Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/IDbXtr9M1hPUaMjNahMYix8SV9w.roa
File: IDbXtr9M1hPUaMjNahMYix8SV9w.roa (raw, json)
Hash identifier: 0Bj0Qj9Ky53qiDfVhmfR2E6mPFb9zJiZUSCyoZ+94lU=
Subject key identifier: 20:36:D7:B6:BF:4C:D6:13:D4:68:C8:CD:6A:13:18:8B:1F:12:57:DC
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 01921BB1C8FCCBB18F79F50C3C40417E62F5
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/IDbXtr9M1hPUaMjNahMYix8SV9w.roa
Signing time: Sun 22 Sep 2024 21:44:49 +0000
ROA not before: Sun 22 Sep 2024 21:44:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.24.0/24 maxlen: 24
185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:60::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:100::/45 maxlen: 45
2a14:3f80:108::/45 maxlen: 45
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:2000::/38 maxlen: 38
2a14:3f80:2400::/38 maxlen: 38
2a14:3f80:2800::/38 maxlen: 38
2a14:3f80:3000::/38 maxlen: 38
2a14:3f80:3400::/38 maxlen: 38
2a14:3f80:3800::/38 maxlen: 38
2a14:3f80:3c00::/38 maxlen: 38
2a14:3f80:4000::/38 maxlen: 38
2a14:3f80:4400::/38 maxlen: 38
2a14:3f80:5000::/38 maxlen: 38
2a14:3f80:6000::/38 maxlen: 38
2a14:3f80:7000::/38 maxlen: 38
2a14:3f80:8800::/38 maxlen: 38
2a14:3f80:af38::/45 maxlen: 45
2a14:3f81:5800::/38 maxlen: 38
2a14:3f82:4000::/38 maxlen: 38
2a14:3f82:6000::/38 maxlen: 38
2a14:3f82:7000::/38 maxlen: 38
2a14:3f82:8800::/38 maxlen: 38
2a14:3f87:2800::/38 maxlen: 38
2a14:3f87:4800::/38 maxlen: 38
2a14:3f87:6800::/38 maxlen: 38
2a14:3f87:9800::/38 maxlen: 38
Validation: Failed, certificate revoked on Sun 27 Oct 2024 22:35:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1b:b1:c8:fc:cb:b1:8f:79:f5:0c:3c:40:41:7e:62:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Sep 22 21:44:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2036d7b6bf4cd613d468c8cd6a13188b1f1257dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5c:8e:dd:28:ff:5d:a2:c8:c0:c4:54:72:ad:
73:cc:b1:af:2a:ed:2b:fe:5f:76:72:cc:3a:c7:f5:
67:17:d6:7a:35:40:6d:0b:c9:f7:37:67:0e:ea:dd:
18:fe:7b:c0:5c:32:fe:9a:b3:5b:a5:27:36:44:b6:
79:3c:7a:d2:3e:0a:b3:4d:3d:b7:45:0a:c6:88:05:
14:ea:be:4a:e0:cc:0e:46:0e:a5:f5:e4:86:14:2a:
9d:a9:08:3a:04:e6:36:f6:8d:91:54:33:ae:9d:81:
71:2a:00:7a:b9:7e:93:ef:ff:06:0d:9a:77:3c:84:
7a:71:19:60:24:d3:89:c2:ff:7c:04:2e:da:b4:88:
61:f6:35:4e:14:ac:35:d6:03:22:43:a1:1c:48:ec:
48:6a:e8:61:3c:9c:03:9c:d1:01:1d:0f:5e:00:ef:
e8:cd:83:31:49:04:66:35:f4:1d:c0:90:b3:6a:f7:
06:39:e8:c0:bd:78:25:9d:d0:95:88:29:cf:99:ba:
b9:f8:54:c8:2b:3f:4d:85:b9:6f:cc:a2:e3:74:b9:
ff:f4:13:ed:d9:71:0b:bf:39:29:c6:da:6d:5c:d7:
db:bd:1a:d2:fc:66:10:4d:d8:09:26:3a:2d:99:99:
b2:00:e2:8f:41:f5:1d:67:96:20:be:38:75:76:59:
78:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:36:D7:B6:BF:4C:D6:13:D4:68:C8:CD:6A:13:18:8B:1F:12:57:DC
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/IDbXtr9M1hPUaMjNahMYix8SV9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.24.0/24
185.225.26.0/24
192.189.157.0/24
IPv6:
2a14:3f80:8::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:60::/45
2a14:3f80:80::/44
2a14:3f80:100::/44
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:3000::-2a14:3f80:47ff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:5000::/38
2a14:3f80:6000::/38
2a14:3f80:7000::/38
2a14:3f80:8800::/38
2a14:3f80:af38::/45
2a14:3f81:5800::/38
2a14:3f82:4000::/38
2a14:3f82:6000::/38
2a14:3f82:7000::/38
2a14:3f82:8800::/38
2a14:3f87:2800::/38
2a14:3f87:4800::/38
2a14:3f87:6800::/38
2a14:3f87:9800::/38
Signature Algorithm: sha256WithRSAEncryption
53:91:80:f2:b3:87:89:cf:1a:de:c0:e4:c9:d4:69:a2:df:3a:
3e:5e:5c:d9:bd:05:f0:7f:f3:fb:2a:be:80:8c:57:ee:bf:bd:
5c:82:a9:62:b7:01:cf:77:eb:82:d4:e3:d7:13:a1:c5:a3:b0:
1e:bc:8a:0d:59:e7:19:4c:ec:2f:6b:01:b2:d4:38:b7:5f:b6:
3f:7c:f6:30:3b:25:c8:34:f3:6d:ec:9f:dd:21:a6:93:4f:81:
0c:8f:ac:d0:b8:47:0a:3f:a5:1c:74:46:54:4d:98:bc:fe:d0:
7d:9a:1c:0f:02:af:75:4a:fc:44:c4:68:85:94:59:ac:b5:0a:
e0:65:48:8e:e2:d9:2d:17:6b:94:bc:95:ca:3a:9e:a9:14:67:
64:2c:de:dd:35:d3:1b:01:59:97:f2:dc:f2:3e:4e:9b:7d:45:
cd:d2:4f:b5:da:d6:f8:35:32:d8:6b:2e:87:9f:25:49:12:f2:
de:78:8c:6b:5c:0b:c5:5e:25:1e:cf:36:af:02:4c:37:b7:1b:
ec:79:b6:ce:8b:95:ca:a7:13:c6:78:d2:ba:fc:ca:a7:80:f9:
76:41:ef:de:a0:e9:b2:ef:e4:bb:04:fb:0c:f3:d3:8f:60:9b:
bd:12:41:58:bb:bd:70:5f:bb:7a:42:f9:bd:f1:de:fe:2f:19:
29:21:ba:a5
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAZIbscj8y7GPefUMPEBBfmL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQwOTIyMjE0NDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM2ZDdiNmJmNGNkNjEzZDQ2OGM4Y2Q2YTEzMTg4YjFmMTI1N2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVyO3Sj/XaLIwMRUcq1zzLGvKu0r
/l92csw6x/VnF9Z6NUBtC8n3N2cO6t0Y/nvAXDL+mrNbpSc2RLZ5PHrSPgqzTT23
RQrGiAUU6r5K4MwORg6l9eSGFCqdqQg6BOY29o2RVDOunYFxKgB6uX6T7/8GDZp3
PIR6cRlgJNOJwv98BC7atIhh9jVOFKw11gMiQ6EcSOxIauhhPJwDnNEBHQ9eAO/o
zYMxSQRmNfQdwJCzavcGOejAvXglndCViCnPmbq5+FTIKz9NhblvzKLjdLn/9BPt
2XELvzkpxtptXNfbvRrS/GYQTdgJJjotmZmyAOKPQfUdZ5Ygvjh1dll4lQIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFCA217a/TNYT1GjIzWoTGIsfElfcMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvSURiWHRyOU0xaFBVYU1qTmFoTVlpeDhTVjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowGAQCAAEwEgMEALnh
GAMEALnhGgMEAMC9nTCB3QQCAAIwgdYwEgMHAyoUP4AACAMHBCoUP4AAIAMHAyoU
P4AAYAMHBCoUP4AAgAMHBCoUP4ABADAQAwYDKhQ/gAgDBgIqFD+AGDAQAwYFKhQ/
gCADBgIqFD+AKDAQAwYEKhQ/gDADBgMqFD+AQAMGAioUP4BQAwYCKhQ/gGADBgIq
FD+AcAMGAioUP4CIAwcDKhQ/gK84AwYCKhQ/gVgDBgIqFD+CQAMGAioUP4JgAwYC
KhQ/gnADBgIqFD+CiAMGAioUP4coAwYCKhQ/h0gDBgIqFD+HaAMGAioUP4eYMA0G
CSqGSIb3DQEBCwUAA4IBAQBTkYDys4eJzxrewOTJ1Gmi3zo+XlzZvQXwf/P7Kr6A
jFfuv71cgqlitwHPd+uC1OPXE6HFo7AevIoNWecZTOwvawGy1Di3X7Y/fPYwOyXI
NPNt7J/dIaaTT4EMj6zQuEcKP6UcdEZUTZi8/tB9mhwPAq91SvxExGiFlFmstQrg
ZUiO4tktF2uUvJXKOp6pFGdkLN7dNdMbAVmX8tzyPk6bfUXN0k+12tb4NTLYay6H
nyVJEvLeeIxrXAvFXiUezzavAkw3txvsebbOi5XKpxPGeNK6/MqngPl2Qe/eoOmy
7+S7BPsM89OPYJu9EkFYu71wX7t6Qvm98d7+LxkpIbql
-----END CERTIFICATE-----
Generated at Sun Oct 27 23:53:27 2024 by rpki-client on console-fra.rpki-client.org