Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Ki0vQUq175vo_tRv4BfAcF6VcWc.roa
File: Ki0vQUq175vo_tRv4BfAcF6VcWc.roa (raw, json)
Hash identifier: fp3Z4sOMFPRMwq+yuskedl0SsDxfugIzFPveVrrbkwo=
Subject key identifier: 2A:2D:2F:41:4A:B5:EF:9B:E8:FE:D4:6F:E0:17:C0:70:5E:95:71:67
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 0191593EE47F0074BC843AB6BA481AA92B61
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Ki0vQUq175vo_tRv4BfAcF6VcWc.roa
Signing time: Fri 16 Aug 2024 03:32:59 +0000
ROA not before: Fri 16 Aug 2024 03:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.24.0/24 maxlen: 24
185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:60::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:100::/45 maxlen: 45
2a14:3f80:108::/45 maxlen: 45
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:2000::/38 maxlen: 38
2a14:3f80:2400::/38 maxlen: 38
2a14:3f80:2800::/38 maxlen: 38
2a14:3f80:3000::/38 maxlen: 38
2a14:3f80:3400::/38 maxlen: 38
2a14:3f80:3800::/38 maxlen: 38
2a14:3f80:3c00::/38 maxlen: 38
2a14:3f80:4000::/38 maxlen: 38
2a14:3f80:4400::/38 maxlen: 38
2a14:3f80:5000::/38 maxlen: 38
2a14:3f80:6000::/38 maxlen: 38
2a14:3f80:7000::/38 maxlen: 38
2a14:3f80:8800::/38 maxlen: 38
2a14:3f80:af38::/45 maxlen: 45
2a14:3f81:5800::/38 maxlen: 38
2a14:3f82:4000::/38 maxlen: 38
2a14:3f82:6000::/38 maxlen: 38
2a14:3f82:7000::/38 maxlen: 38
2a14:3f82:8800::/38 maxlen: 38
2a14:3f87:6800::/38 maxlen: 38
Validation: Failed, certificate revoked on Wed 21 Aug 2024 06:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:59:3e:e4:7f:00:74:bc:84:3a:b6:ba:48:1a:a9:2b:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Aug 16 03:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a2d2f414ab5ef9be8fed46fe017c0705e957167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:53:38:71:01:75:ef:7a:4b:f2:11:67:e7:03:
ca:6c:03:b1:11:88:56:1d:86:c2:15:30:17:d2:57:
aa:62:40:fb:4d:23:50:05:db:cf:1c:c4:44:b7:10:
cf:06:ec:0e:6a:8f:09:0f:45:55:4b:77:d5:59:c6:
c6:b0:07:82:6e:42:38:74:a3:c7:f1:1e:c3:13:28:
8d:24:0a:af:91:2e:0d:7c:fa:fd:3c:3f:1d:bf:a4:
5a:ee:02:6b:57:75:fc:c5:27:43:20:65:12:55:14:
fd:65:90:77:55:a2:e1:f1:b1:e6:23:6c:09:3c:48:
29:25:90:22:17:30:7b:6d:eb:2a:ec:24:a7:44:26:
c4:14:9a:6d:b3:b4:e7:68:9b:dd:fc:5b:40:d2:57:
44:87:5a:07:73:30:75:17:6e:a4:bf:bd:8c:91:2a:
da:4a:76:74:2b:7e:0b:a5:c1:99:a6:f9:8e:f5:8b:
0f:e1:5b:f1:7a:dd:56:9f:2b:f0:b8:26:94:f6:92:
b5:7b:66:d7:70:ea:9d:6e:36:d9:72:7f:dd:93:3c:
ac:de:d0:dc:1d:93:c7:29:a3:c8:96:d4:bd:c7:76:
d7:78:fd:c8:c9:ec:07:b8:7e:9b:99:6d:42:fb:64:
ed:c3:36:e1:86:c2:40:88:c3:dc:f4:5a:4e:2c:8b:
24:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2D:2F:41:4A:B5:EF:9B:E8:FE:D4:6F:E0:17:C0:70:5E:95:71:67
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Ki0vQUq175vo_tRv4BfAcF6VcWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.24.0/24
185.225.26.0/24
192.189.157.0/24
IPv6:
2a14:3f80:8::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:60::/45
2a14:3f80:80::/44
2a14:3f80:100::/44
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:3000::-2a14:3f80:47ff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:5000::/38
2a14:3f80:6000::/38
2a14:3f80:7000::/38
2a14:3f80:8800::/38
2a14:3f80:af38::/45
2a14:3f81:5800::/38
2a14:3f82:4000::/38
2a14:3f82:6000::/38
2a14:3f82:7000::/38
2a14:3f82:8800::/38
2a14:3f87:6800::/38
Signature Algorithm: sha256WithRSAEncryption
04:89:94:a6:34:bd:35:77:6d:af:0b:4f:62:4d:02:af:b0:e6:
95:50:bf:02:36:ae:df:4a:13:13:b8:83:5e:d8:a9:70:6b:5e:
29:02:a0:b7:5b:89:2a:cb:fa:57:e9:bc:ec:77:b8:54:7d:eb:
d7:60:ea:9c:24:50:52:e9:58:8f:c5:11:cb:f5:1d:54:15:d2:
c6:6b:f5:d9:b4:ff:8f:9a:fa:1d:9a:bb:3c:18:9f:78:68:4b:
52:1a:9a:01:3e:5f:32:ca:e3:f6:05:4a:fe:35:22:dc:11:11:
6d:3a:5c:78:39:72:bc:0f:20:ef:81:9b:6b:a9:cf:e9:ee:81:
13:2a:a8:f2:cd:2d:de:84:9c:70:5d:cd:51:95:26:4b:26:02:
3e:a5:9f:6c:b2:e9:11:67:1b:d6:80:87:c4:1b:af:43:e1:d3:
4a:d2:aa:40:da:d5:11:6d:65:be:0d:b8:4e:8a:8b:a2:6b:4d:
2d:1b:d4:1e:e9:6e:e5:78:83:92:1e:ac:31:56:0d:ba:f4:ac:
8f:0b:75:95:f1:2e:5d:17:43:23:e4:0b:49:11:62:99:87:a9:
57:e1:0b:c4:9e:20:54:85:0b:96:60:50:0d:1a:ea:ac:f6:bf:
74:8c:8b:90:ab:a5:97:5b:e0:eb:d7:bb:81:4c:b5:46:52:72:
e2:1e:51:ac
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZFZPuR/AHS8hDq2ukgaqSthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQwODE2MDMzMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJkMmY0MTRhYjVlZjliZThmZWQ0NmZlMDE3YzA3MDVlOTU3MTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1M4cQF173pL8hFn5wPKbAOxEYhW
HYbCFTAX0leqYkD7TSNQBdvPHMREtxDPBuwOao8JD0VVS3fVWcbGsAeCbkI4dKPH
8R7DEyiNJAqvkS4NfPr9PD8dv6Ra7gJrV3X8xSdDIGUSVRT9ZZB3VaLh8bHmI2wJ
PEgpJZAiFzB7besq7CSnRCbEFJpts7TnaJvd/FtA0ldEh1oHczB1F26kv72MkSra
SnZ0K34LpcGZpvmO9YsP4Vvxet1WnyvwuCaU9pK1e2bXcOqdbjbZcn/dkzys3tDc
HZPHKaPIltS9x3bXeP3IyewHuH6bmW1C+2TtwzbhhsJAiMPc9FpOLIsk8wIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFCotL0FKte+b6P7Ub+AXwHBelXFnMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvS2kwdlFVcTE3NXZvX3RSdjRCZkFjRjZWY1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jAYBAIAATASAwQAueEY
AwQAueEaAwQAwL2dMIHFBAIAAjCBvjASAwcDKhQ/gAAIAwcEKhQ/gAAgAwcDKhQ/
gABgAwcEKhQ/gACAAwcEKhQ/gAEAMBADBgMqFD+ACAMGAioUP4AYMBADBgUqFD+A
IAMGAioUP4AoMBADBgQqFD+AMAMGAyoUP4BAAwYCKhQ/gFADBgIqFD+AYAMGAioU
P4BwAwYCKhQ/gIgDBwMqFD+ArzgDBgIqFD+BWAMGAioUP4JAAwYCKhQ/gmADBgIq
FD+CcAMGAioUP4KIAwYCKhQ/h2gwDQYJKoZIhvcNAQELBQADggEBAASJlKY0vTV3
ba8LT2JNAq+w5pVQvwI2rt9KExO4g17YqXBrXikCoLdbiSrL+lfpvOx3uFR969dg
6pwkUFLpWI/FEcv1HVQV0sZr9dm0/4+a+h2auzwYn3hoS1IamgE+XzLK4/YFSv41
ItwREW06XHg5crwPIO+Bm2upz+nugRMqqPLNLd6EnHBdzVGVJksmAj6ln2yy6RFn
G9aAh8Qbr0Ph00rSqkDa1RFtZb4NuE6Ki6JrTS0b1B7pbuV4g5IerDFWDbr0rI8L
dZXxLl0XQyPkC0kRYpmHqVfhC8SeIFSFC5ZgUA0a6qz2v3SMi5CrpZdb4OvXu4FM
tUZScuIeUaw=
-----END CERTIFICATE-----
Generated at Wed Aug 21 08:03:27 2024 by rpki-client on console-fra.rpki-client.org