Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/KAyofHoRF4YdRFrseekestSPN74.roa
File: KAyofHoRF4YdRFrseekestSPN74.roa (raw, json)
Hash identifier: Zrcm4X2NPbKDZSr/RK/bfEBOgwLl0siyESB29PcvZbY=
Subject key identifier: 28:0C:A8:7C:7A:11:17:86:1D:44:5A:EC:79:E9:1E:B2:D4:8F:37:BE
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 018E3C49FB4001B7319547A5C970DE10009A
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/KAyofHoRF4YdRFrseekestSPN74.roa
Signing time: Thu 14 Mar 2024 09:27:45 +0000
ROA not before: Thu 14 Mar 2024 09:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.24.0/24 maxlen: 24
185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:2000::/38 maxlen: 38
Validation: Failed, certificate revoked on Fri 22 Mar 2024 05:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:49:fb:40:01:b7:31:95:47:a5:c9:70:de:10:00:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Mar 14 09:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=280ca87c7a1117861d445aec79e91eb2d48f37be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ad:2b:0d:42:80:64:f1:80:04:fb:14:37:a0:
03:73:98:4b:59:b5:14:92:04:d3:10:90:55:66:af:
a0:5d:7d:0f:95:81:36:39:16:18:e0:9f:1c:d8:0d:
b0:aa:7a:48:bb:96:59:e5:66:f1:a4:41:a0:c8:50:
b0:d3:69:20:ba:50:9f:be:2a:53:19:30:ba:5d:c3:
7b:c6:74:0e:e0:92:65:d0:2a:61:55:a2:3f:2c:8a:
08:76:34:ef:a4:f8:68:5f:4f:18:c7:d2:cd:64:e7:
f4:a1:21:9e:f8:c7:7e:23:85:7d:e5:a2:64:65:b5:
e5:9c:ac:05:91:58:4a:7b:90:b3:a3:9d:59:e2:a6:
37:d2:48:48:a8:01:7b:e9:06:73:a4:81:fa:95:fd:
e8:76:be:69:01:cf:3f:7d:b9:a6:29:f8:45:fa:6d:
38:49:34:ff:11:a0:c4:34:f3:c2:49:10:36:74:67:
b5:0e:a9:80:d3:06:e6:b5:8f:30:d0:cd:15:31:58:
80:be:62:d8:a0:33:12:6d:51:ea:e3:c9:f1:b0:97:
b1:2c:51:72:5a:40:f6:f8:f8:7b:be:18:df:55:a8:
da:13:92:3a:8f:3e:94:14:db:00:ed:a7:ec:06:8e:
76:ca:a8:3e:8e:63:a0:ab:d8:16:18:f4:ec:ba:6a:
85:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0C:A8:7C:7A:11:17:86:1D:44:5A:EC:79:E9:1E:B2:D4:8F:37:BE
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/KAyofHoRF4YdRFrseekestSPN74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.24.0/24
185.225.26.0/24
192.189.157.0/24
IPv6:
2a14:3f80:8::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:80::/44
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:2000::/38
Signature Algorithm: sha256WithRSAEncryption
61:b8:0f:3a:5e:82:3d:72:30:0a:7f:b2:6f:a8:6f:7e:4f:f6:
ae:20:28:fa:c0:99:9c:16:70:8b:e3:86:6c:ce:c9:e2:24:5f:
e3:21:88:0c:54:35:d1:61:cc:c5:4a:b8:bb:ca:7c:e2:9b:06:
88:b5:db:80:2e:b8:93:1c:b5:60:20:fb:a3:c4:6e:6c:17:98:
06:c0:d0:79:92:0d:42:6e:ed:07:22:54:bb:67:63:56:da:49:
91:69:d7:da:93:db:e9:6a:62:93:b8:66:de:86:8f:f0:1e:41:
f2:c6:5b:2b:f4:bc:8e:65:72:d5:75:76:17:54:07:74:56:99:
ca:bc:fc:bb:56:d9:62:5e:32:3f:01:c4:23:48:43:bb:6b:b0:
c8:d6:0b:57:27:92:68:b4:fa:85:f2:c0:ff:c2:56:93:60:1b:
cf:95:76:ca:2c:82:c3:f4:3d:3d:57:6b:30:70:79:36:00:30:
4d:a3:05:5e:0a:9c:12:14:0b:59:5c:4e:6a:be:0e:71:4f:ce:
3d:93:59:d0:35:7f:3c:e4:e1:5b:ba:15:dc:fd:78:c0:02:91:
48:33:47:79:56:21:f0:f1:fe:c6:33:6f:2b:b7:be:45:83:35:
c8:b7:f7:0f:b9:a3:62:42:6b:80:c2:be:f0:bc:39:8f:4c:aa:
fe:1b:d4:ea
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAY48SftAAbcxlUelyXDeEACaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQwMzE0MDkyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODBjYTg3YzdhMTExNzg2MWQ0NDVhZWM3OWU5MWViMmQ0OGYzN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg60rDUKAZPGABPsUN6ADc5hLWbUU
kgTTEJBVZq+gXX0PlYE2ORYY4J8c2A2wqnpIu5ZZ5WbxpEGgyFCw02kgulCfvipT
GTC6XcN7xnQO4JJl0CphVaI/LIoIdjTvpPhoX08Yx9LNZOf0oSGe+Md+I4V95aJk
ZbXlnKwFkVhKe5Czo51Z4qY30khIqAF76QZzpIH6lf3odr5pAc8/fbmmKfhF+m04
STT/EaDENPPCSRA2dGe1DqmA0wbmtY8w0M0VMViAvmLYoDMSbVHq48nxsJexLFFy
WkD2+Ph7vhjfVajaE5I6jz6UFNsA7afsBo52yqg+jmOgq9gWGPTsumqFiwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFCgMqHx6EReGHURa7HnpHrLUjze+MB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvS0F5b2ZIb1JGNFlkUkZyc2Vla2VzdFNQTjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTAYBAIAATASAwQAueEYAwQA
ueEaAwQAwL2dMD0EAgACMDcwEgMHAyoUP4AACAMHBCoUP4AAIAMHBCoUP4AAgDAQ
AwYDKhQ/gAgDBgIqFD+AGAMGAioUP4AgMA0GCSqGSIb3DQEBCwUAA4IBAQBhuA86
XoI9cjAKf7JvqG9+T/auICj6wJmcFnCL44ZszsniJF/jIYgMVDXRYczFSri7ynzi
mwaItduALriTHLVgIPujxG5sF5gGwNB5kg1Cbu0HIlS7Z2NW2kmRadfak9vpamKT
uGbeho/wHkHyxlsr9LyOZXLVdXYXVAd0VpnKvPy7VtliXjI/AcQjSEO7a7DI1gtX
J5JotPqF8sD/wlaTYBvPlXbKLILD9D09V2swcHk2ADBNowVeCpwSFAtZXE5qvg5x
T849k1nQNX885OFbuhXc/XjAApFIM0d5ViHw8f7GM28rt75FgzXIt/cPuaNiQmuA
wr7wvDmPTKr+G9Tq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:36 2024 by rpki-client on console-ams.rpki-client.org