Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/HY34cI5a1RG-YCocii1JqDmahZY.roa
File: HY34cI5a1RG-YCocii1JqDmahZY.roa (raw, json)
Hash identifier: a6QMRPbao76lF8IxtbL/Zb9DMr/y2QK1qiCoPIF3tCc=
Subject key identifier: 1D:8D:F8:70:8E:5A:D5:11:BE:60:2A:1C:8A:2D:49:A8:39:9A:85:96
Certificate issuer: /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial: 0195A8C444DEAE7B992F1DA5743014A2D9D1
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/HY34cI5a1RG-YCocii1JqDmahZY.roa
Signing time: Tue 18 Mar 2025 10:19:49 +0000
ROA not before: Tue 18 Mar 2025 10:19:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50810
IP address blocks: 37.98.64.0/19 maxlen: 22
37.98.104.0/21 maxlen: 22
37.98.112.0/20 maxlen: 23
93.117.176.0/20 maxlen: 24
93.119.208.0/20 maxlen: 24
178.131.0.0/18 maxlen: 24
178.131.4.0/24 maxlen: 24
178.131.64.0/19 maxlen: 22
178.131.96.0/20 maxlen: 22
178.131.112.0/21 maxlen: 22
178.131.128.0/18 maxlen: 24
188.211.0.0/20 maxlen: 24
188.211.15.0/24 maxlen: 24
188.212.240.0/21 maxlen: 24
188.213.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 20 Apr 2025 12:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:c4:44:de:ae:7b:99:2f:1d:a5:74:30:14:a2:d9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Validity
Not Before: Mar 18 10:19:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d8df8708e5ad511be602a1c8a2d49a8399a8596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:32:ae:c2:2b:86:b9:76:97:7c:61:1b:6f:55:
b9:dc:01:69:68:83:26:68:7e:46:81:db:66:2b:8e:
a3:d3:6d:9e:93:cd:22:6a:7c:30:e0:40:7f:27:73:
c9:51:cb:84:ac:ae:cc:89:96:05:69:9f:8a:59:ac:
4e:6d:56:f2:7f:c3:f0:70:96:42:e1:80:32:84:f6:
86:11:63:7b:77:d0:4d:fe:a4:36:af:bb:1f:f1:5b:
a4:32:73:04:3f:25:38:1f:ce:5d:fa:0b:04:61:65:
16:99:cb:85:07:78:58:4e:29:69:0e:e5:f1:11:38:
0c:48:24:12:a4:94:47:ac:50:ac:dc:9c:fb:67:f3:
8f:f5:72:26:04:40:09:c2:da:89:a0:b1:13:c9:7b:
1e:4b:d7:8f:e5:9a:77:64:df:ee:56:a8:cf:bc:3e:
0d:11:e4:42:c6:3d:25:c8:03:54:a3:3d:0d:e0:6d:
9c:0a:1f:37:6b:e0:4c:26:db:cd:46:06:46:cc:f0:
20:87:af:ac:70:f4:a8:03:81:11:3f:20:8c:49:79:
5e:99:f3:1a:65:93:23:ad:86:0b:ec:2b:80:f9:0d:
26:60:88:45:fd:fd:e2:0e:40:e5:6d:ff:6d:f1:c0:
ee:88:32:08:f6:90:e7:33:45:54:02:ad:ab:54:f7:
8e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8D:F8:70:8E:5A:D5:11:BE:60:2A:1C:8A:2D:49:A8:39:9A:85:96
X509v3 Authority Key Identifier:
keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/HY34cI5a1RG-YCocii1JqDmahZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.64.0/19
37.98.104.0-37.98.127.255
93.117.176.0/20
93.119.208.0/20
178.131.0.0-178.131.119.255
178.131.128.0/18
188.211.0.0/20
188.212.240.0/21
188.213.192.0/22
Signature Algorithm: sha256WithRSAEncryption
32:41:35:c3:5d:de:ed:f7:db:4b:67:41:e0:82:60:77:f6:b2:
45:3b:58:24:27:2a:b6:db:76:3f:10:95:6d:6f:f5:67:a2:3e:
33:95:54:6b:cd:f2:c2:b5:62:e8:a4:cd:13:b6:bd:30:14:25:
bd:e7:b6:42:9c:c5:27:a7:c8:00:c7:91:92:57:79:69:61:59:
76:51:6d:53:02:05:ad:60:bb:26:b5:fe:23:7b:ab:9a:3b:3d:
d8:5e:10:bc:e8:67:90:ea:2d:0e:e2:a7:bc:c0:3b:31:89:0c:
b4:b6:99:71:6f:f9:b4:29:00:d0:7d:ad:1b:63:d0:8b:96:5e:
91:72:a6:66:16:d7:68:6f:9c:6c:56:e6:39:1b:15:3e:c2:f2:
38:0a:db:14:00:e2:24:ac:22:c2:94:df:1e:47:4a:ac:f8:a3:
f0:59:62:ae:db:53:cc:75:b1:1c:cd:ac:7b:82:c8:f1:94:93:
1f:28:40:b9:23:b0:43:c9:a2:2c:16:8d:b9:7b:fb:d6:c1:53:
ef:eb:1c:21:52:4a:9c:44:be:68:10:28:37:b6:02:df:d5:2a:
d0:5d:39:04:62:68:1d:0b:bb:31:33:91:41:28:48:20:1a:df:
13:a3:7f:60:87:0e:9b:97:71:5f:a3:38:e0:c6:0b:1b:18:7d:
d3:f3:94:ba
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZWoxETernuZLx2ldDAUotnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjUwMzE4MTAxOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDhkZjg3MDhlNWFkNTExYmU2MDJhMWM4YTJkNDlhODM5OWE4NTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTKuwiuGuXaXfGEbb1W53AFpaIMm
aH5GgdtmK46j022ek80ianww4EB/J3PJUcuErK7MiZYFaZ+KWaxObVbyf8PwcJZC
4YAyhPaGEWN7d9BN/qQ2r7sf8VukMnMEPyU4H85d+gsEYWUWmcuFB3hYTilpDuXx
ETgMSCQSpJRHrFCs3Jz7Z/OP9XImBEAJwtqJoLETyXseS9eP5Zp3ZN/uVqjPvD4N
EeRCxj0lyANUoz0N4G2cCh83a+BMJtvNRgZGzPAgh6+scPSoA4ERPyCMSXlemfMa
ZZMjrYYL7CuA+Q0mYIhF/f3iDkDlbf9t8cDuiDII9pDnM0VUAq2rVPeO/QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFB2N+HCOWtURvmAqHIotSag5moWWMB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvSFkzNGNJNWExUkctWUNvY2lpMUpxRG1haFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTBLBAIAATBFAwQFJWJAMAwD
BAMlYmgDBAclYgADBARddbADBARdd9AwCwMDALKDAwQDsoNwAwQGsoOAAwQEvNMA
AwQDvNTwAwQCvNXAMA0GCSqGSIb3DQEBCwUAA4IBAQAyQTXDXd7t99tLZ0HggmB3
9rJFO1gkJyq223Y/EJVtb/Vnoj4zlVRrzfLCtWLopM0Ttr0wFCW957ZCnMUnp8gA
x5GSV3lpYVl2UW1TAgWtYLsmtf4je6uaOz3YXhC86GeQ6i0O4qe8wDsxiQy0tplx
b/m0KQDQfa0bY9CLll6RcqZmFtdob5xsVuY5GxU+wvI4CtsUAOIkrCLClN8eR0qs
+KPwWWKu21PMdbEczax7gsjxlJMfKEC5I7BDyaIsFo25e/vWwVPv6xwhUkqcRL5o
ECg3tgLf1SrQXTkEYmgdC7sxM5FBKEggGt8To39ghw6bl3FfozjgxgsbGH3T85S6
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:15:25 2025 by rpki-client