Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/WhTq71mlEyf7yqmVbQLtsYVials.roa
File: WhTq71mlEyf7yqmVbQLtsYVials.roa (raw, json)
Hash identifier: eKYf+x+4J6dUxgDovufPvjxsmSxnj2I9PxeJ8rPfrNw=
Subject key identifier: 5A:14:EA:EF:59:A5:13:27:FB:CA:A9:95:6D:02:ED:B1:85:62:6A:5B
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019D02454F8F7485C665F91DD959E944DC18
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/WhTq71mlEyf7yqmVbQLtsYVials.roa
Signing time: Wed 18 Mar 2026 18:46:29 +0000
ROA not before: Wed 18 Mar 2026 18:46:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41798
IP address blocks: 91.212.166.0/24 maxlen: 24
176.100.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Mar 2026 12:51:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:02:45:4f:8f:74:85:c6:65:f9:1d:d9:59:e9:44:dc:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 18 18:46:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5a14eaef59a51327fbcaa9956d02edb185626a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:24:05:55:b8:1d:4c:83:2f:06:ac:a7:57:0b:
ab:fd:73:15:93:a0:72:b6:17:57:4e:fc:e0:3c:3c:
e4:89:06:76:8f:f3:e7:e0:b2:fe:fd:6f:81:17:b0:
d7:ec:65:28:ae:cc:7b:8c:6a:a4:79:97:eb:a3:ab:
02:1d:f0:32:9c:fa:d9:ea:09:9a:5a:0e:b1:83:85:
76:9f:29:26:2b:36:c4:2e:51:4f:31:a0:f5:98:6f:
07:8c:d6:74:9e:7a:69:4e:76:9a:06:4f:10:e4:e3:
03:0f:99:25:d5:48:c0:28:93:32:b8:40:36:51:10:
80:47:1f:91:de:56:9c:6c:f4:dd:45:b0:de:99:9f:
1f:fa:04:d7:8a:14:a9:c2:81:95:d3:e5:ef:2f:8e:
f2:1f:9f:9a:28:0e:9b:2c:c0:3d:62:be:35:f5:57:
02:22:88:92:16:47:32:10:54:8a:c1:0e:27:60:6d:
73:5c:3f:de:67:53:c4:82:3a:5d:ea:70:53:e9:2a:
e9:26:74:e6:0b:ca:b0:6a:0e:2a:72:24:c5:65:1e:
82:76:12:1a:a9:00:55:d6:d8:57:c0:90:07:9e:a9:
52:4c:ee:69:36:03:9c:8e:61:51:fd:3f:ff:af:69:
d1:03:d5:42:43:88:47:c9:ca:d1:db:ff:f1:6e:2c:
cb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:14:EA:EF:59:A5:13:27:FB:CA:A9:95:6D:02:ED:B1:85:62:6A:5B
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/WhTq71mlEyf7yqmVbQLtsYVials.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.166.0/24
176.100.42.0/24
Signature Algorithm: sha256WithRSAEncryption
61:63:71:b6:51:df:e3:cf:fd:ef:e6:50:30:98:5a:95:ad:83:
e8:06:4f:03:1a:ec:af:c3:18:b2:44:dd:0f:bb:31:7a:ee:39:
85:73:a1:eb:5e:49:01:c5:3d:f6:05:c0:41:b6:55:83:84:95:
01:9f:64:40:1b:7d:df:77:83:c7:d0:4f:04:f3:3f:67:f2:41:
e6:d8:6f:c5:35:0f:25:91:8f:5c:9c:3a:d5:62:a4:bd:30:d9:
11:04:75:b7:84:53:a7:ec:4d:75:db:3e:c7:39:84:91:2b:18:
e5:9a:c1:95:e9:bb:4f:9d:a8:51:48:86:eb:38:10:d9:fc:00:
7b:60:c0:0b:48:5d:84:b8:23:49:89:aa:08:9d:87:bd:ef:85:
c7:20:70:c1:4e:a8:22:d6:7f:1c:4f:de:4a:a7:14:09:25:e8:
96:37:79:f9:54:18:21:ab:a0:ed:44:91:4d:5d:cf:ff:c9:29:
99:04:6f:4e:9d:58:a3:4a:e6:85:c3:1e:b6:04:80:59:08:e5:
12:1f:cc:e1:88:d0:0b:eb:cc:85:ba:72:c4:f1:7d:37:4c:0b:
5f:65:31:6a:da:72:c0:4b:f5:6e:7c:a1:fc:72:a2:f9:b4:c9:
7a:1a:09:2b:91:00:99:c8:1f:6d:b7:14:11:18:81:8e:4d:6c:
c7:b6:13:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0CRU+PdIXGZfkd2VnpRNwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMzE4MTg0NjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTE0ZWFlZjU5YTUxMzI3ZmJjYWE5OTU2ZDAyZWRiMTg1NjI2YTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CQFVbgdTIMvBqynVwur/XMVk6By
thdXTvzgPDzkiQZ2j/Pn4LL+/W+BF7DX7GUorsx7jGqkeZfro6sCHfAynPrZ6gma
Wg6xg4V2nykmKzbELlFPMaD1mG8HjNZ0nnppTnaaBk8Q5OMDD5kl1UjAKJMyuEA2
URCARx+R3lacbPTdRbDemZ8f+gTXihSpwoGV0+XvL47yH5+aKA6bLMA9Yr419VcC
IoiSFkcyEFSKwQ4nYG1zXD/eZ1PEgjpd6nBT6SrpJnTmC8qwag4qciTFZR6CdhIa
qQBV1thXwJAHnqlSTO5pNgOcjmFR/T//r2nRA9VCQ4hHycrR2//xbizLwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFoU6u9ZpRMn+8qplW0C7bGFYmpbMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvV2hUcTcxbWxFeWY3eXFtVmJRTHRzWVZpYWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9SmAwQA
sGQqMA0GCSqGSIb3DQEBCwUAA4IBAQBhY3G2Ud/jz/3v5lAwmFqVrYPoBk8DGuyv
wxiyRN0PuzF67jmFc6HrXkkBxT32BcBBtlWDhJUBn2RAG33fd4PH0E8E8z9n8kHm
2G/FNQ8lkY9cnDrVYqS9MNkRBHW3hFOn7E112z7HOYSRKxjlmsGV6btPnahRSIbr
OBDZ/AB7YMALSF2EuCNJiaoInYe974XHIHDBTqgi1n8cT95KpxQJJeiWN3n5VBgh
q6DtRJFNXc//ySmZBG9OnVijSuaFwx62BIBZCOUSH8zhiNAL68yFunLE8X03TAtf
ZTFq2nLAS/VufKH8cqL5tMl6GgkrkQCZyB9ttxQRGIGOTWzHthOQ
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:40:23 2026 by rpki-client