Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/3AbIEU6D8SaGybwAHn3i55Jql5c.roa
File: 3AbIEU6D8SaGybwAHn3i55Jql5c.roa (raw, json)
Hash identifier: mUKlN7OdDWq6o8SkqonEHmCuttCPCAz/e93TiqZWFdU=
Subject key identifier: DC:06:C8:11:4E:83:F1:26:86:C9:BC:00:1E:7D:E2:E7:92:6A:97:97
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 0191438487EF4064985318C8E726EFBC63C4
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/3AbIEU6D8SaGybwAHn3i55Jql5c.roa
Signing time: Sun 11 Aug 2024 22:17:24 +0000
ROA not before: Sun 11 Aug 2024 22:17:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.24.0/24 maxlen: 24
185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:100::/45 maxlen: 45
2a14:3f80:108::/45 maxlen: 45
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:2000::/38 maxlen: 38
2a14:3f80:2400::/38 maxlen: 38
2a14:3f80:2800::/38 maxlen: 38
2a14:3f80:3000::/38 maxlen: 38
2a14:3f80:3400::/38 maxlen: 38
2a14:3f80:3800::/38 maxlen: 38
2a14:3f80:3c00::/38 maxlen: 38
2a14:3f80:4000::/38 maxlen: 38
2a14:3f80:4400::/38 maxlen: 38
2a14:3f80:5000::/38 maxlen: 38
2a14:3f80:6000::/38 maxlen: 38
2a14:3f80:7000::/38 maxlen: 38
2a14:3f80:8800::/38 maxlen: 38
2a14:3f81:5800::/38 maxlen: 38
2a14:3f82:4000::/38 maxlen: 38
2a14:3f82:6000::/38 maxlen: 38
2a14:3f82:7000::/38 maxlen: 38
2a14:3f82:8800::/38 maxlen: 38
2a14:3f87:6800::/38 maxlen: 38
Validation: Failed, certificate revoked on Thu 15 Aug 2024 22:11:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:43:84:87:ef:40:64:98:53:18:c8:e7:26:ef:bc:63:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Aug 11 22:17:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc06c8114e83f12686c9bc001e7de2e7926a9797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:69:f4:b6:96:6f:42:d4:fb:ce:da:4d:56:d9:
01:61:f2:49:8a:9d:42:9e:62:5b:bb:b0:2a:47:2a:
3d:4b:ab:89:e7:a1:6a:86:9e:34:63:37:7b:27:de:
88:73:b7:4b:93:03:36:7e:9d:7f:b7:7c:db:df:cf:
7d:0a:31:00:e9:f4:69:21:cf:c9:6d:32:9a:ad:f1:
81:2c:c8:5a:03:dd:96:b8:73:53:ee:4f:31:45:e9:
2d:b1:45:35:1e:6a:03:de:82:3b:fa:68:5b:6a:98:
cc:a4:99:bc:22:43:db:1d:84:b0:89:3d:c3:85:2b:
ba:6a:d8:ac:a7:ba:ce:e8:31:1d:3c:55:2e:79:98:
3e:18:b6:70:f6:17:95:4d:23:54:86:ae:1f:ba:c9:
3a:e8:90:0e:f6:e2:fc:a5:39:6a:aa:66:ea:bc:d1:
64:66:2b:f9:e0:cc:92:56:31:2d:9d:44:f7:52:fa:
53:69:40:6f:ca:ec:2b:2d:77:bc:eb:17:76:50:69:
93:6c:ce:a1:13:9a:bc:94:20:34:32:a5:05:c8:73:
8e:e5:fb:62:d0:63:bb:4e:44:b4:22:e0:83:e9:13:
f6:38:f0:78:ba:df:c0:5d:51:1a:51:bf:f5:91:ef:
8c:52:a1:b0:29:82:63:96:b9:e1:e2:0b:7f:a8:df:
84:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:06:C8:11:4E:83:F1:26:86:C9:BC:00:1E:7D:E2:E7:92:6A:97:97
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/3AbIEU6D8SaGybwAHn3i55Jql5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.24.0/24
185.225.26.0/24
192.189.157.0/24
IPv6:
2a14:3f80:8::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:80::/44
2a14:3f80:100::/44
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:3000::-2a14:3f80:47ff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:5000::/38
2a14:3f80:6000::/38
2a14:3f80:7000::/38
2a14:3f80:8800::/38
2a14:3f81:5800::/38
2a14:3f82:4000::/38
2a14:3f82:6000::/38
2a14:3f82:7000::/38
2a14:3f82:8800::/38
2a14:3f87:6800::/38
Signature Algorithm: sha256WithRSAEncryption
2d:a6:0b:5d:d9:68:db:a7:ad:89:f0:ca:43:45:ce:1d:c6:76:
ad:78:c1:fc:6f:b5:04:c6:1a:15:cc:39:c6:f6:6a:22:77:87:
91:a0:1d:ab:58:fa:39:5e:ad:df:76:48:97:7e:bb:a0:a0:50:
c0:e2:7c:c5:77:8d:86:da:93:80:bd:13:92:76:bd:84:fd:47:
cb:2c:39:d3:f0:33:19:6c:97:d7:e9:2f:b1:18:2c:db:15:00:
57:3a:1d:d8:50:2f:08:04:62:6f:7d:36:a9:64:04:db:94:99:
8a:4e:6a:8a:a1:ee:08:aa:cb:bb:c7:83:9e:15:78:ff:45:f1:
51:ea:38:60:72:92:c3:2d:19:b0:b6:05:2d:79:ea:18:8f:db:
8f:0a:66:3b:13:50:2d:6a:56:79:95:49:80:13:e0:96:d3:f1:
ca:fc:19:21:3f:8f:86:e8:eb:fe:c8:b3:f7:db:66:18:12:17:
ff:ba:03:83:d1:0e:71:d4:21:6d:c6:d9:04:d2:71:01:b0:1c:
5a:19:13:c0:a5:98:92:a6:c8:9d:da:96:35:7a:9d:bc:b4:48:
08:17:6d:93:13:73:e5:13:9e:ff:bb:6d:e3:f6:25:12:5e:87:
98:33:2a:79:70:47:1e:21:d9:f5:6a:a0:3a:1a:1c:e7:14:89:
85:3d:6d:15
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAZFDhIfvQGSYUxjI5ybvvGPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQwODExMjIxNzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzA2YzgxMTRlODNmMTI2ODZjOWJjMDAxZTdkZTJlNzkyNmE5Nzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2n0tpZvQtT7ztpNVtkBYfJJip1C
nmJbu7AqRyo9S6uJ56Fqhp40Yzd7J96Ic7dLkwM2fp1/t3zb3899CjEA6fRpIc/J
bTKarfGBLMhaA92WuHNT7k8xRektsUU1HmoD3oI7+mhbapjMpJm8IkPbHYSwiT3D
hSu6atisp7rO6DEdPFUueZg+GLZw9heVTSNUhq4fusk66JAO9uL8pTlqqmbqvNFk
Ziv54MySVjEtnUT3UvpTaUBvyuwrLXe86xd2UGmTbM6hE5q8lCA0MqUFyHOO5fti
0GO7TkS0IuCD6RP2OPB4ut/AXVEaUb/1ke+MUqGwKYJjlrnh4gt/qN+ETwIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFNwGyBFOg/Emhsm8AB594ueSapeXMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvM0FiSUVVNkQ4U2FHeWJ3QUhuM2k1NUpxbDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DAYBAIAATASAwQAueEY
AwQAueEaAwQAwL2dMIGzBAIAAjCBrDASAwcDKhQ/gAAIAwcEKhQ/gAAgAwcEKhQ/
gACAAwcEKhQ/gAEAMBADBgMqFD+ACAMGAioUP4AYMBADBgUqFD+AIAMGAioUP4Ao
MBADBgQqFD+AMAMGAyoUP4BAAwYCKhQ/gFADBgIqFD+AYAMGAioUP4BwAwYCKhQ/
gIgDBgIqFD+BWAMGAioUP4JAAwYCKhQ/gmADBgIqFD+CcAMGAioUP4KIAwYCKhQ/
h2gwDQYJKoZIhvcNAQELBQADggEBAC2mC13ZaNunrYnwykNFzh3Gdq14wfxvtQTG
GhXMOcb2aiJ3h5GgHatY+jlerd92SJd+u6CgUMDifMV3jYbak4C9E5J2vYT9R8ss
OdPwMxlsl9fpL7EYLNsVAFc6HdhQLwgEYm99NqlkBNuUmYpOaoqh7giqy7vHg54V
eP9F8VHqOGByksMtGbC2BS156hiP248KZjsTUC1qVnmVSYAT4JbT8cr8GSE/j4bo
6/7Is/fbZhgSF/+6A4PRDnHUIW3G2QTScQGwHFoZE8ClmJKmyJ3aljV6nby0SAgX
bZMTc+UTnv+7beP2JRJeh5gzKnlwRx4h2fVqoDoaHOcUiYU9bRU=
-----END CERTIFICATE-----
Generated at Thu Aug 15 23:13:31 2024 by rpki-client on console-ams.rpki-client.org