Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/IpS5vtEBIdrYO7kPkXShrjp6Hy8.roa
File: IpS5vtEBIdrYO7kPkXShrjp6Hy8.roa (raw, json)
Hash identifier: bxBkNPJM0wfp4kiNClTLtiAZ4eQ2jLppAiBxbQj3FwA=
Subject key identifier: 22:94:B9:BE:D1:01:21:DA:D8:3B:B9:0F:91:74:A1:AE:3A:7A:1F:2F
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019DF23D7E27151D028B75EEC8B6202AAC1C
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/IpS5vtEBIdrYO7kPkXShrjp6Hy8.roa
Signing time: Mon 04 May 2026 09:06:49 +0000
ROA not before: Mon 04 May 2026 09:06:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35661
IP address blocks: 91.210.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 May 2026 08:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f2:3d:7e:27:15:1d:02:8b:75:ee:c8:b6:20:2a:ac:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 4 09:06:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2294b9bed10121dad83bb90f9174a1ae3a7a1f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7a:e3:b1:5a:f1:c5:60:69:97:19:ca:f6:37:
04:26:47:78:6c:3f:11:c1:59:89:91:8e:eb:36:77:
dc:13:64:77:0d:4e:2f:52:d0:80:7a:41:fc:0e:7f:
88:d1:d3:70:eb:5d:85:97:fb:c8:84:7f:b2:b9:9f:
f7:d6:df:81:43:8c:59:9e:6f:8a:6d:3f:52:07:19:
16:89:b1:e0:55:c2:0b:cd:83:14:b4:21:2e:19:88:
dc:65:b8:d2:a1:f7:89:bf:c0:17:ee:64:22:aa:3b:
a2:a2:f3:f4:1e:7d:c1:b2:4a:b9:98:0d:5a:33:5e:
52:55:61:09:6a:68:2c:a3:7e:6d:de:f5:75:97:c2:
cf:76:a6:34:b3:c3:14:9e:0e:9e:c2:21:a7:be:a4:
88:5d:38:4a:b8:0c:68:86:89:f6:cd:bc:74:4e:e0:
3a:fa:83:57:ef:34:a3:a8:44:69:8f:5b:63:78:71:
49:1a:7d:d5:c8:da:71:5d:c5:6e:57:a7:5c:a6:6a:
ce:f6:49:1c:00:7a:e2:99:29:12:4c:20:a0:bb:38:
2b:63:ec:03:54:f1:c2:86:68:66:f9:10:50:c5:88:
e5:14:c1:b4:fc:04:22:d1:3e:78:ff:c1:14:d8:2b:
6a:ae:c4:a0:ed:1f:6e:7c:b1:33:51:a4:0f:66:a1:
81:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:94:B9:BE:D1:01:21:DA:D8:3B:B9:0F:91:74:A1:AE:3A:7A:1F:2F
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/IpS5vtEBIdrYO7kPkXShrjp6Hy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.144.0/24
Signature Algorithm: sha256WithRSAEncryption
61:9f:d3:33:09:6b:59:ff:3c:de:99:61:ea:b4:7d:c2:24:64:
aa:ec:e9:a0:c4:5f:5e:56:69:85:50:b6:53:13:09:1d:8e:15:
11:c8:35:f0:4f:b9:42:08:d4:ca:3e:c1:04:95:3f:2b:6a:f6:
01:a4:7f:02:d1:64:62:50:0c:0d:e4:4c:d0:62:b4:00:72:92:
0f:9b:aa:a0:4c:a1:6a:21:5b:9e:f4:2d:2d:b4:8e:6d:8d:cf:
b5:b6:9f:84:a9:8d:d9:2e:ad:75:24:14:7b:3e:58:5b:d7:64:
37:6e:07:8d:84:84:f1:e7:67:85:62:eb:55:93:18:e6:c0:18:
bd:63:bc:34:c5:a8:a6:ef:de:76:3a:a4:20:42:97:3d:99:95:
77:b0:5a:93:b9:06:a8:74:0b:a4:ae:5e:c8:21:48:83:ec:63:
4e:e5:ab:20:2a:4a:e6:b5:7e:a9:41:87:a6:ed:5b:7f:23:65:
7e:55:e2:ed:a6:f5:38:d5:29:be:3d:0c:1d:09:41:f6:e3:af:
2e:6b:fa:7d:a5:98:fb:ba:99:a4:76:8e:f4:55:6c:61:03:9f:
ba:46:ed:8e:f7:80:cf:a6:1d:08:19:af:66:db:65:f4:a8:fc:
64:d7:45:4b:1b:4d:55:95:d9:43:ed:7d:bd:2c:5b:28:52:eb:
86:dd:bb:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3yPX4nFR0Ci3XuyLYgKqwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjYwNTA0MDkwNjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjk0YjliZWQxMDEyMWRhZDgzYmI5MGY5MTc0YTFhZTNhN2ExZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXrjsVrxxWBplxnK9jcEJkd4bD8R
wVmJkY7rNnfcE2R3DU4vUtCAekH8Dn+I0dNw612Fl/vIhH+yuZ/31t+BQ4xZnm+K
bT9SBxkWibHgVcILzYMUtCEuGYjcZbjSofeJv8AX7mQiqjuiovP0Hn3Bskq5mA1a
M15SVWEJamgso35t3vV1l8LPdqY0s8MUng6ewiGnvqSIXThKuAxohon2zbx0TuA6
+oNX7zSjqERpj1tjeHFJGn3VyNpxXcVuV6dcpmrO9kkcAHrimSkSTCCguzgrY+wD
VPHChmhm+RBQxYjlFMG0/AQi0T54/8EU2CtqrsSg7R9ufLEzUaQPZqGB6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKUub7RASHa2Du5D5F0oa46eh8vMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvSXBTNXZ0RUJJZHJZTzdrUGtYU2hyanA2SHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9KQMA0G
CSqGSIb3DQEBCwUAA4IBAQBhn9MzCWtZ/zzemWHqtH3CJGSq7OmgxF9eVmmFULZT
EwkdjhURyDXwT7lCCNTKPsEElT8ravYBpH8C0WRiUAwN5EzQYrQAcpIPm6qgTKFq
IVue9C0ttI5tjc+1tp+EqY3ZLq11JBR7Plhb12Q3bgeNhITx52eFYutVkxjmwBi9
Y7w0xaim7952OqQgQpc9mZV3sFqTuQaodAukrl7IIUiD7GNO5asgKkrmtX6pQYem
7Vt/I2V+VeLtpvU41Sm+PQwdCUH2468ua/p9pZj7upmkdo70VWxhA5+6Ru2O94DP
ph0IGa9m22X0qPxk10VLG01VldlD7X29LFsoUuuG3bsu
-----END CERTIFICATE-----
Generated at Wed May 13 14:10:42 2026 by rpki-client