Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/aXSjio7oIBrlbne_hxPUPcgiFYw.roa
File: aXSjio7oIBrlbne_hxPUPcgiFYw.roa (raw, json)
Hash identifier: dMiO2drKE0hGml9zvRc0PssyXujQ5egKKtDsOqyPvaY=
Subject key identifier: 69:74:A3:8A:8E:E8:20:1A:E5:6E:77:BF:87:13:D4:3D:C8:22:15:8C
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019D1C5D233BE40C0D03433D3206D4C7DDC7
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/aXSjio7oIBrlbne_hxPUPcgiFYw.roa
Signing time: Mon 23 Mar 2026 20:22:39 +0000
ROA not before: Mon 23 Mar 2026 20:22:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49453
IP address blocks: 212.135.64.0/22 maxlen: 24
212.135.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 25 Mar 2026 21:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1c:5d:23:3b:e4:0c:0d:03:43:3d:32:06:d4:c7:dd:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Mar 23 20:22:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6974a38a8ee8201ae56e77bf8713d43dc822158c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:13:3e:07:8c:01:19:93:27:4f:a2:d6:ac:7b:
ff:1e:19:5e:9d:6a:9f:fd:fc:43:70:19:b1:88:3a:
14:f2:0b:48:38:53:c9:6f:a8:96:b6:8c:2d:2e:a1:
5a:f8:22:b7:40:bd:72:33:6d:9d:57:b3:e2:72:ae:
00:ce:18:28:ff:5a:5e:15:98:2e:03:d2:87:27:70:
21:a2:d2:9a:2a:51:a4:3d:09:d1:72:1b:c2:5c:89:
2c:a8:f0:3f:5a:ed:18:e2:7c:cc:e3:1c:47:fb:55:
5b:47:09:f5:83:de:d2:2d:dd:2c:d2:a9:0f:19:de:
11:71:55:41:7c:d9:18:9b:2c:9a:92:89:8b:28:70:
2b:69:23:87:6d:15:b3:07:79:1f:d6:6d:b1:8d:37:
99:4f:38:34:de:c0:1a:b9:36:93:97:3e:8a:42:bc:
3b:1c:0c:f5:a6:c0:f5:70:91:84:54:a9:94:b6:8d:
a4:74:72:5d:a3:45:7f:78:6d:13:46:b4:54:47:6f:
b6:0e:c3:9b:3a:64:f3:ed:d3:e8:ba:06:53:6a:58:
75:a8:c4:39:52:62:2b:8e:c4:02:7c:55:a7:c7:b6:
33:44:eb:01:4f:f7:0a:35:65:5c:a4:b1:fe:23:37:
94:dd:59:20:34:dc:90:ef:09:d0:3b:57:15:c4:99:
2e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:74:A3:8A:8E:E8:20:1A:E5:6E:77:BF:87:13:D4:3D:C8:22:15:8C
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/aXSjio7oIBrlbne_hxPUPcgiFYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.135.64.0/22
212.135.104.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:0c:3c:3c:76:94:bc:ea:bb:d0:20:94:21:d8:50:c3:a4:83:
3c:d9:d9:aa:39:be:ac:67:90:88:df:28:28:66:43:67:42:5d:
62:90:a8:dc:53:51:74:2b:0b:ab:2e:ba:23:c6:8a:32:91:88:
97:1b:bb:2b:fa:c1:0e:7b:81:71:0d:48:c6:84:4c:38:d0:cf:
82:3c:22:52:ce:5f:28:c9:fd:b1:6e:f9:73:22:71:0f:00:81:
71:a8:da:5c:95:18:28:46:0b:6f:3e:fa:88:1c:26:91:b3:83:
c6:66:b8:d7:65:97:4f:8e:63:8f:6a:f3:de:77:31:0e:e7:61:
29:c0:e3:a8:23:26:ab:cd:07:ea:11:c0:b9:42:ae:c7:24:72:
28:4e:66:f6:24:0a:27:22:50:68:01:7a:52:4b:a2:eb:d4:75:
b1:51:ea:88:f9:b8:f4:2e:0b:fb:46:d9:fb:9a:40:f4:a5:ae:
69:89:12:e2:ce:65:2b:d7:97:9e:ce:f5:ab:02:ae:7f:c8:78:
de:ff:4e:60:1e:f2:09:b8:1f:b4:f5:8b:f9:e8:75:ff:30:3a:
e1:d2:bb:75:ea:ff:ea:ac:e2:6f:8e:af:ea:f0:76:09:2e:78:
d8:71:5c:95:23:7b:77:3e:63:1f:20:9b:2f:57:1e:28:b6:71:
c8:e6:f5:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0cXSM75AwNA0M9MgbUx93HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwMzIzMjAyMjM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc0YTM4YThlZTgyMDFhZTU2ZTc3YmY4NzEzZDQzZGM4MjIxNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxM+B4wBGZMnT6LWrHv/HhlenWqf
/fxDcBmxiDoU8gtIOFPJb6iWtowtLqFa+CK3QL1yM22dV7Picq4Azhgo/1peFZgu
A9KHJ3AhotKaKlGkPQnRchvCXIksqPA/Wu0Y4nzM4xxH+1VbRwn1g97SLd0s0qkP
Gd4RcVVBfNkYmyyakomLKHAraSOHbRWzB3kf1m2xjTeZTzg03sAauTaTlz6KQrw7
HAz1psD1cJGEVKmUto2kdHJdo0V/eG0TRrRUR2+2DsObOmTz7dPougZTalh1qMQ5
UmIrjsQCfFWnx7YzROsBT/cKNWVcpLH+IzeU3VkgNNyQ7wnQO1cVxJkuyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGl0o4qO6CAa5W53v4cT1D3IIhWMMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvYVhTamlvN29JQnJsYm5lX2h4UFVQY2dpRll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1IdAAwQC
1IdoMA0GCSqGSIb3DQEBCwUAA4IBAQBMDDw8dpS86rvQIJQh2FDDpIM82dmqOb6s
Z5CI3ygoZkNnQl1ikKjcU1F0KwurLrojxooykYiXG7sr+sEOe4FxDUjGhEw40M+C
PCJSzl8oyf2xbvlzInEPAIFxqNpclRgoRgtvPvqIHCaRs4PGZrjXZZdPjmOPavPe
dzEO52EpwOOoIyarzQfqEcC5Qq7HJHIoTmb2JAonIlBoAXpSS6Lr1HWxUeqI+bj0
Lgv7Rtn7mkD0pa5piRLizmUr15eezvWrAq5/yHje/05gHvIJuB+09Yv56HX/MDrh
0rt16v/qrOJvjq/q8HYJLnjYcVyVI3t3PmMfIJsvVx4otnHI5vWJ
-----END CERTIFICATE-----
Generated at Sat Mar 28 08:49:08 2026 by rpki-client