Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/68bf1d-6e50-4996-82af-0ac581a58cd1/1/hXnc0aouohGqhAOMrSzDtkaexCE.roa
File: hXnc0aouohGqhAOMrSzDtkaexCE.roa (raw, json)
Hash identifier: yxy01ATSTnYLsImDsi6PNp5Z8L3PmHHYPfhY47FWh+A=
Subject key identifier: 85:79:DC:D1:AA:2E:A2:11:AA:84:03:8C:AD:2C:C3:B6:46:9E:C4:21
Certificate issuer: /CN=b0c9e116678959b8a9478fcea7ca3c0603102162
Certificate serial: 019E1D9A11652418E1D0632FED1E37AF87A1
Authority key identifier: B0:C9:E1:16:67:89:59:B8:A9:47:8F:CE:A7:CA:3C:06:03:10:21:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMnhFmeJWbipR4_Op8o8BgMQIWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/68bf1d-6e50-4996-82af-0ac581a58cd1/1/hXnc0aouohGqhAOMrSzDtkaexCE.roa
Signing time: Tue 12 May 2026 19:11:36 +0000
ROA not before: Tue 12 May 2026 19:11:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:19e:175a:3589/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 12 May 2026 20:04:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:9a:11:65:24:18:e1:d0:63:2f:ed:1e:37:af:87:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c9e116678959b8a9478fcea7ca3c0603102162
Validity
Not Before: May 12 19:11:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8579dcd1aa2ea211aa84038cad2cc3b6469ec421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:32:dd:34:a4:fb:09:90:03:7a:4f:4e:4d:4c:
1b:73:9b:3d:26:a3:ae:bd:7a:25:50:f1:5a:e7:32:
d7:35:a4:72:cf:ed:66:af:70:db:12:b8:15:26:5b:
b2:ca:d4:ed:ff:10:3a:a3:99:08:78:c7:e8:d0:0c:
6d:23:74:b7:d9:24:c2:d6:05:5c:c3:d6:39:e5:90:
c4:54:45:37:9c:9e:55:2f:33:f7:82:c2:c2:6e:b1:
1f:5f:86:5a:01:d1:74:e2:6f:86:ec:58:df:47:01:
ac:ad:39:d5:b5:f9:d6:67:e9:49:91:de:e2:57:1e:
f8:e5:d1:fc:1b:e2:1e:c0:4c:ac:59:1d:bb:16:c8:
8f:c5:65:74:27:4e:1d:53:83:3d:ec:60:8a:7f:d6:
43:fb:f5:5a:2e:3b:7e:74:b5:eb:42:5f:4e:5d:2e:
8b:7d:94:1d:92:e8:88:0e:28:45:33:b8:a5:48:53:
90:54:52:63:9b:28:1f:fd:85:a8:27:d2:91:1b:10:
36:dc:80:80:a0:6f:88:7d:7a:c8:a7:c0:27:78:37:
22:29:62:71:b6:89:56:6f:84:93:ff:7c:ff:05:11:
b4:cc:f1:12:ac:cb:10:f8:e6:a2:ab:0c:08:c5:18:
d8:57:c2:af:fd:61:be:a8:3c:f3:3a:80:a9:00:9c:
91:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:79:DC:D1:AA:2E:A2:11:AA:84:03:8C:AD:2C:C3:B6:46:9E:C4:21
X509v3 Authority Key Identifier:
keyid:B0:C9:E1:16:67:89:59:B8:A9:47:8F:CE:A7:CA:3C:06:03:10:21:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMnhFmeJWbipR4_Op8o8BgMQIWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/68bf1d-6e50-4996-82af-0ac581a58cd1/1/hXnc0aouohGqhAOMrSzDtkaexCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/68bf1d-6e50-4996-82af-0ac581a58cd1/1/sMnhFmeJWbipR4_Op8o8BgMQIWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:19e:175a:3589/128
Signature Algorithm: sha256WithRSAEncryption
00:47:5f:82:8d:44:83:0a:11:e2:f4:21:6f:b6:e9:9e:d2:92:
a4:32:14:de:9d:d6:ce:08:3c:56:96:88:89:da:6d:71:bb:a8:
cf:f2:72:20:18:bb:1f:3b:02:94:42:fb:97:72:df:b0:ad:37:
41:e4:f6:a6:97:db:e4:72:ed:d2:c6:bc:f6:77:5d:a1:1e:24:
3f:4b:b5:2a:11:64:9f:90:ff:bc:69:1a:3d:fe:02:26:a2:48:
b8:8d:22:df:74:71:b0:8a:7b:1b:9e:83:73:0a:70:24:5c:dd:
b1:bd:47:d9:1e:91:84:22:76:01:27:85:dc:0e:9e:1a:ad:18:
3a:93:25:29:81:dc:eb:6e:5a:fd:c5:a2:c6:77:f3:b7:b6:fe:
8b:15:0b:c3:cf:9d:e2:eb:99:f1:7d:76:97:2d:f7:e5:f9:b1:
96:a4:88:94:5f:2e:9d:e2:2e:dd:43:84:df:9e:b3:a0:da:ad:
78:48:f1:7e:85:27:09:94:e3:bb:b6:41:82:eb:ca:f2:8a:fe:
96:70:78:7d:9a:d6:63:9e:93:7b:d8:58:7a:bb:f1:e2:ac:7c:
44:49:5c:b4:db:61:a6:cb:c0:b3:d6:57:0f:62:d3:8d:a9:e6:
72:0a:8c:c9:c8:8f:85:27:bc:a6:fd:e6:2a:2f:b4:a2:2f:1f:
97:3b:1a:63
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZ4dmhFlJBjh0GMv7R43r4ehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzllMTE2Njc4OTU5YjhhOTQ3OGZjZWE3Y2EzYzA2MDMx
MDIxNjIwHhcNMjYwNTEyMTkxMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTc5ZGNkMWFhMmVhMjExYWE4NDAzOGNhZDJjYzNiNjQ2OWVjNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTLdNKT7CZADek9OTUwbc5s9JqOu
vXolUPFa5zLXNaRyz+1mr3DbErgVJluyytTt/xA6o5kIeMfo0AxtI3S32STC1gVc
w9Y55ZDEVEU3nJ5VLzP3gsLCbrEfX4ZaAdF04m+G7FjfRwGsrTnVtfnWZ+lJkd7i
Vx745dH8G+IewEysWR27FsiPxWV0J04dU4M97GCKf9ZD+/VaLjt+dLXrQl9OXS6L
fZQdkuiIDihFM7ilSFOQVFJjmygf/YWoJ9KRGxA23ICAoG+IfXrIp8AneDciKWJx
tolWb4ST/3z/BRG0zPESrMsQ+OaiqwwIxRjYV8Kv/WG+qDzzOoCpAJyRXQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIV53NGqLqIRqoQDjK0sw7ZGnsQhMB8GA1UdIwQY
MBaAFLDJ4RZniVm4qUePzqfKPAYDECFiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01uaEZtZUpXYmlwUjRfT3A4bzhCZ01RSVdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82OGJmMWQtNmU1MC00OTk2LTgyYWYt
MGFjNTgxYTU4Y2QxLzEvaFhuYzBhb3VvaEdxaEFPTXJTekR0a2FleENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82OGJmMWQtNmU1MC00OTk2LTgyYWYtMGFjNTgxYTU4Y2Qx
LzEvc01uaEZtZUpXYmlwUjRfT3A4bzhCZ01RSVdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGeF1o1iTANBgkqhkiG9w0BAQsFAAOCAQEAAEdfgo1EgwoR4vQhb7bpntKS
pDIU3p3Wzgg8VpaIidptcbuoz/JyIBi7HzsClEL7l3LfsK03QeT2ppfb5HLt0sa8
9nddoR4kP0u1KhFkn5D/vGkaPf4CJqJIuI0i33RxsIp7G56DcwpwJFzdsb1H2R6R
hCJ2ASeF3A6eGq0YOpMlKYHc625a/cWixnfzt7b+ixULw8+d4uuZ8X12ly335fmx
lqSIlF8uneIu3UOE356zoNqteEjxfoUnCZTju7ZBguvK8or+lnB4fZrWY56Te9hY
ervx4qx8RElctNthpsvAs9ZXD2LTjanmcgqMyciPhSe8pv3mKi+0oi8flzsaYw==
-----END CERTIFICATE-----
Generated at Wed May 13 13:02:41 2026 by rpki-client