Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/89e2b5-a1bf-4839-b536-e4456f57d482/1/wWYyuMRRtB1JlZHdfPjtEI8yhz0.roa
File: wWYyuMRRtB1JlZHdfPjtEI8yhz0.roa (raw, json)
Hash identifier: Nj5YCqkyd+cx8bNe0VTgGEs2JOE9a9obLQEojAdw11c=
Subject key identifier: C1:66:32:B8:C4:51:B4:1D:49:95:91:DD:7C:F8:ED:10:8F:32:87:3D
Certificate issuer: /CN=ff2e1672463b7f15f12b22f8b96704b04a5dbe95
Certificate serial: 019CAF202BC9C8B0FB84E8749743CBA15761
Authority key identifier: FF:2E:16:72:46:3B:7F:15:F1:2B:22:F8:B9:67:04:B0:4A:5D:BE:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_y4WckY7fxXxKyL4uWcEsEpdvpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/89e2b5-a1bf-4839-b536-e4456f57d482/1/wWYyuMRRtB1JlZHdfPjtEI8yhz0.roa
Signing time: Mon 02 Mar 2026 15:17:26 +0000
ROA not before: Mon 02 Mar 2026 15:17:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203979
IP address blocks: 131.222.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Mar 2026 18:58:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:20:2b:c9:c8:b0:fb:84:e8:74:97:43:cb:a1:57:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff2e1672463b7f15f12b22f8b96704b04a5dbe95
Validity
Not Before: Mar 2 15:17:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c16632b8c451b41d499591dd7cf8ed108f32873d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:df:66:f8:f3:1c:bd:d1:25:72:86:a8:0d:8e:
e4:ab:33:a2:df:ec:65:ae:36:53:03:2c:e6:74:d8:
45:88:e7:18:f4:ae:70:c0:ce:ae:7d:05:b1:a3:e7:
7d:9e:14:88:51:35:52:5b:91:6f:b4:f4:2c:cc:64:
12:3f:48:84:98:c2:83:a7:4c:b0:da:18:71:22:f3:
f5:ce:25:d7:87:d7:b8:8e:00:66:16:71:fe:58:d7:
57:90:7e:11:37:83:94:f5:45:87:a7:89:01:7c:d7:
f7:12:ce:14:6d:ce:e7:3a:f9:7e:c4:0f:b8:4d:04:
3e:39:5d:e3:2e:e1:75:2e:20:a9:84:aa:20:76:59:
00:ea:3d:8c:3e:af:17:f4:5c:b4:eb:a4:b2:fb:d8:
a3:52:eb:d0:4b:e6:2c:e2:e9:d6:ab:ad:52:d2:35:
44:ae:82:55:be:57:65:f1:cd:fe:57:3f:4d:d9:69:
10:83:ed:3f:00:65:27:a3:5b:d3:4a:32:74:46:6d:
a4:6b:fd:af:05:3d:2a:b0:61:a8:1b:76:73:77:da:
e0:8e:d6:76:45:fe:7a:ac:16:1f:38:14:b7:e9:f9:
88:d9:bb:1f:6b:25:87:90:8e:1f:4d:48:4d:54:23:
d1:d6:ea:2f:63:f4:35:39:e5:8e:34:39:31:e1:4f:
31:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:66:32:B8:C4:51:B4:1D:49:95:91:DD:7C:F8:ED:10:8F:32:87:3D
X509v3 Authority Key Identifier:
keyid:FF:2E:16:72:46:3B:7F:15:F1:2B:22:F8:B9:67:04:B0:4A:5D:BE:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_y4WckY7fxXxKyL4uWcEsEpdvpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/89e2b5-a1bf-4839-b536-e4456f57d482/1/wWYyuMRRtB1JlZHdfPjtEI8yhz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/89e2b5-a1bf-4839-b536-e4456f57d482/1/_y4WckY7fxXxKyL4uWcEsEpdvpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.222.128.0/24
Signature Algorithm: sha256WithRSAEncryption
10:10:b3:1d:7d:e9:c3:49:e6:2d:dd:6f:13:c8:4c:f6:58:aa:
ab:fa:35:ec:98:03:ef:d3:65:98:57:20:19:55:a8:c5:8c:91:
0c:ef:cc:09:8c:b8:3a:9b:f2:f8:5c:31:1e:11:74:5a:d3:61:
92:d6:37:a4:66:ac:83:e0:55:2f:92:64:da:07:82:2f:2f:4b:
2c:1d:86:05:8a:75:d2:60:e6:7e:c9:85:59:a6:fc:d4:69:f7:
cd:ee:b2:72:12:da:d5:6d:71:30:17:a8:dd:45:9f:c7:b2:0a:
c6:c2:98:59:51:42:3b:1b:4f:0a:73:50:4e:94:e0:d4:c7:2a:
b6:ff:72:37:56:d3:2e:6f:51:76:fe:7f:8f:00:84:14:32:27:
1d:93:99:bd:37:4f:99:a0:b7:13:26:5c:07:32:7e:03:15:df:
47:2f:30:17:b8:0b:b1:ed:21:56:38:19:67:e0:59:02:dd:0c:
d4:27:be:e6:77:d7:76:84:5f:18:cf:92:3c:e3:2c:48:97:80:
3c:54:06:9f:e8:55:76:94:f7:1c:ee:23:44:85:e9:ff:87:89:
1b:0d:12:6a:0b:1e:39:e6:b0:49:f0:51:a8:e6:a9:93:fb:d8:
e5:68:67:bd:22:b6:65:45:93:49:15:bd:45:28:7e:71:1f:53:
67:96:96:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyvICvJyLD7hOh0l0PLoVdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmUxNjcyNDYzYjdmMTVmMTJiMjJmOGI5NjcwNGIwNGE1
ZGJlOTUwHhcNMjYwMzAyMTUxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTY2MzJiOGM0NTFiNDFkNDk5NTkxZGQ3Y2Y4ZWQxMDhmMzI4NzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN9m+PMcvdElcoaoDY7kqzOi3+xl
rjZTAyzmdNhFiOcY9K5wwM6ufQWxo+d9nhSIUTVSW5FvtPQszGQSP0iEmMKDp0yw
2hhxIvP1ziXXh9e4jgBmFnH+WNdXkH4RN4OU9UWHp4kBfNf3Es4Ubc7nOvl+xA+4
TQQ+OV3jLuF1LiCphKogdlkA6j2MPq8X9Fy066Sy+9ijUuvQS+Ys4unWq61S0jVE
roJVvldl8c3+Vz9N2WkQg+0/AGUno1vTSjJ0Rm2ka/2vBT0qsGGoG3Zzd9rgjtZ2
Rf56rBYfOBS36fmI2bsfayWHkI4fTUhNVCPR1uovY/Q1OeWONDkx4U8xBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFmMrjEUbQdSZWR3Xz47RCPMoc9MB8GA1UdIwQY
MBaAFP8uFnJGO38V8Ssi+LlnBLBKXb6VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3k0V2NrWTdmeFh4S3lMNHVXY0VzRXBkdnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny84OWUyYjUtYTFiZi00ODM5LWI1MzYt
ZTQ0NTZmNTdkNDgyLzEvd1dZeXVNUlJ0QjFKbFpIZGZQanRFSTh5aHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny84OWUyYjUtYTFiZi00ODM5LWI1MzYtZTQ0NTZmNTdkNDgy
LzEvX3k0V2NrWTdmeFh4S3lMNHVXY0VzRXBkdnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAg96AMA0G
CSqGSIb3DQEBCwUAA4IBAQAQELMdfenDSeYt3W8TyEz2WKqr+jXsmAPv02WYVyAZ
VajFjJEM78wJjLg6m/L4XDEeEXRa02GS1jekZqyD4FUvkmTaB4IvL0ssHYYFinXS
YOZ+yYVZpvzUaffN7rJyEtrVbXEwF6jdRZ/HsgrGwphZUUI7G08Kc1BOlODUxyq2
/3I3VtMub1F2/n+PAIQUMicdk5m9N0+ZoLcTJlwHMn4DFd9HLzAXuAux7SFWOBln
4FkC3QzUJ77md9d2hF8Yz5I84yxIl4A8VAaf6FV2lPcc7iNEhen/h4kbDRJqCx45
5rBJ8FGo5qmT+9jlaGe9IrZlRZNJFb1FKH5xH1Nnlpau
-----END CERTIFICATE-----
Generated at Mon Mar 2 22:16:09 2026 by rpki-client