Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/jrR40xrWDbML2tnhE4CJpcr2oyo.roa
File: jrR40xrWDbML2tnhE4CJpcr2oyo.roa (raw, json)
Hash identifier: LvdJXgIbXnB2zE9OTRY63XfKE767GGEFZwghaS9HdsM=
Subject key identifier: 8E:B4:78:D3:1A:D6:0D:B3:0B:DA:D9:E1:13:80:89:A5:CA:F6:A3:2A
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019D289926A519435A2E2CBB4A062973CE33
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/jrR40xrWDbML2tnhE4CJpcr2oyo.roa
Signing time: Thu 26 Mar 2026 05:23:38 +0000
ROA not before: Thu 26 Mar 2026 05:23:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19793
IP address blocks: 91.92.35.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Mar 2026 09:32:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:99:26:a5:19:43:5a:2e:2c:bb:4a:06:29:73:ce:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Mar 26 05:23:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8eb478d31ad60db30bdad9e1138089a5caf6a32a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:aa:5c:2e:67:ea:0e:b1:ac:b8:ce:f2:54:41:
7d:d9:d9:16:5c:0c:95:f9:54:36:7a:85:ed:16:88:
55:50:36:21:c5:2d:dc:cb:a0:b8:45:93:74:1c:fc:
7a:3f:42:aa:c7:b5:bc:94:8a:49:cf:d0:1c:0c:75:
76:58:7f:24:f7:8c:51:0f:45:fa:3b:03:a7:88:96:
1e:53:d4:4c:58:58:b0:83:0e:07:0f:8f:d9:4d:ca:
f8:a4:4f:d4:64:f2:86:56:d1:f9:4c:93:f3:c6:4e:
b5:8c:93:c1:ba:aa:86:fa:5f:68:82:f9:b8:a1:06:
84:3e:4a:ce:eb:0a:57:f3:0a:65:ee:cd:07:9e:2e:
ee:b2:ca:22:f9:ef:f8:2d:77:09:94:29:c1:c9:54:
2b:cf:22:52:de:34:62:b4:e7:10:ce:c6:5f:00:09:
73:06:d6:e8:97:1c:e2:c1:a0:86:0d:a7:b7:61:48:
80:e3:a1:1d:d8:76:de:07:94:28:11:47:3d:96:ee:
b6:03:44:49:72:33:84:f6:12:d1:9a:ab:07:e1:52:
4b:e9:b0:5a:f3:ae:ef:2c:68:e3:d1:9d:78:3f:5b:
57:f9:4c:3c:0f:40:61:c4:56:a2:16:43:52:81:14:
9a:ef:fc:3e:3e:bf:70:04:cf:39:1c:20:65:d8:89:
70:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B4:78:D3:1A:D6:0D:B3:0B:DA:D9:E1:13:80:89:A5:CA:F6:A3:2A
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/jrR40xrWDbML2tnhE4CJpcr2oyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.35.0/24
93.152.230.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:f3:ad:ab:63:47:20:ad:43:44:79:44:cf:a8:dd:64:1e:fd:
a0:8d:18:84:85:03:8b:1b:b1:3a:db:a3:c1:8f:1e:3d:ba:e5:
5f:40:63:cb:0e:df:e8:cc:48:73:07:d2:2e:51:a2:41:8f:ae:
03:ab:af:58:69:a0:fb:93:56:8b:a2:2b:5e:fc:c2:d4:13:97:
b8:9d:ce:85:fa:bc:3b:82:f8:35:5b:b4:df:8b:a5:a2:af:92:
68:c1:a8:24:83:b4:72:f8:26:d1:54:66:fb:e6:64:c1:67:54:
ca:92:cf:bc:31:15:87:35:99:a9:c4:57:b2:b0:47:99:1e:85:
61:e5:b5:6e:3b:8d:48:27:bc:9f:74:4f:59:c0:0d:8a:aa:8f:
f1:b7:4d:8c:14:f9:07:62:28:3b:18:c4:3e:75:3b:82:34:d5:
ec:7c:2d:c5:39:07:8a:28:c0:19:53:dd:0a:b5:59:10:63:f4:
6e:91:f9:af:fc:6b:0f:a7:34:f3:fa:ec:be:8f:b0:d6:33:5d:
2a:90:78:a2:ac:13:6e:fa:e4:06:ee:33:d4:0c:22:7c:f6:de:
ea:46:89:6a:1f:89:22:9c:c6:57:46:b5:0d:08:19:e1:64:4a:
cc:cb:89:a8:46:ae:a2:3a:14:88:30:a4:b4:36:aa:cd:02:be:
3b:39:2a:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0omSalGUNaLiy7SgYpc84zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjYwMzI2MDUyMzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWI0NzhkMzFhZDYwZGIzMGJkYWQ5ZTExMzgwODlhNWNhZjZhMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6pcLmfqDrGsuM7yVEF92dkWXAyV
+VQ2eoXtFohVUDYhxS3cy6C4RZN0HPx6P0Kqx7W8lIpJz9AcDHV2WH8k94xRD0X6
OwOniJYeU9RMWFiwgw4HD4/ZTcr4pE/UZPKGVtH5TJPzxk61jJPBuqqG+l9ogvm4
oQaEPkrO6wpX8wpl7s0Hni7ussoi+e/4LXcJlCnByVQrzyJS3jRitOcQzsZfAAlz
BtbolxziwaCGDae3YUiA46Ed2HbeB5QoEUc9lu62A0RJcjOE9hLRmqsH4VJL6bBa
867vLGjj0Z14P1tX+Uw8D0BhxFaiFkNSgRSa7/w+Pr9wBM85HCBl2Ilw2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI60eNMa1g2zC9rZ4ROAiaXK9qMqMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvanJSNDB4cldEYk1MMnRuaEU0Q0pwY3Iyb3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW1wjAwQA
XZjmMA0GCSqGSIb3DQEBCwUAA4IBAQC1862rY0cgrUNEeUTPqN1kHv2gjRiEhQOL
G7E626PBjx49uuVfQGPLDt/ozEhzB9IuUaJBj64Dq69YaaD7k1aLoite/MLUE5e4
nc6F+rw7gvg1W7Tfi6Wir5Jowagkg7Ry+CbRVGb75mTBZ1TKks+8MRWHNZmpxFey
sEeZHoVh5bVuO41IJ7yfdE9ZwA2Kqo/xt02MFPkHYig7GMQ+dTuCNNXsfC3FOQeK
KMAZU90KtVkQY/Rukfmv/GsPpzTz+uy+j7DWM10qkHiirBNu+uQG7jPUDCJ89t7q
RolqH4kinMZXRrUNCBnhZErMy4moRq6iOhSIMKS0NqrNAr47OSo9
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:40:47 2026 by rpki-client