Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/HauYjadf4qYvT80aZUF2-MAvMb0.roa
File: HauYjadf4qYvT80aZUF2-MAvMb0.roa (raw, json)
Hash identifier: xg2amXSaqTKNyK/1BscI2WXVdaP4+A99VdT862sVsOM=
Subject key identifier: 1D:AB:98:8D:A7:5F:E2:A6:2F:4F:CD:1A:65:41:76:F8:C0:2F:31:BD
Certificate issuer: /CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Certificate serial: 01957F9251EE8D3D8C23C1416BC38FD1C29A
Authority key identifier: F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/HauYjadf4qYvT80aZUF2-MAvMb0.roa
Signing time: Mon 10 Mar 2025 10:20:50 +0000
ROA not before: Mon 10 Mar 2025 10:20:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47956
IP address blocks: 5.102.192.0/18 maxlen: 24
37.46.32.0/20 maxlen: 24
91.205.152.0/22 maxlen: 24
94.230.80.0/20 maxlen: 24
141.226.0.0/19 maxlen: 24
141.226.0.0/21 maxlen: 21
141.226.0.0/22 maxlen: 22
141.226.4.0/22 maxlen: 22
141.226.8.0/21 maxlen: 21
141.226.8.0/22 maxlen: 22
141.226.12.0/22 maxlen: 22
141.226.32.0/20 maxlen: 24
141.226.48.0/22 maxlen: 24
141.226.52.0/23 maxlen: 24
141.226.54.0/24 maxlen: 24
141.226.56.0/21 maxlen: 24
141.226.64.0/22 maxlen: 24
141.226.68.0/23 maxlen: 24
141.226.70.0/24 maxlen: 24
141.226.72.0/21 maxlen: 24
141.226.144.0/20 maxlen: 24
141.226.144.0/21 maxlen: 21
141.226.152.0/21 maxlen: 21
141.226.160.0/20 maxlen: 24
141.226.160.0/21 maxlen: 21
141.226.160.0/22 maxlen: 22
141.226.168.0/21 maxlen: 21
141.226.176.0/21 maxlen: 24
188.120.128.0/19 maxlen: 24
2a02:ed0::/29 maxlen: 29
2a02:ed0::/32 maxlen: 48
2a02:ed1::/32 maxlen: 32
2a02:ed2::/32 maxlen: 32
2a02:ed2::/40 maxlen: 48
2a02:ed3::/32 maxlen: 48
2a02:ed5::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 17 Mar 2025 09:08:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:92:51:ee:8d:3d:8c:23:c1:41:6b:c3:8f:d1:c2:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Validity
Not Before: Mar 10 10:20:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dab988da75fe2a62f4fcd1a654176f8c02f31bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7d:74:ee:7b:c2:e9:64:2e:b3:2d:0a:b7:75:
ec:0e:6f:9c:df:f2:ec:47:92:ca:ae:12:d0:57:93:
ba:2f:ed:6c:b7:05:fc:7d:4d:96:5f:86:b0:0f:35:
c9:8c:9a:38:2d:e2:f4:5e:10:42:a0:10:01:ad:a2:
03:ab:b0:68:7f:f4:1b:00:13:d7:92:e3:85:8c:c1:
1b:92:05:9c:f0:7a:30:07:40:92:de:ed:32:e0:f5:
5d:26:4d:67:bc:5a:ca:4e:aa:db:86:3f:1d:a7:d7:
3d:40:49:74:f6:cf:29:0c:22:fc:d1:b3:b6:1d:ad:
fb:8c:58:3b:c6:7a:b7:30:42:f4:80:cf:16:bc:b7:
9c:d1:18:be:ce:51:e9:e7:77:0f:43:52:75:af:7c:
0c:72:84:d8:d5:80:54:d7:f7:7d:0e:40:12:af:bb:
85:d9:4c:db:da:20:c4:1d:bb:72:db:3f:6c:c4:de:
8d:f4:6d:c2:04:3d:fc:e2:7f:cc:bf:3b:0a:a0:fd:
72:46:d1:90:85:00:de:f4:e0:8d:3f:59:ad:03:72:
9a:aa:5f:19:51:85:4c:ca:26:5d:13:24:74:2f:d3:
c8:0e:f2:34:cb:98:7d:4e:b5:f2:93:2a:d2:a5:5d:
07:fb:e3:c6:8b:09:6f:6d:c5:f9:6c:e3:74:e6:18:
a5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AB:98:8D:A7:5F:E2:A6:2F:4F:CD:1A:65:41:76:F8:C0:2F:31:BD
X509v3 Authority Key Identifier:
keyid:F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/HauYjadf4qYvT80aZUF2-MAvMb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/9MCqez48v_iCYq3ZKzOeNQUc4aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.192.0/18
37.46.32.0/20
91.205.152.0/22
94.230.80.0/20
141.226.0.0-141.226.54.255
141.226.56.0-141.226.70.255
141.226.72.0/21
141.226.144.0-141.226.183.255
188.120.128.0/19
IPv6:
2a02:ed0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:ee:5a:ad:ce:3c:58:d1:d3:7f:31:51:79:05:62:52:17:95:
9a:2b:7d:d5:7a:76:15:1f:eb:09:7e:b7:c8:b7:4a:57:97:b7:
ab:24:b0:4f:4d:00:92:d0:75:68:2f:c8:b1:b0:78:b8:af:1e:
be:f0:3e:3b:ef:f9:4a:6a:b7:e8:a9:2f:8c:cc:d9:d0:3a:f7:
ae:7d:bf:25:eb:46:9a:81:8a:ff:d9:63:fd:96:6f:c1:be:ab:
7e:77:01:d8:52:ec:f4:ec:b9:5d:a4:17:ef:0c:6c:e8:59:14:
2b:ec:76:e6:7a:ab:e6:3c:01:11:e4:66:de:6d:9a:b9:01:40:
a6:40:94:7e:0c:83:d8:95:6b:fb:6e:9b:7d:5e:fb:85:71:73:
71:99:b8:4a:ab:50:7a:67:f8:76:10:e4:e6:2d:d9:64:20:41:
32:a2:16:5a:e0:3a:82:b4:fb:a6:b3:60:45:0c:27:30:af:a5:
a6:73:11:9f:1d:e3:f1:5e:c2:80:6b:a9:a7:4c:fe:ce:be:10:
09:fd:90:89:da:51:ec:8e:94:66:d0:b7:db:4e:bf:9b:a0:97:
78:51:b9:6a:47:cd:ee:32:91:d3:e4:3f:7e:ee:60:38:49:1c:
93:3c:df:0f:00:c9:67:75:35:a3:40:e9:e6:1a:b7:f9:48:e9:
a0:9c:33:ad
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZV/klHujT2MI8FBa8OP0cKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzBhYTdiM2UzY2JmZjg4MjYyYWRkOTJiMzM5ZTM1MDUx
Y2UxYTAwHhcNMjUwMzEwMTAyMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFiOTg4ZGE3NWZlMmE2MmY0ZmNkMWE2NTQxNzZmOGMwMmYzMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3107nvC6WQusy0Kt3XsDm+c3/Ls
R5LKrhLQV5O6L+1stwX8fU2WX4awDzXJjJo4LeL0XhBCoBABraIDq7Bof/QbABPX
kuOFjMEbkgWc8HowB0CS3u0y4PVdJk1nvFrKTqrbhj8dp9c9QEl09s8pDCL80bO2
Ha37jFg7xnq3MEL0gM8WvLec0Ri+zlHp53cPQ1J1r3wMcoTY1YBU1/d9DkASr7uF
2Uzb2iDEHbty2z9sxN6N9G3CBD384n/MvzsKoP1yRtGQhQDe9OCNP1mtA3Kaql8Z
UYVMyiZdEyR0L9PIDvI0y5h9TrXykyrSpV0H++PGiwlvbcX5bON05hil6QIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFB2rmI2nX+KmL0/NGmVBdvjALzG9MB8GA1UdIwQY
MBaAFPTAqns+PL/4gmKt2SsznjUFHOGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEt
ZWE3NWRkZjQ3YjRhLzEvSGF1WWphZGY0cVl2VDgwYVpVRjItTUF2TWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEtZWE3NWRkZjQ3YjRh
LzEvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBTBAIAATBNAwQGBWbAAwQE
JS4gAwQCW82YAwQEXuZQMAsDAwGN4gMEAI3iNjAMAwQDjeI4AwQAjeJGAwQDjeJI
MAwDBASN4pADBAON4rADBAW8eIAwDQQCAAIwBwMFAyoCDtAwDQYJKoZIhvcNAQEL
BQADggEBAG3uWq3OPFjR038xUXkFYlIXlZorfdV6dhUf6wl+t8i3SleXt6sksE9N
AJLQdWgvyLGweLivHr7wPjvv+Upqt+ipL4zM2dA69659vyXrRpqBiv/ZY/2Wb8G+
q353AdhS7PTsuV2kF+8MbOhZFCvsduZ6q+Y8ARHkZt5tmrkBQKZAlH4Mg9iVa/tu
m31e+4Vxc3GZuEqrUHpn+HYQ5OYt2WQgQTKiFlrgOoK0+6azYEUMJzCvpaZzEZ8d
4/FewoBrqadM/s6+EAn9kInaUeyOlGbQt9tOv5ugl3hRuWpHze4ykdPkP37uYDhJ
HJM83w8AyWd1NaNA6eYat/lI6aCcM60=
-----END CERTIFICATE-----
Generated at Sun May 11 22:43:49 2025 by rpki-client