Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/gx3YF13OzoqvvZIN624zj3H4NbY.roa
File: gx3YF13OzoqvvZIN624zj3H4NbY.roa (raw, json)
Hash identifier: LKCoYtT7HCICx5KY/uhm/ywpafi0Ga+4LoA+cV1ITEA=
Subject key identifier: 83:1D:D8:17:5D:CE:CE:8A:AF:BD:92:0D:EB:6E:33:8F:71:F8:35:B6
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019CA31A2AE735FA589EABCE5157135CD52E
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/gx3YF13OzoqvvZIN624zj3H4NbY.roa
Signing time: Sat 28 Feb 2026 07:15:26 +0000
ROA not before: Sat 28 Feb 2026 07:15:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 92.62.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Mar 2026 18:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a3:1a:2a:e7:35:fa:58:9e:ab:ce:51:57:13:5c:d5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Feb 28 07:15:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=831dd8175dcece8aafbd920deb6e338f71f835b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:11:c8:3d:d5:5e:dd:b1:4f:13:c1:91:13:39:
50:f7:74:35:fb:b1:f7:db:ff:3c:c4:54:54:31:80:
81:f6:4f:09:96:1a:6f:ff:37:a4:e8:31:30:98:f9:
7d:45:56:4d:ae:97:ee:b9:10:bf:8a:16:dd:f1:81:
0d:cb:12:03:e6:5f:47:8d:1d:5c:e5:c7:c2:16:1d:
d0:36:f6:ad:66:63:9a:68:3f:b8:94:bd:86:35:48:
00:9f:8e:40:d3:69:4f:18:14:28:50:98:32:04:07:
75:d6:1f:6b:57:8d:39:07:27:21:7b:ad:76:dd:aa:
0f:73:ff:55:87:d9:cc:74:05:78:11:4b:9d:20:ea:
57:0c:1b:8c:c8:ec:1a:c0:b6:48:b1:c2:f1:ea:ab:
83:0c:3a:fd:83:fc:c8:66:16:66:f5:e7:42:61:35:
53:40:e4:4a:25:97:51:de:3b:4a:0d:de:c1:6f:22:
d7:87:d0:d3:6b:07:10:b1:14:03:62:58:7e:31:69:
10:7b:a5:d6:26:d0:94:a8:79:04:da:b8:9f:92:59:
68:69:85:bc:82:f4:aa:b2:05:33:e7:8a:f9:a1:03:
dd:c1:47:6f:c4:cc:15:3f:d3:6c:61:43:81:db:d8:
7a:14:33:04:a8:37:03:01:ea:72:e7:fc:5a:97:1e:
06:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1D:D8:17:5D:CE:CE:8A:AF:BD:92:0D:EB:6E:33:8F:71:F8:35:B6
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/gx3YF13OzoqvvZIN624zj3H4NbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.62.246.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ca:5f:17:bb:7f:04:a2:c9:0d:42:99:b5:ef:b9:d3:46:11:
12:fd:28:bf:78:f2:77:3a:7c:dd:c3:5f:79:50:68:ad:7c:92:
d8:89:8b:29:3d:fe:9d:83:6d:3c:af:fc:7f:88:98:49:70:7e:
48:b0:9b:be:12:f1:77:f2:6b:73:23:04:e3:11:8e:56:2a:18:
90:ef:2c:ce:aa:1d:e0:c4:9e:da:fb:c4:e5:47:36:88:b1:a2:
2a:ca:79:0f:49:7f:72:66:91:69:d0:7c:b1:ab:51:47:16:b9:
2f:d2:66:15:20:d3:f2:11:d4:1e:c7:d5:ee:66:5c:e4:be:e0:
c5:23:bd:a6:34:72:3a:10:56:95:f2:c2:cb:15:39:c3:94:ec:
5c:ef:0e:ac:8d:4c:90:14:f7:b2:ac:c3:4c:6b:ff:fb:75:b5:
db:1a:92:9f:36:b3:43:f1:57:b1:ed:7a:1e:83:1b:99:d5:1d:
1f:fb:b9:ce:3f:ff:16:08:91:48:55:ae:8a:ef:49:c3:87:12:
1d:1f:04:d3:0a:7e:60:a5:d3:72:72:f6:43:b8:c8:6d:46:cf:
b1:96:49:7c:ac:e0:38:62:10:2f:57:4c:9a:09:4b:57:e7:44:
f4:91:50:a4:88:3c:d4:82:50:65:8b:c2:32:af:6d:83:da:96:
69:34:8a:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyjGirnNfpYnqvOUVcTXNUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjYwMjI4MDcxNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFkZDgxNzVkY2VjZThhYWZiZDkyMGRlYjZlMzM4ZjcxZjgzNWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBHIPdVe3bFPE8GREzlQ93Q1+7H3
2/88xFRUMYCB9k8Jlhpv/zek6DEwmPl9RVZNrpfuuRC/ihbd8YENyxID5l9HjR1c
5cfCFh3QNvatZmOaaD+4lL2GNUgAn45A02lPGBQoUJgyBAd11h9rV405Byche612
3aoPc/9Vh9nMdAV4EUudIOpXDBuMyOwawLZIscLx6quDDDr9g/zIZhZm9edCYTVT
QORKJZdR3jtKDd7BbyLXh9DTawcQsRQDYlh+MWkQe6XWJtCUqHkE2rifklloaYW8
gvSqsgUz54r5oQPdwUdvxMwVP9NsYUOB29h6FDMEqDcDAepy5/xalx4GrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIMd2Bddzs6Kr72SDetuM49x+DW2MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvZ3gzWUYxM096b3F2dlpJTjYyNHpqM0g0TmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXD72MA0G
CSqGSIb3DQEBCwUAA4IBAQAkyl8Xu38EoskNQpm177nTRhES/Si/ePJ3Onzdw195
UGitfJLYiYspPf6dg208r/x/iJhJcH5IsJu+EvF38mtzIwTjEY5WKhiQ7yzOqh3g
xJ7a+8TlRzaIsaIqynkPSX9yZpFp0Hyxq1FHFrkv0mYVINPyEdQex9XuZlzkvuDF
I72mNHI6EFaV8sLLFTnDlOxc7w6sjUyQFPeyrMNMa//7dbXbGpKfNrND8Vex7Xoe
gxuZ1R0f+7nOP/8WCJFIVa6K70nDhxIdHwTTCn5gpdNycvZDuMhtRs+xlkl8rOA4
YhAvV0yaCUtX50T0kVCkiDzUglBli8Iyr22D2pZpNIrj
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:19:31 2026 by rpki-client