Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/enFR5HHJKqUIfHN0BWE96-D-Pok.roa
File: enFR5HHJKqUIfHN0BWE96-D-Pok.roa (raw, json)
Hash identifier: o+0hliBnDQprl15D9OJEy/uqeIkKA41cFns7EmH3y8k=
Subject key identifier: 7A:71:51:E4:71:C9:2A:A5:08:7C:73:74:05:61:3D:EB:E0:FE:3E:89
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D19FDC9CAF63B8871F965EFBF3AB70942
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/enFR5HHJKqUIfHN0BWE96-D-Pok.roa
Signing time: Mon 23 Mar 2026 09:19:15 +0000
ROA not before: Mon 23 Mar 2026 09:19:15 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 40676
IP address blocks: 2a0f:2707::/32 maxlen: 32
2a0f:3043::/32 maxlen: 32
2a13:c906::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 25 Mar 2026 20:41:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:19:fd:c9:ca:f6:3b:88:71:f9:65:ef:bf:3a:b7:09:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 23 09:19:15 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7a7151e471c92aa5087c737405613debe0fe3e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:55:7a:bd:ac:c9:e9:5e:05:e2:81:47:cb:ef:
e0:d1:5f:b2:82:52:6b:d8:38:45:c4:0b:5f:da:20:
fa:41:10:35:b6:8f:00:5b:81:d0:44:6f:d2:e2:6a:
13:3f:bf:31:1e:83:9f:cc:db:88:06:4b:5d:45:cb:
91:a4:34:6b:fe:79:8a:34:48:b2:ce:a3:1d:c9:e4:
d3:34:d7:c8:a7:41:6f:d5:c7:47:f4:69:6a:19:6e:
25:fb:40:dc:3e:35:07:d4:b4:f3:17:c3:26:ca:e1:
cf:bb:58:ce:97:73:78:e9:e1:03:99:15:56:d4:7d:
44:b9:44:30:9d:72:13:b0:61:5d:a1:8e:13:99:a2:
35:5e:39:a0:f2:37:40:13:58:a9:85:c6:0e:24:02:
45:fa:12:19:46:c8:bf:e6:ce:96:91:01:59:ba:e4:
32:7e:71:14:eb:fd:35:93:25:d3:3a:32:9b:ac:eb:
31:86:7e:ac:a8:94:8f:0c:37:6c:e0:d9:56:05:fb:
30:70:f4:8a:3e:ce:69:0f:1c:61:62:8d:27:86:07:
ca:f4:ed:79:11:46:e0:95:a9:a9:47:5b:98:a0:93:
59:36:c9:b7:fd:2a:05:82:9d:27:99:ba:be:bf:aa:
94:d9:79:b8:93:71:0d:e6:83:75:e0:9c:a1:e9:99:
4f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:71:51:E4:71:C9:2A:A5:08:7C:73:74:05:61:3D:EB:E0:FE:3E:89
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/enFR5HHJKqUIfHN0BWE96-D-Pok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2707::/32
2a0f:3043::/32
2a13:c906::/32
Signature Algorithm: sha256WithRSAEncryption
40:07:71:d2:be:eb:3b:94:48:9f:38:e8:e2:cd:33:71:0c:f7:
de:e9:80:fa:fd:17:a2:5c:ad:60:6b:12:ae:28:47:63:92:1a:
aa:41:ec:fb:40:21:46:bf:ca:de:2c:b9:5c:55:84:b1:4c:b2:
da:32:d8:a7:46:b8:82:b9:c8:29:07:a5:58:e3:f5:40:52:7b:
4b:0e:b0:04:56:1b:4f:a2:e1:dc:4b:56:ab:32:c6:b2:8f:9e:
a6:65:09:08:63:ef:c7:2d:15:84:c2:44:83:77:38:58:53:83:
a2:67:f7:35:13:bd:e9:43:bb:20:40:72:d0:6c:db:ec:a2:1b:
3d:ea:3e:2c:93:e6:e2:df:49:92:3a:46:3c:de:4f:5a:3b:89:
c2:f2:08:f1:b3:cf:d8:80:bb:31:69:af:7c:cb:25:04:ca:e2:
fb:62:ac:8a:0b:12:27:e8:44:bb:47:ce:d0:2d:69:78:78:30:
30:1d:6a:0f:b8:8c:5b:37:53:00:a8:86:97:82:07:c8:d6:76:
98:e6:b3:ea:89:9e:69:8e:1e:3e:96:42:a4:06:4d:93:d8:3d:
65:af:5c:23:34:b1:89:f2:52:18:02:3c:ba:54:41:cf:32:e1:
4a:c1:df:92:4a:42:e1:c5:ae:7f:49:bd:92:7e:0c:7f:11:a4:
9b:43:4d:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ0Z/cnK9juIcfll7786twlCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzIzMDkxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTcxNTFlNDcxYzkyYWE1MDg3YzczNzQwNTYxM2RlYmUwZmUzZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFV6vazJ6V4F4oFHy+/g0V+yglJr
2DhFxAtf2iD6QRA1to8AW4HQRG/S4moTP78xHoOfzNuIBktdRcuRpDRr/nmKNEiy
zqMdyeTTNNfIp0Fv1cdH9GlqGW4l+0DcPjUH1LTzF8MmyuHPu1jOl3N46eEDmRVW
1H1EuUQwnXITsGFdoY4TmaI1Xjmg8jdAE1iphcYOJAJF+hIZRsi/5s6WkQFZuuQy
fnEU6/01kyXTOjKbrOsxhn6sqJSPDDds4NlWBfswcPSKPs5pDxxhYo0nhgfK9O15
EUbglampR1uYoJNZNsm3/SoFgp0nmbq+v6qU2Xm4k3EN5oN14Jyh6ZlPwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHpxUeRxySqlCHxzdAVhPevg/j6JMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZW5GUjVISEpLcVVJZkhOMEJXRTk2LUQtUG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKg8nBwMF
ACoPMEMDBQAqE8kGMA0GCSqGSIb3DQEBCwUAA4IBAQBAB3HSvus7lEifOOjizTNx
DPfe6YD6/ReiXK1gaxKuKEdjkhqqQez7QCFGv8reLLlcVYSxTLLaMtinRriCucgp
B6VY4/VAUntLDrAEVhtPouHcS1arMsayj56mZQkIY+/HLRWEwkSDdzhYU4OiZ/c1
E73pQ7sgQHLQbNvsohs96j4sk+bi30mSOkY83k9aO4nC8gjxs8/YgLsxaa98yyUE
yuL7YqyKCxIn6ES7R87QLWl4eDAwHWoPuIxbN1MAqIaXggfI1naY5rPqiZ5pjh4+
lkKkBk2T2D1lr1wjNLGJ8lIYAjy6VEHPMuFKwd+SSkLhxa5/Sb2Sfgx/EaSbQ03p
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:16:05 2026 by rpki-client