Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/r9tIisGzYVSpJErpO2i3M_n6Ce8.roa
File: r9tIisGzYVSpJErpO2i3M_n6Ce8.roa (raw, json)
Hash identifier: JT1yiexYgEeMxJw668oWzePDWR9MUA1vEFJKoB7uwg4=
Subject key identifier: AF:DB:48:8A:C1:B3:61:54:A9:24:4A:E9:3B:68:B7:33:F9:FA:09:EF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CFC0F44C3FA6BABE60F30A0457B57CF39
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/r9tIisGzYVSpJErpO2i3M_n6Ce8.roa
Signing time: Tue 17 Mar 2026 13:49:44 +0000
ROA not before: Tue 17 Mar 2026 13:49:44 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29226
IP address blocks: 2a0a:2d01::/32 maxlen: 32
2a0f:7d03::/32 maxlen: 32
2a10:7100::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 27 Mar 2026 12:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fc:0f:44:c3:fa:6b:ab:e6:0f:30:a0:45:7b:57:cf:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 17 13:49:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=afdb488ac1b36154a9244ae93b68b733f9fa09ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e5:2b:b7:73:42:c9:eb:aa:26:d7:6c:17:31:
ea:09:66:e7:a9:3b:22:82:55:7a:db:f0:a5:51:83:
f1:26:0a:ed:7a:f6:1b:61:88:48:04:99:30:31:d1:
44:b1:e6:c8:31:dd:f6:ac:74:6f:02:98:50:26:92:
b8:de:29:dc:d2:e2:cb:05:eb:5a:dc:3e:c6:82:3c:
dc:31:89:f3:c4:fd:3c:56:0d:31:c2:7e:f7:f4:22:
80:42:5c:0e:94:73:a1:63:84:3f:ae:8b:b4:de:4f:
10:2a:d5:2d:c0:66:7d:92:44:fa:68:7d:6a:49:db:
fb:8a:b7:5e:8e:da:73:3f:23:7e:3d:61:51:64:3b:
a6:96:76:92:bd:4c:79:31:43:7f:d1:8a:21:ee:e7:
4d:53:ce:ac:89:2a:24:06:0b:0d:88:4c:cf:08:dc:
7f:c2:03:06:c7:bc:2e:fc:8e:be:d1:11:de:ad:17:
dc:fd:91:41:7e:0f:ad:63:68:d4:4f:a8:90:b1:8a:
41:65:02:63:02:ea:bd:0e:62:a4:3c:5b:a6:fc:75:
28:b1:3d:52:22:12:01:aa:e0:55:b6:0e:bb:57:6c:
0e:0d:ec:b1:c0:e4:47:14:3a:ca:47:6f:e4:60:77:
f3:57:27:c2:90:f5:b9:ed:87:01:d0:b9:41:e2:9b:
c8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:DB:48:8A:C1:B3:61:54:A9:24:4A:E9:3B:68:B7:33:F9:FA:09:EF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/r9tIisGzYVSpJErpO2i3M_n6Ce8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d01::/32
2a0f:7d03::/32
2a10:7100::/29
Signature Algorithm: sha256WithRSAEncryption
a6:67:b6:de:11:c7:f8:e1:c4:c0:11:af:65:c8:4e:4a:51:d3:
64:2e:ee:1f:18:03:44:b7:d3:45:01:31:03:36:91:e1:bc:00:
f4:64:0f:cf:c8:5a:fd:af:b0:5f:66:14:c6:7a:02:83:5a:cc:
2e:08:3c:04:c1:83:6e:9f:41:ba:38:0f:be:1f:dc:48:26:c0:
8c:6c:cf:7d:58:8f:9b:37:91:2b:31:44:9f:55:6e:cb:6c:5f:
7f:1f:3d:62:6b:39:6a:ef:18:63:70:7c:80:4a:4a:60:5d:73:
2b:ea:36:91:bb:04:2e:cd:f3:9e:f6:fb:2f:b7:98:91:12:e4:
09:fb:10:df:d8:bb:f5:43:ce:9b:65:bb:ac:83:52:87:21:89:
cd:ea:40:fa:37:4e:4c:14:6e:c2:03:6e:a4:4b:9c:84:54:dd:
d2:8c:a4:7a:d4:7b:42:21:70:ab:97:5d:28:a9:84:35:47:bd:
eb:1f:c5:9f:c5:de:52:26:be:5d:5f:82:21:e6:92:25:aa:e9:
bc:05:28:a9:51:52:9f:c2:9a:04:cc:ba:7e:4f:bb:c1:ed:ad:
1c:f9:5f:18:db:c1:8f:52:5e:20:36:64:38:63:00:91:30:b4:
28:cf:6e:6a:56:8c:d9:97:5a:8a:ca:a8:49:7e:af:ba:06:dd:
50:f9:22:c8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZz8D0TD+mur5g8woEV7V885MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzE3MTM0OTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmRiNDg4YWMxYjM2MTU0YTkyNDRhZTkzYjY4YjczM2Y5ZmEwOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuUrt3NCyeuqJtdsFzHqCWbnqTsi
glV62/ClUYPxJgrtevYbYYhIBJkwMdFEsebIMd32rHRvAphQJpK43inc0uLLBeta
3D7GgjzcMYnzxP08Vg0xwn739CKAQlwOlHOhY4Q/rou03k8QKtUtwGZ9kkT6aH1q
Sdv7irdejtpzPyN+PWFRZDumlnaSvUx5MUN/0Yoh7udNU86siSokBgsNiEzPCNx/
wgMGx7wu/I6+0RHerRfc/ZFBfg+tY2jUT6iQsYpBZQJjAuq9DmKkPFum/HUosT1S
IhIBquBVtg67V2wODeyxwORHFDrKR2/kYHfzVyfCkPW57YcB0LlB4pvIRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK/bSIrBs2FUqSRK6TtotzP5+gnvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcjl0SWlzR3pZVlNwSkVycE8yaTNNX242Q2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgotAQMF
ACoPfQMDBQMqEHEAMA0GCSqGSIb3DQEBCwUAA4IBAQCmZ7beEcf44cTAEa9lyE5K
UdNkLu4fGANEt9NFATEDNpHhvAD0ZA/PyFr9r7BfZhTGegKDWswuCDwEwYNun0G6
OA++H9xIJsCMbM99WI+bN5ErMUSfVW7LbF9/Hz1iazlq7xhjcHyASkpgXXMr6jaR
uwQuzfOe9vsvt5iREuQJ+xDf2Lv1Q86bZbusg1KHIYnN6kD6N05MFG7CA26kS5yE
VN3SjKR61HtCIXCrl10oqYQ1R73rH8Wfxd5SJr5dX4Ih5pIlqum8BSipUVKfwpoE
zLp+T7vB7a0c+V8Y28GPUl4gNmQ4YwCRMLQoz25qVozZl1qKyqhJfq+6Bt1Q+SLI
-----END CERTIFICATE-----
Generated at Sat Mar 28 08:40:40 2026 by rpki-client