Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/6BWnOz5mpIIZYGwmVFYnwePxE6U.roa
File: 6BWnOz5mpIIZYGwmVFYnwePxE6U.roa (raw, json)
Hash identifier: UROcEu5iP4oUADiSt14Kis7oZArbkUvoumLKiYXyU74=
Subject key identifier: E8:15:A7:3B:3E:66:A4:82:19:60:6C:26:54:56:27:C1:E3:F1:13:A5
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 019CFA9D299D6B0EDB6B4FBF7DF65C3F72C6
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/6BWnOz5mpIIZYGwmVFYnwePxE6U.roa
Signing time: Tue 17 Mar 2026 07:05:29 +0000
ROA not before: Tue 17 Mar 2026 07:05:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 194.104.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Mar 2026 07:58:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fa:9d:29:9d:6b:0e:db:6b:4f:bf:7d:f6:5c:3f:72:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Mar 17 07:05:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e815a73b3e66a48219606c26545627c1e3f113a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:60:e9:48:5e:9c:e2:0a:cb:0d:08:b5:d6:ce:
76:37:a0:6c:bb:a7:e6:1d:cb:d3:08:09:58:85:c6:
27:b6:50:29:82:be:cd:d9:aa:85:be:fc:3e:3a:8f:
08:79:b1:1e:bc:af:c8:98:7f:17:22:f5:a9:ab:2f:
38:06:3c:90:6e:0b:98:ca:65:ed:5d:68:55:26:0e:
d9:7d:3f:5f:b9:4b:72:60:b3:2c:8d:d7:52:a4:39:
04:b6:19:60:26:ef:df:fd:c0:06:b7:e5:e7:f6:ec:
31:97:fb:ff:ea:cc:7b:e6:5c:a6:b1:ab:df:27:f3:
27:23:3b:37:2d:d4:d8:17:11:ae:da:18:88:4c:99:
1e:74:02:f6:67:62:2b:4f:d7:8f:c5:09:fe:46:de:
9b:bc:f4:b6:47:ac:c9:01:4e:fe:d3:e2:e2:b5:5f:
e8:72:62:7d:b3:b7:ba:68:19:7b:ac:86:81:3f:60:
cf:46:8d:84:77:e7:24:65:e1:39:44:7b:10:43:f6:
6f:06:db:9d:83:fc:0f:0f:43:90:d5:18:8b:e4:fc:
9e:66:4b:11:33:ec:7e:72:de:90:00:a0:f7:06:5f:
a0:a3:ea:4c:69:cb:93:7d:a0:00:89:f8:34:8b:ef:
ec:51:09:2f:d5:f3:f7:b6:7d:d5:81:2b:e4:43:f7:
89:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:15:A7:3B:3E:66:A4:82:19:60:6C:26:54:56:27:C1:E3:F1:13:A5
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/6BWnOz5mpIIZYGwmVFYnwePxE6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.138.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:8e:65:73:8c:f8:0d:95:ea:23:55:f8:63:00:76:13:a5:2a:
37:6a:b9:59:d5:b8:56:7f:c3:4f:35:46:01:26:a9:0c:25:f1:
2b:b1:c6:e8:9e:18:f0:2e:01:b8:27:3c:5c:3d:57:73:20:cc:
1a:b9:9d:3f:0f:dc:e5:db:c0:c3:d0:c4:0e:b5:da:bc:81:c8:
60:e5:ec:de:53:69:1c:88:98:13:33:17:21:40:e8:fc:0f:4d:
be:c2:5e:e8:f7:99:6b:2c:76:b9:18:36:e1:a6:50:68:f1:e1:
cb:70:11:3f:29:33:7a:d6:39:c7:0f:f6:1f:ce:b5:f8:8c:f6:
51:8a:28:a3:1d:05:43:da:1d:61:b7:27:08:e8:f2:cf:c8:6a:
7a:6a:c2:fd:78:06:bf:b3:83:98:0b:00:c3:1c:24:ec:45:ae:
77:41:26:0d:8a:02:56:b5:69:07:6f:43:11:4e:29:29:01:4b:
e7:e2:3e:1a:82:27:ee:b4:92:1b:ce:a6:8e:99:f7:e2:7f:e2:
67:57:9f:f2:20:c1:5b:c3:e7:92:28:48:46:75:27:0a:90:bc:
1e:1b:20:08:e7:09:23:0e:9a:00:9d:b0:ea:61:2e:a5:7a:b3:
8d:9e:3f:20:7c:77:98:35:cf:d4:ef:2a:86:51:e1:b0:d5:bd:
9f:db:43:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZz6nSmdaw7ba0+/ffZcP3LGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjYwMzE3MDcwNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODE1YTczYjNlNjZhNDgyMTk2MDZjMjY1NDU2MjdjMWUzZjExM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWDpSF6c4grLDQi11s52N6Bsu6fm
HcvTCAlYhcYntlApgr7N2aqFvvw+Oo8IebEevK/ImH8XIvWpqy84BjyQbguYymXt
XWhVJg7ZfT9fuUtyYLMsjddSpDkEthlgJu/f/cAGt+Xn9uwxl/v/6sx75lymsavf
J/MnIzs3LdTYFxGu2hiITJkedAL2Z2IrT9ePxQn+Rt6bvPS2R6zJAU7+0+LitV/o
cmJ9s7e6aBl7rIaBP2DPRo2Ed+ckZeE5RHsQQ/ZvBtudg/wPD0OQ1RiL5PyeZksR
M+x+ct6QAKD3Bl+go+pMacuTfaAAifg0i+/sUQkv1fP3tn3VgSvkQ/eJ+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOgVpzs+ZqSCGWBsJlRWJ8Hj8ROlMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvNkJXbk96NW1wSUlaWUd3bVZGWW53ZVB4RTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiKMA0G
CSqGSIb3DQEBCwUAA4IBAQB7jmVzjPgNleojVfhjAHYTpSo3arlZ1bhWf8NPNUYB
JqkMJfErscbonhjwLgG4JzxcPVdzIMwauZ0/D9zl28DD0MQOtdq8gchg5ezeU2kc
iJgTMxchQOj8D02+wl7o95lrLHa5GDbhplBo8eHLcBE/KTN61jnHD/YfzrX4jPZR
iiijHQVD2h1htycI6PLPyGp6asL9eAa/s4OYCwDDHCTsRa53QSYNigJWtWkHb0MR
TikpAUvn4j4agifutJIbzqaOmffif+JnV5/yIMFbw+eSKEhGdScKkLweGyAI5wkj
DpoAnbDqYS6lerONnj8gfHeYNc/U7yqGUeGw1b2f20ND
-----END CERTIFICATE-----
Generated at Fri Mar 27 03:54:12 2026 by rpki-client