Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/UmBw_yF9KWjZUAQ9ukulqKQYnf0.roa
File: UmBw_yF9KWjZUAQ9ukulqKQYnf0.roa (raw, json)
Hash identifier: GXPHkRfD9ruUjXH0INFOCI/KwX1w3gcMApKKReWsSrs=
Subject key identifier: 52:60:70:FF:21:7D:29:68:D9:50:04:3D:BA:4B:A5:A8:A4:18:9D:FD
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 019CF65805D14EAF2CBEDBBCCC0C3397A3A1
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/UmBw_yF9KWjZUAQ9ukulqKQYnf0.roa
Signing time: Mon 16 Mar 2026 11:11:29 +0000
ROA not before: Mon 16 Mar 2026 11:11:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57844
IP address blocks: 139.28.168.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Mar 2026 11:20:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f6:58:05:d1:4e:af:2c:be:db:bc:cc:0c:33:97:a3:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Mar 16 11:11:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=526070ff217d2968d950043dba4ba5a8a4189dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c3:33:bb:fb:de:32:fe:82:f0:18:a9:2b:d7:
ad:29:9f:cf:33:33:3d:08:9d:50:ab:f4:fe:65:25:
2e:cd:72:51:20:73:00:33:80:7e:8b:54:3b:dd:63:
d0:71:8a:cd:6e:a3:95:d5:5d:95:46:6b:d6:f0:f0:
73:9b:cb:24:3f:99:bc:ed:2f:b5:97:2a:a2:87:2d:
bf:72:f3:7c:52:26:49:1a:23:21:d6:80:01:e0:24:
10:f7:03:5f:b5:96:23:83:14:f4:73:59:db:85:07:
fd:3d:32:c3:8b:79:a1:db:e3:22:2a:fc:e1:38:44:
79:f9:fa:4c:4e:fa:31:fe:28:fc:7b:f1:b0:09:a4:
fc:8d:9e:42:47:8d:2b:98:2c:63:ba:10:0d:d7:e8:
e7:87:8a:39:8d:04:f0:15:1b:30:fd:20:67:6f:83:
53:1f:bf:4b:79:6f:d6:30:34:1b:b2:d4:f9:95:6d:
87:93:e9:c3:05:f8:a4:62:cb:10:21:37:08:e1:e2:
a2:f7:28:60:f0:7e:c6:6a:a1:8a:3e:a1:f1:f5:1e:
59:c9:11:c3:47:6a:a4:66:03:41:23:e3:eb:b6:c7:
54:48:9e:bb:76:07:c4:b9:ba:c4:36:7c:5e:33:82:
9a:13:f0:a6:b9:b9:e9:46:60:b4:79:88:0a:48:b8:
77:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:60:70:FF:21:7D:29:68:D9:50:04:3D:BA:4B:A5:A8:A4:18:9D:FD
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/UmBw_yF9KWjZUAQ9ukulqKQYnf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.168.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:b9:ca:d3:82:02:d5:92:94:4f:58:ff:a0:b1:a6:89:e0:33:
bb:a8:9e:ef:9b:44:ac:c3:df:b5:60:7c:4b:f3:59:e8:00:23:
00:e9:71:35:1b:19:ff:3c:01:92:3e:84:cd:d9:eb:51:49:ec:
aa:d2:2a:3e:0b:84:b3:97:90:15:94:79:e4:68:88:38:2d:c7:
9d:11:5d:3f:0c:f9:1d:40:8b:52:48:ad:37:ae:09:0f:3f:0b:
a3:33:4c:5b:e8:7c:05:0c:5e:73:c6:a6:2d:7e:52:d9:af:66:
dd:64:87:4f:60:3f:82:fb:c1:f9:d5:58:8c:9a:34:c1:c3:9a:
27:8a:ed:59:2f:0b:ba:04:4d:01:e5:84:0a:e8:a2:76:d9:e3:
96:8e:69:dc:5b:2a:39:22:7e:ce:68:5c:4d:f7:c1:80:a2:7b:
57:c8:22:55:ef:e9:c2:c3:bf:e8:0b:2c:1b:e1:e3:95:44:3c:
a4:c0:54:41:03:d2:37:3f:b6:a1:60:5a:26:1c:c7:28:5e:3a:
1c:8b:09:1c:75:1c:7e:2a:a8:66:43:cc:a4:db:18:be:48:72:
66:60:b4:d0:34:f8:92:b2:55:e3:d8:e4:db:ac:73:77:92:5f:
dc:44:d6:0d:60:c1:9d:be:3d:4d:b9:20:01:96:dc:09:78:96:
68:ba:bc:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZz2WAXRTq8svtu8zAwzl6OhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTI1YWFmZTNhOTg3MGU5NTI0YWZhMDI2NTk4N2VkNWE1
YTRkYTMwHhcNMjYwMzE2MTExMTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjYwNzBmZjIxN2QyOTY4ZDk1MDA0M2RiYTRiYTVhOGE0MTg5ZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8Mzu/veMv6C8BipK9etKZ/PMzM9
CJ1Qq/T+ZSUuzXJRIHMAM4B+i1Q73WPQcYrNbqOV1V2VRmvW8PBzm8skP5m87S+1
lyqihy2/cvN8UiZJGiMh1oAB4CQQ9wNftZYjgxT0c1nbhQf9PTLDi3mh2+MiKvzh
OER5+fpMTvox/ij8e/GwCaT8jZ5CR40rmCxjuhAN1+jnh4o5jQTwFRsw/SBnb4NT
H79LeW/WMDQbstT5lW2Hk+nDBfikYssQITcI4eKi9yhg8H7GaqGKPqHx9R5ZyRHD
R2qkZgNBI+PrtsdUSJ67dgfEubrENnxeM4KaE/CmubnpRmC0eYgKSLh34QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJgcP8hfSlo2VAEPbpLpaikGJ39MB8GA1UdIwQY
MBaAFK2iWq/jqYcOlSSvoCZZh+1aWk2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUt
OWQ1ODc1ZDg2MzczLzEvVW1Cd195RjlLV2paVUFROXVrdWxxS1FZbmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUtOWQ1ODc1ZDg2Mzcz
LzEvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixyoMA0G
CSqGSIb3DQEBCwUAA4IBAQAtucrTggLVkpRPWP+gsaaJ4DO7qJ7vm0Ssw9+1YHxL
81noACMA6XE1Gxn/PAGSPoTN2etRSeyq0io+C4Szl5AVlHnkaIg4LcedEV0/DPkd
QItSSK03rgkPPwujM0xb6HwFDF5zxqYtflLZr2bdZIdPYD+C+8H51ViMmjTBw5on
iu1ZLwu6BE0B5YQK6KJ22eOWjmncWyo5In7OaFxN98GAontXyCJV7+nCw7/oCywb
4eOVRDykwFRBA9I3P7ahYFomHMcoXjociwkcdRx+KqhmQ8yk2xi+SHJmYLTQNPiS
slXj2OTbrHN3kl/cRNYNYMGdvj1NuSABltwJeJZourxy
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:49:53 2026 by rpki-client