKhQ/gDADBgMqFD+AQAMGAioUP4BQ
AwYCKhQ/gGADBgIqFD+AcAMGAioUP4CIAwcDKhQ/gK84AwYCKhQ/gVgDBgIqFD+C
QAMGAioUP4JgAwYCKhQ/gnADBgIqFD+CiAMGAioUP4coAwYCKhQ/h0gDBgIqFD+H
aAMGAioUP4eYAwYCKhQ/h8gDBgIqFD+H4AMGAioUP4fwAwYCKhQ/h/wwDQYJKoZI
hvcNAQELBQADggEBADqQOl9HZPIHKIgO8RwSsHHbZwLWiMpvur6TzkS4G6raRZCw
5VaLISMIURLXBcl2hZL3ZCzHKwewVqIW4f4/Ismlggx+oqzIw89TWMR+ihmbKuAU
gIX6xyK/DSPHn+82ul9etS13QREPOfKQLYmf9zHa0WDhVn3Y8sBJdjGtYXwxzgew
oc0rGozV2moMcLM5ruTDckLFWLY6KOAF22yqrkNaW5lOu9pF4gcHCl5dz/+dq4OQ
aFrpEKvLUfAaDNr2cb7dCG4mRo9EVenY+HD7nMFt7i2lDNsqbrDpwkloxsUQHUlb
m1yJvBcEso+FOK8UullN8U+cwCr83IElHqhQzLY=
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:23:00 2025 by rpki-client