Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/QWUcreJjBzx8WNvTsP9gMqrHth8.roa
File: QWUcreJjBzx8WNvTsP9gMqrHth8.roa (raw, json)
Hash identifier: dGmHNvdSQo1PSbb++ihCNGyUItWlB1C31OzY9MMt0KQ=
Subject key identifier: 41:65:1C:AD:E2:63:07:3C:7C:58:DB:D3:B0:FF:60:32:AA:C7:B6:1F
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 0193A841C354D62C012E2056A25D62B5E6BC
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/QWUcreJjBzx8WNvTsP9gMqrHth8.roa
Signing time: Sun 08 Dec 2024 21:51:42 +0000
ROA not before: Sun 08 Dec 2024 21:51:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.24.0/24 maxlen: 24
185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:60::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:100::/45 maxlen: 45
2a14:3f80:108::/45 maxlen: 45
2a14:3f80:3d1::/48 maxlen: 48
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:2000::/38 maxlen: 38
2a14:3f80:2400::/38 maxlen: 38
2a14:3f80:2800::/38 maxlen: 38
2a14:3f80:3000::/38 maxlen: 38
2a14:3f80:3400::/38 maxlen: 38
2a14:3f80:3800::/38 maxlen: 38
2a14:3f80:3c00::/38 maxlen: 38
2a14:3f80:4000::/38 maxlen: 38
2a14:3f80:4400::/38 maxlen: 38
2a14:3f80:5000::/38 maxlen: 38
2a14:3f80:6000::/38 maxlen: 38
2a14:3f80:7000::/38 maxlen: 38
2a14:3f80:8800::/38 maxlen: 38
2a14:3f80:af38::/45 maxlen: 45
2a14:3f81:5800::/38 maxlen: 38
2a14:3f82:4000::/38 maxlen: 38
2a14:3f82:6000::/38 maxlen: 38
2a14:3f82:7000::/38 maxlen: 38
2a14:3f82:8800::/38 maxlen: 38
2a14:3f87:2800::/38 maxlen: 38
2a14:3f87:4800::/38 maxlen: 38
2a14:3f87:6800::/38 maxlen: 38
2a14:3f87:9800::/38 maxlen: 38
2a14:3f87:fc00::/38 maxlen: 38
Validation: Failed, certificate revoked on Tue 10 Dec 2024 22:26:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a8:41:c3:54:d6:2c:01:2e:20:56:a2:5d:62:b5:e6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Dec 8 21:51:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41651cade263073c7c58dbd3b0ff6032aac7b61f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a0:a7:e3:6e:37:3f:0d:22:10:de:98:eb:f6:
ee:d9:a4:b6:a4:5b:72:f1:db:8e:65:fd:b9:fc:40:
db:ca:f8:e0:6f:08:16:1d:73:39:f0:e5:c3:21:3a:
db:dd:eb:1c:eb:17:63:9c:db:ca:fa:e8:e5:89:82:
6c:2c:5c:61:8c:f2:50:fe:53:52:29:41:2f:a8:30:
17:bc:fa:9c:c4:1e:81:59:33:ea:66:51:c3:44:b1:
e2:05:be:7d:60:d7:31:05:a0:92:cb:62:db:88:67:
43:ed:24:da:b8:72:75:fc:df:f9:8a:1c:6d:42:15:
68:79:4b:c5:11:05:d9:e2:af:a4:9c:9b:73:ec:93:
ea:82:ef:b7:17:86:f7:e3:81:25:f3:8d:b1:65:1e:
32:32:3b:84:b3:c9:7a:59:8a:3a:70:1f:f3:ed:2c:
9c:29:0a:fc:b5:41:16:f1:d0:64:7a:38:01:17:a0:
8d:b9:03:1b:b3:93:a3:d2:af:f0:ac:76:e6:94:ea:
ff:35:fc:29:d8:99:5a:ae:fd:16:ed:e9:de:c8:09:
fe:da:da:19:a6:b4:4a:99:23:e5:58:de:70:41:83:
b1:14:8f:85:8d:18:75:d2:77:76:2b:11:e2:ee:d3:
59:f6:bd:de:2c:6b:5f:c5:9a:97:76:b6:60:ca:b0:
0c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:65:1C:AD:E2:63:07:3C:7C:58:DB:D3:B0:FF:60:32:AA:C7:B6:1F
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/QWUcreJjBzx8WNvTsP9gMqrHth8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.24.0/24
185.225.26.0/24
192.189.157.0/24
IPv6:
2a14:3f80:8::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:60::/45
2a14:3f80:80::/44
2a14:3f80:100::/44
2a14:3f80:3d1::/48
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:3000::-2a14:3f80:47ff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:5000::/38
2a14:3f80:6000::/38
2a14:3f80:7000::/38
2a14:3f80:8800::/38
2a14:3f80:af38::/45
2a14:3f81:5800::/38
2a14:3f82:4000::/38
2a14:3f82:6000::/38
2a14:3f82:7000::/38
2a14:3f82:8800::/38
2a14:3f87:2800::/38
2a14:3f87:4800::/38
2a14:3f87:6800::/38
2a14:3f87:9800::/38
2a14:3f87:fc00::/38
Signature Algorithm: sha256WithRSAEncryption
c8:f2:97:b7:ef:49:fb:ec:f0:3a:0e:0c:a0:05:00:48:de:f8:
e1:3d:dd:e6:52:61:05:90:7f:17:0e:b6:fe:29:31:57:97:11:
4b:7d:fe:91:6f:6b:44:33:04:8c:b7:a1:77:e6:99:10:a9:89:
8e:5c:0c:0e:ea:f1:22:a1:5c:81:02:39:4d:a3:69:78:c3:6f:
31:5f:b4:36:f5:b0:09:3c:99:2b:88:d8:c6:43:f5:d1:c9:c5:
5a:ab:3c:5b:f8:ea:71:a9:aa:d3:b7:30:3b:a7:75:b8:56:7f:
25:2c:9b:23:13:9e:40:5d:36:86:4b:2b:d4:6e:af:3e:8c:99:
98:1c:5b:38:63:80:14:68:79:5e:31:b1:9f:2b:9e:64:19:76:
ac:ec:77:9c:69:2c:8d:4c:0a:1e:00:4f:63:75:ab:06:58:2e:
96:a7:9e:6b:dd:4e:f2:e4:3a:bc:c6:52:b2:8d:6d:0a:8f:58:
d9:13:a7:14:9e:53:c1:13:44:8e:2e:60:5d:aa:f6:37:b2:7f:
a9:f3:13:19:d2:7f:96:be:55:49:07:1d:3e:e1:dd:41:03:40:
ff:c0:95:c2:4a:32:76:5c:fb:5c:9d:96:e5:d9:77:35:e3:a7:
d0:ad:8f:5d:a4:0e:d1:ad:b0:4b:40:c9:24:fe:06:fe:0b:a1:
03:c0:c3:00
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAZOoQcNU1iwBLiBWol1itea8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQxMjA4MjE1MTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTY1MWNhZGUyNjMwNzNjN2M1OGRiZDNiMGZmNjAzMmFhYzdiNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKCn4243Pw0iEN6Y6/bu2aS2pFty
8duOZf25/EDbyvjgbwgWHXM58OXDITrb3esc6xdjnNvK+ujliYJsLFxhjPJQ/lNS
KUEvqDAXvPqcxB6BWTPqZlHDRLHiBb59YNcxBaCSy2LbiGdD7STauHJ1/N/5ihxt
QhVoeUvFEQXZ4q+knJtz7JPqgu+3F4b344El842xZR4yMjuEs8l6WYo6cB/z7Syc
KQr8tUEW8dBkejgBF6CNuQMbs5Oj0q/wrHbmlOr/Nfwp2Jlarv0W7eneyAn+2toZ
prRKmSPlWN5wQYOxFI+FjRh10nd2KxHi7tNZ9r3eLGtfxZqXdrZgyrAMhwIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFEFlHK3iYwc8fFjb07D/YDKqx7YfMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvUVdVY3JlSmpCeng4V052VHNQOWdNcXJIdGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzAYBAIAATASAwQA
ueEYAwQAueEaAwQAwL2dMIHuBAIAAjCB5zASAwcDKhQ/gAAIAwcEKhQ/gAAgAwcD
KhQ/gABgAwcEKhQ/gACAAwcEKhQ/gAEAAwcAKhQ/gAPRMBADBgMqFD+ACAMGAioU
P4AYMBADBgUqFD+AIAMGAioUP4AoMBADBgQqFD+AMAMGAyoUP4BAAwYCKhQ/gFAD
BgIqFD+AYAMGAioUP4BwAwYCKhQ/gIgDBwMqFD+ArzgDBgIqFD+BWAMGAioUP4JA
AwYCKhQ/gmADBgIqFD+CcAMGAioUP4KIAwYCKhQ/hygDBgIqFD+HSAMGAioUP4do
AwYCKhQ/h5gDBgIqFD+H/DANBgkqhkiG9w0BAQsFAAOCAQEAyPKXt+9J++zwOg4M
oAUASN744T3d5lJhBZB/Fw62/ikxV5cRS33+kW9rRDMEjLehd+aZEKmJjlwMDurx
IqFcgQI5TaNpeMNvMV+0NvWwCTyZK4jYxkP10cnFWqs8W/jqcamq07cwO6d1uFZ/
JSybIxOeQF02hksr1G6vPoyZmBxbOGOAFGh5XjGxnyueZBl2rOx3nGksjUwKHgBP
Y3WrBlgulqeea91O8uQ6vMZSso1tCo9Y2ROnFJ5TwRNEji5gXar2N7J/qfMTGdJ/
lr5VSQcdPuHdQQNA/8CVwkoydlz7XJ2W5dl3NeOn0K2PXaQO0a2wS0DJJP4G/guh
A8DDAA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:23:35 2025 by rpki-client