Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XP5Qw7r0IyDTm2X4bemYcIRIpDI.roa
File: XP5Qw7r0IyDTm2X4bemYcIRIpDI.roa (raw, json)
Hash identifier: 4kK+yaVdfp/QaG9xanXDSqOM+pLVNV6BKjN98b5msPU=
Subject key identifier: 5C:FE:50:C3:BA:F4:23:20:D3:9B:65:F8:6D:E9:98:70:84:48:A4:32
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019D26CE7A4013E2BC0DDFC7636A173C0732
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XP5Qw7r0IyDTm2X4bemYcIRIpDI.roa
Signing time: Wed 25 Mar 2026 21:02:39 +0000
ROA not before: Wed 25 Mar 2026 21:02:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 79.172.200.0/23 maxlen: 24
79.172.204.0/24 maxlen: 24
79.172.242.0/24 maxlen: 24
79.172.250.0/23 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.8.0/24 maxlen: 24
87.229.11.0/24 maxlen: 24
87.229.25.0/24 maxlen: 24
87.229.35.0/24 maxlen: 24
87.229.37.0/24 maxlen: 24
87.229.40.0/24 maxlen: 24
87.229.52.0/24 maxlen: 24
87.229.56.0/24 maxlen: 24
87.229.64.0/24 maxlen: 24
87.229.80.0/23 maxlen: 24
87.229.81.0/24 maxlen: 24
87.229.112.0/24 maxlen: 24
87.229.124.0/23 maxlen: 24
87.229.124.0/24 maxlen: 24
87.229.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Mar 2026 13:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:ce:7a:40:13:e2:bc:0d:df:c7:63:6a:17:3c:07:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Mar 25 21:02:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5cfe50c3baf42320d39b65f86de998708448a432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7c:ae:93:a6:b3:69:24:02:4e:77:3d:c2:c9:
4f:57:d5:69:33:b6:0c:41:0e:63:37:52:8e:be:3e:
af:05:95:35:ff:a9:93:5e:0a:5d:4e:ef:85:15:3e:
20:b3:84:f8:5a:ac:ee:22:24:f2:d0:27:dc:1b:6a:
2c:c4:85:b6:e6:b6:1b:f5:70:7b:97:5b:67:e9:67:
e4:4a:87:e6:0f:46:2d:2a:3e:1e:02:26:08:5e:c6:
ac:cb:b1:89:77:49:6c:04:e7:89:c3:e6:a2:e5:65:
86:ba:f9:f9:fe:77:a2:a9:c7:53:ac:46:c5:3e:aa:
e1:b0:3c:56:11:1c:8e:2d:0b:19:9a:91:5c:4c:b5:
5f:05:f0:36:21:17:84:ad:53:b2:1c:cb:75:e4:4c:
44:52:0a:f1:c9:d8:2d:8f:a1:f7:56:d8:65:be:35:
82:30:cf:a4:43:5e:45:6a:09:a4:0c:61:f9:28:83:
5f:3b:3c:35:d7:84:d2:b5:74:f3:88:34:eb:e5:67:
35:cb:c7:11:ce:52:37:58:84:48:86:1e:c7:69:b4:
b3:bd:21:27:a5:a2:72:59:16:13:21:4f:b3:3d:f1:
cd:f3:b7:96:51:0a:5e:a5:54:2d:97:0e:68:56:73:
81:9c:88:f3:f9:8e:44:51:30:49:7f:ed:9c:a9:29:
a2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FE:50:C3:BA:F4:23:20:D3:9B:65:F8:6D:E9:98:70:84:48:A4:32
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XP5Qw7r0IyDTm2X4bemYcIRIpDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.200.0/23
79.172.204.0/24
79.172.242.0/24
79.172.250.0/23
87.229.8.0/22
87.229.25.0/24
87.229.35.0/24
87.229.37.0/24
87.229.40.0/24
87.229.52.0/24
87.229.56.0/24
87.229.64.0/24
87.229.80.0/23
87.229.112.0/24
87.229.124.0/23
Signature Algorithm: sha256WithRSAEncryption
04:2b:ea:ee:2f:12:5c:90:6e:c8:4e:07:ed:d5:18:25:13:58:
0d:88:84:1d:60:0c:f2:95:ec:66:a1:e5:6b:ff:ef:b3:51:7e:
cc:ec:22:70:1d:bd:4c:c1:6b:a1:91:42:ff:37:d1:d1:ce:84:
b2:94:54:9c:fa:d0:6e:ff:54:ad:79:20:c7:56:dc:b1:22:ba:
04:47:46:d6:90:a3:90:eb:70:41:9a:ee:a5:cc:9a:e3:e9:ae:
17:c0:c5:52:1c:b9:c8:d9:51:59:48:bf:39:22:bb:08:2a:98:
db:fd:8f:f0:fc:62:4f:7d:07:b5:dc:96:5a:32:f5:0c:48:d3:
72:0e:6c:04:61:5f:c8:76:f4:26:20:ca:26:ac:66:2e:e4:6e:
2a:6f:50:8f:61:8d:75:6b:9b:48:e0:7b:02:45:28:36:03:04:
cf:82:d6:fa:37:2f:87:bc:79:cb:1f:91:70:ce:ef:62:3e:51:
e8:f5:c1:9a:ff:65:37:ba:fb:29:ea:be:6f:42:66:f3:76:c7:
5b:82:53:5a:1c:30:20:d4:35:5b:1f:e0:55:5c:fe:43:37:2d:
70:51:f4:a1:ab:2d:78:f0:e4:c0:41:f8:72:03:e0:7e:f8:82:
d4:6b:a1:89:82:e1:01:c4:a1:01:68:e3:bd:64:5e:05:8b:63:
ec:70:a3:f1
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ0mznpAE+K8Dd/HY2oXPAcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjYwMzI1MjEwMjM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ZlNTBjM2JhZjQyMzIwZDM5YjY1Zjg2ZGU5OTg3MDg0NDhhNDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHyuk6azaSQCTnc9wslPV9VpM7YM
QQ5jN1KOvj6vBZU1/6mTXgpdTu+FFT4gs4T4WqzuIiTy0CfcG2osxIW25rYb9XB7
l1tn6WfkSofmD0YtKj4eAiYIXsasy7GJd0lsBOeJw+ai5WWGuvn5/neiqcdTrEbF
PqrhsDxWERyOLQsZmpFcTLVfBfA2IReErVOyHMt15ExEUgrxydgtj6H3VthlvjWC
MM+kQ15FagmkDGH5KINfOzw114TStXTziDTr5Wc1y8cRzlI3WIRIhh7HabSzvSEn
paJyWRYTIU+zPfHN87eWUQpepVQtlw5oVnOBnIjz+Y5EUTBJf+2cqSmimwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFFz+UMO69CMg05tl+G3pmHCESKQyMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvWFA1UXc3cjBJeURUbTJYNGJlbVljSVJJcERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQBT6zIAwQA
T6zMAwQAT6zyAwQBT6z6AwQCV+UIAwQAV+UZAwQAV+UjAwQAV+UlAwQAV+UoAwQA
V+U0AwQAV+U4AwQAV+VAAwQBV+VQAwQAV+VwAwQBV+V8MA0GCSqGSIb3DQEBCwUA
A4IBAQAEK+ruLxJckG7ITgft1RglE1gNiIQdYAzylexmoeVr/++zUX7M7CJwHb1M
wWuhkUL/N9HRzoSylFSc+tBu/1SteSDHVtyxIroER0bWkKOQ63BBmu6lzJrj6a4X
wMVSHLnI2VFZSL85IrsIKpjb/Y/w/GJPfQe13JZaMvUMSNNyDmwEYV/IdvQmIMom
rGYu5G4qb1CPYY11a5tI4HsCRSg2AwTPgtb6Ny+HvHnLH5Fwzu9iPlHo9cGa/2U3
uvsp6r5vQmbzdsdbglNaHDAg1DVbH+BVXP5DNy1wUfShqy148OTAQfhyA+B++ILU
a6GJguEBxKEBaOO9ZF4Fi2PscKPx
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:07:15 2026 by rpki-client