Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/tdJN5TJWVMBL8ZddB9PeNmwjX58.roa
File: tdJN5TJWVMBL8ZddB9PeNmwjX58.roa (raw, json)
Hash identifier: pe88Yh2jShR/cugOe7GRDZUjq21cE6NxB//wzL/G5Eo=
Subject key identifier: B5:D2:4D:E5:32:56:54:C0:4B:F1:97:5D:07:D3:DE:36:6C:23:5F:9F
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019CAE0BB0095BC3310F86274D8CDADD598F
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/tdJN5TJWVMBL8ZddB9PeNmwjX58.roa
Signing time: Mon 02 Mar 2026 10:15:27 +0000
ROA not before: Mon 02 Mar 2026 10:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 81.18.48.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
178.253.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Mar 2026 10:54:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:0b:b0:09:5b:c3:31:0f:86:27:4d:8c:da:dd:59:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 2 10:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b5d24de5325654c04bf1975d07d3de366c235f9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:0a:2b:31:8a:76:2e:ef:a9:6e:2f:c6:4f:37:
0e:a2:0a:b1:fb:0e:37:32:98:74:f6:12:aa:e5:2b:
d4:e3:14:ad:96:ad:e4:f1:0c:81:23:3b:4f:1c:ef:
fd:34:b0:80:dd:54:2e:d9:f1:f4:b9:b9:fe:08:76:
b9:f5:67:f8:52:70:0d:9a:43:35:ef:7d:57:7b:66:
98:26:26:97:d2:67:d8:de:3b:14:50:bb:ec:91:43:
b4:79:46:00:f3:75:7b:d4:5a:d9:87:fb:86:de:8b:
25:54:da:f4:2a:06:88:40:b0:bb:1e:f0:f6:21:88:
74:71:0b:a4:e7:c9:4f:51:5c:8c:f2:07:b0:74:4c:
e0:ad:99:dc:30:a4:4b:c8:d3:45:f4:66:58:a0:dd:
92:a5:9e:21:47:5f:83:5d:d6:e5:78:c2:e1:5e:12:
4f:45:9f:dd:75:03:c7:9f:a9:6f:18:6a:dc:31:d9:
09:bd:62:83:aa:7a:4b:21:93:6d:db:fa:77:4b:9a:
6c:5e:a9:1f:8b:a0:00:84:80:cb:4f:91:d1:fc:7b:
53:c5:7c:63:e1:16:e8:64:42:6f:bc:89:4e:74:f5:
27:a7:9f:93:4b:a5:61:ac:fc:ed:9c:16:1f:12:74:
a8:dc:31:0f:4a:5a:8b:04:5b:c1:b5:47:be:37:84:
c8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D2:4D:E5:32:56:54:C0:4B:F1:97:5D:07:D3:DE:36:6C:23:5F:9F
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/tdJN5TJWVMBL8ZddB9PeNmwjX58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.18.48.0/24
109.121.37.0/24
178.253.229.0/24
Signature Algorithm: sha256WithRSAEncryption
95:9e:94:20:b6:02:d3:56:ec:3c:9a:7a:71:9c:80:f6:3a:95:
dd:5e:ba:b0:b0:7e:7b:7f:60:85:6c:52:95:1a:d5:44:8a:64:
d3:ee:e6:d1:f6:da:65:0f:b0:d6:a8:95:11:90:08:1a:7b:9f:
80:da:03:05:d8:54:a2:50:4d:3b:fe:da:3a:cb:06:0e:80:31:
48:0e:24:98:85:a6:17:d9:14:72:d8:5f:a3:97:46:c8:d6:61:
f6:1e:7d:ad:76:13:f0:9c:ce:ed:28:ab:ea:aa:25:07:70:00:
ff:0f:04:75:cb:0e:99:f7:cf:f3:52:78:05:92:5a:5e:fe:a2:
fd:1d:ac:55:59:ce:78:18:32:b2:87:3c:02:6d:c3:02:51:7b:
8a:32:6e:37:02:80:78:dd:2f:c2:3f:b0:3b:15:0c:e0:2a:63:
58:29:42:42:60:e0:50:fd:53:d4:bb:17:24:9c:ce:8d:95:ac:
83:b6:90:0d:dd:8e:f2:4e:23:d0:6e:16:cb:be:c3:df:bf:06:
cc:2c:45:fe:ac:ce:f4:c1:24:22:28:44:06:7d:07:31:3d:fe:
13:cc:71:c7:d8:f8:ee:4f:e0:80:5b:5b:09:8b:7c:fc:7a:4c:
b3:d8:45:38:a5:f4:35:c3:dc:a6:19:32:3f:32:ad:00:7b:69:
bf:34:9d:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZyuC7AJW8MxD4YnTYza3VmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwMzAyMTAxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQyNGRlNTMyNTY1NGMwNGJmMTk3NWQwN2QzZGUzNjZjMjM1ZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5worMYp2Lu+pbi/GTzcOogqx+w43
Mph09hKq5SvU4xStlq3k8QyBIztPHO/9NLCA3VQu2fH0ubn+CHa59Wf4UnANmkM1
731Xe2aYJiaX0mfY3jsUULvskUO0eUYA83V71FrZh/uG3oslVNr0KgaIQLC7HvD2
IYh0cQuk58lPUVyM8gewdEzgrZncMKRLyNNF9GZYoN2SpZ4hR1+DXdbleMLhXhJP
RZ/ddQPHn6lvGGrcMdkJvWKDqnpLIZNt2/p3S5psXqkfi6AAhIDLT5HR/HtTxXxj
4RboZEJvvIlOdPUnp5+TS6VhrPztnBYfEnSo3DEPSlqLBFvBtUe+N4TIIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLXSTeUyVlTAS/GXXQfT3jZsI1+fMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvdGRKTjVUSldWTUJMOFpkZEI5UGVObXdqWDU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAURIwAwQA
bXklAwQAsv3lMA0GCSqGSIb3DQEBCwUAA4IBAQCVnpQgtgLTVuw8mnpxnID2OpXd
XrqwsH57f2CFbFKVGtVEimTT7ubR9tplD7DWqJURkAgae5+A2gMF2FSiUE07/to6
ywYOgDFIDiSYhaYX2RRy2F+jl0bI1mH2Hn2tdhPwnM7tKKvqqiUHcAD/DwR1yw6Z
98/zUngFklpe/qL9HaxVWc54GDKyhzwCbcMCUXuKMm43AoB43S/CP7A7FQzgKmNY
KUJCYOBQ/VPUuxcknM6NlayDtpAN3Y7yTiPQbhbLvsPfvwbMLEX+rM70wSQiKEQG
fQcxPf4TzHHH2PjuT+CAW1sJi3z8ekyz2EU4pfQ1w9ymGTI/Mq0Ae2m/NJ2t
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:04:04 2026 by rpki-client