Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/mbIkGihwjuboGIVKC0tZ7oHHPhc.roa
File: mbIkGihwjuboGIVKC0tZ7oHHPhc.roa (raw, json)
Hash identifier: 1Cu0ESEYvBPrRtfmCpvpIDVTZSIKogHdIvPnCiwhpZo=
Subject key identifier: 99:B2:24:1A:28:70:8E:E6:E8:18:85:4A:0B:4B:59:EE:81:C7:3E:17
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 019D92A5EA2A408F87A4C072EDAE07392AF6
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/mbIkGihwjuboGIVKC0tZ7oHHPhc.roa
Signing time: Wed 15 Apr 2026 19:37:20 +0000
ROA not before: Wed 15 Apr 2026 19:37:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44547
IP address blocks: 131.222.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Apr 2026 08:14:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:92:a5:ea:2a:40:8f:87:a4:c0:72:ed:ae:07:39:2a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Apr 15 19:37:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=99b2241a28708ee6e818854a0b4b59ee81c73e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cf:d7:63:10:ba:95:da:95:7e:d6:db:9c:72:
28:a2:4f:bd:dc:dc:1b:3e:f1:42:6c:e6:49:c4:96:
02:d6:8b:06:01:f5:7b:a2:ca:f2:82:60:a1:09:ea:
c1:aa:e9:14:31:d3:41:9a:94:28:21:01:42:b4:27:
99:06:58:72:c3:73:34:b6:7e:7b:8f:fc:aa:75:04:
0a:a4:9d:df:b4:c7:f1:9f:55:a8:e1:0c:8b:a9:c7:
5c:e7:0c:af:40:0b:cc:33:31:4c:27:e3:3b:40:06:
32:8e:bd:41:8a:26:bc:61:09:2f:7f:ad:05:33:51:
5a:b1:ed:49:ac:2b:91:27:d1:91:0d:40:68:88:27:
88:04:1a:d7:b7:a4:08:30:82:1d:7f:38:e0:cf:9b:
96:58:7e:a6:41:cd:e0:55:4f:7e:a8:96:a0:f5:de:
f1:b3:84:32:0b:65:75:62:a2:0a:04:10:7d:f0:1b:
40:d7:0a:9e:bb:dd:5c:fd:30:63:a9:1a:4e:63:38:
09:e3:81:b4:0a:65:5c:39:e0:70:19:f8:cd:88:6f:
3d:52:1b:77:e0:53:16:c2:ba:ba:a0:df:9c:2d:98:
df:06:2c:82:ed:e2:e4:9f:6c:59:01:8e:65:38:50:
bc:b7:51:6f:bf:c3:10:63:df:d9:d5:5b:6d:72:ed:
26:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B2:24:1A:28:70:8E:E6:E8:18:85:4A:0B:4B:59:EE:81:C7:3E:17
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/mbIkGihwjuboGIVKC0tZ7oHHPhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.222.225.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:d3:96:10:e9:fe:cc:41:c7:3f:f0:3d:fc:4a:ea:bc:c8:b1:
3f:db:a2:e3:45:b1:94:18:29:74:a0:3f:f7:93:aa:ac:6a:87:
0b:48:62:cb:8a:7a:20:5d:e8:83:0d:00:8f:3d:2c:23:5f:68:
9e:e0:30:5e:51:5f:2d:0d:e9:d0:b1:bd:5c:ec:ec:16:bb:ac:
ce:71:9e:45:43:70:9a:e9:2c:96:8a:58:8f:36:84:89:3d:d4:
f7:6b:a8:a1:8c:4c:47:c1:1d:6e:c0:d9:df:12:d9:5e:cf:42:
26:ce:57:9f:48:ff:24:15:1e:19:75:7d:c3:2f:59:fd:60:3e:
70:36:17:5f:1c:5c:01:e9:8b:e4:ad:92:b8:14:d1:6e:6e:c3:
a0:9d:fa:2e:fb:6f:6f:3f:bd:3a:dd:66:c1:8a:4e:47:70:0d:
59:98:a9:75:66:a2:af:b0:91:b1:15:a5:d2:2d:05:17:25:15:
94:3c:bb:7e:c1:72:89:11:74:1a:30:88:0f:11:a5:73:55:cd:
47:46:59:36:df:19:59:ac:bc:0b:72:d0:1d:48:63:32:85:bc:
9b:2d:af:1d:21:28:39:5c:51:f8:f3:9c:ed:ec:e2:8d:c6:b4:
16:ee:ab:6d:00:50:5b:e8:79:50:a3:50:a6:2d:ae:44:6f:21:
1b:b6:13:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2SpeoqQI+HpMBy7a4HOSr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjYwNDE1MTkzNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWIyMjQxYTI4NzA4ZWU2ZTgxODg1NGEwYjRiNTllZTgxYzczZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8/XYxC6ldqVftbbnHIook+93Nwb
PvFCbOZJxJYC1osGAfV7osrygmChCerBqukUMdNBmpQoIQFCtCeZBlhyw3M0tn57
j/yqdQQKpJ3ftMfxn1Wo4QyLqcdc5wyvQAvMMzFMJ+M7QAYyjr1Biia8YQkvf60F
M1Fase1JrCuRJ9GRDUBoiCeIBBrXt6QIMIIdfzjgz5uWWH6mQc3gVU9+qJag9d7x
s4QyC2V1YqIKBBB98BtA1wqeu91c/TBjqRpOYzgJ44G0CmVcOeBwGfjNiG89Uht3
4FMWwrq6oN+cLZjfBiyC7eLkn2xZAY5lOFC8t1Fvv8MQY9/Z1Vttcu0mqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmyJBoocI7m6BiFSgtLWe6Bxz4XMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvbWJJa0dpaHdqdWJvR0lWS0MwdFo3b0hIUGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAg97hMA0G
CSqGSIb3DQEBCwUAA4IBAQCl05YQ6f7MQcc/8D38Suq8yLE/26LjRbGUGCl0oD/3
k6qsaocLSGLLinogXeiDDQCPPSwjX2ie4DBeUV8tDenQsb1c7OwWu6zOcZ5FQ3Ca
6SyWiliPNoSJPdT3a6ihjExHwR1uwNnfEtlez0ImzlefSP8kFR4ZdX3DL1n9YD5w
NhdfHFwB6YvkrZK4FNFubsOgnfou+29vP7063WbBik5HcA1ZmKl1ZqKvsJGxFaXS
LQUXJRWUPLt+wXKJEXQaMIgPEaVzVc1HRlk23xlZrLwLctAdSGMyhbybLa8dISg5
XFH485zt7OKNxrQW7qttAFBb6HlQo1CmLa5EbyEbthMA
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:53:28 2026 by rpki-client