Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/MxYZYTITOv-aMWxL2s_c5yJOZMU.roa
File: MxYZYTITOv-aMWxL2s_c5yJOZMU.roa (raw, json)
Hash identifier: Bp8QAsKV65k4E7l/+TkS3GWPYHQh9oZJwwoU9GfjgAE=
Subject key identifier: 33:16:19:61:32:13:3A:FF:9A:31:6C:4B:DA:CF:DC:E7:22:4E:64:C5
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019D8861702E72277AAA61B7D34DDBB2EE0E
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/MxYZYTITOv-aMWxL2s_c5yJOZMU.roa
Signing time: Mon 13 Apr 2026 19:46:20 +0000
ROA not before: Mon 13 Apr 2026 19:46:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63023
IP address blocks: 138.249.133.0/24 maxlen: 24
138.249.138.0/24 maxlen: 24
170.168.61.0/24 maxlen: 24
170.168.89.0/24 maxlen: 24
170.168.90.0/24 maxlen: 24
170.168.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Apr 2026 19:47:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:88:61:70:2e:72:27:7a:aa:61:b7:d3:4d:db:b2:ee:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Apr 13 19:46:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3316196132133aff9a316c4bdacfdce7224e64c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:36:18:3b:0b:6c:65:47:cf:ee:fd:60:3d:5c:
e2:6c:00:40:1c:57:36:9c:a8:2b:e8:c1:08:ff:f6:
1d:a3:24:89:ee:ab:ed:94:9b:65:d4:b2:54:aa:f0:
bc:2a:73:74:a9:9b:0f:ad:67:24:fc:da:08:54:e2:
52:63:59:b8:bd:4e:0b:2e:08:45:16:a3:71:9e:41:
ac:38:55:d8:1f:a7:16:1a:19:0c:0c:f2:80:e2:b7:
88:d0:c8:a8:ce:8b:90:18:17:17:d2:54:d3:ac:fe:
59:f2:42:0f:fa:e2:81:93:3f:6a:3e:f5:37:d7:45:
fd:75:07:a5:29:49:e6:a7:1d:90:0a:5d:b0:33:24:
67:f5:91:a2:d0:07:16:c1:68:84:f1:7b:fa:58:ed:
7a:ad:96:07:1a:8a:05:f1:7c:31:f0:58:bf:b6:c1:
f4:b0:eb:18:58:64:c1:8c:32:8d:f9:de:99:ef:69:
ed:e6:36:de:77:47:71:6e:50:a1:57:45:c1:e4:6e:
c2:ce:51:03:fd:f9:cd:7d:a2:4e:4c:07:8e:4d:fd:
99:49:7e:5e:e3:87:d9:f0:0a:9f:e7:23:48:c2:49:
b2:72:31:e6:6c:e6:34:52:1c:2a:ae:d2:d5:92:11:
d1:47:4d:f4:22:e5:6d:0e:52:ad:c0:33:5e:ff:0f:
75:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:16:19:61:32:13:3A:FF:9A:31:6C:4B:DA:CF:DC:E7:22:4E:64:C5
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/MxYZYTITOv-aMWxL2s_c5yJOZMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.249.133.0/24
138.249.138.0/24
170.168.61.0/24
170.168.89.0-170.168.90.255
170.168.103.0/24
Signature Algorithm: sha256WithRSAEncryption
41:3f:82:d9:22:1c:53:b8:a1:c2:a8:a7:60:59:eb:a4:0a:85:
9a:bf:06:a4:1e:f1:ef:75:34:83:22:5e:bd:b7:d9:a9:77:ae:
09:b0:47:4f:1b:d1:1d:a7:49:af:1b:16:fb:81:97:e7:18:58:
a7:ed:fc:2b:4e:0a:41:eb:1b:8e:b5:60:91:f0:98:c8:ed:64:
95:98:8c:ea:79:12:02:9f:4e:50:77:7f:ea:7e:dd:00:06:27:
1d:1e:45:45:da:26:8b:ba:5c:52:3d:01:92:61:a9:37:dd:51:
03:a6:53:ad:01:4a:69:f6:81:c6:3b:48:57:0b:db:79:0d:1b:
78:81:cd:a0:c2:85:56:4f:9e:5d:b9:c1:62:db:80:97:95:bd:
8b:4f:f9:e6:a3:29:25:72:1d:2b:54:2a:b1:9f:7e:79:d1:f8:
73:9a:64:2f:7e:a3:de:63:1c:e4:c7:79:60:96:44:db:41:22:
1f:a0:09:59:18:10:ca:59:ee:23:b0:4e:39:40:2b:1d:61:f6:
73:14:27:e7:03:4b:49:b2:ea:2b:94:10:72:af:0e:f8:f5:9b:
93:5e:ef:3c:21:c5:75:06:d4:6f:ad:d0:43:51:33:30:20:bc:
13:b2:d9:e3:f2:51:02:31:67:46:03:d4:0b:f9:68:cd:ce:26:
78:ee:25:58
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ2IYXAucid6qmG3003bsu4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjYwNDEzMTk0NjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzE2MTk2MTMyMTMzYWZmOWEzMTZjNGJkYWNmZGNlNzIyNGU2NGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TYYOwtsZUfP7v1gPVzibABAHFc2
nKgr6MEI//YdoySJ7qvtlJtl1LJUqvC8KnN0qZsPrWck/NoIVOJSY1m4vU4LLghF
FqNxnkGsOFXYH6cWGhkMDPKA4reI0MiozouQGBcX0lTTrP5Z8kIP+uKBkz9qPvU3
10X9dQelKUnmpx2QCl2wMyRn9ZGi0AcWwWiE8Xv6WO16rZYHGooF8Xwx8Fi/tsH0
sOsYWGTBjDKN+d6Z72nt5jbed0dxblChV0XB5G7CzlED/fnNfaJOTAeOTf2ZSX5e
44fZ8Aqf5yNIwkmycjHmbOY0UhwqrtLVkhHRR030IuVtDlKtwDNe/w91bQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDMWGWEyEzr/mjFsS9rP3OciTmTFMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvTXhZWllUSVRPdi1hTVd4TDJzX2M1eUpPWk1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAivmFAwQA
ivmKAwQAqqg9MAwDBACqqFkDBACqqFoDBACqqGcwDQYJKoZIhvcNAQELBQADggEB
AEE/gtkiHFO4ocKop2BZ66QKhZq/BqQe8e91NIMiXr232al3rgmwR08b0R2nSa8b
FvuBl+cYWKft/CtOCkHrG461YJHwmMjtZJWYjOp5EgKfTlB3f+p+3QAGJx0eRUXa
Jou6XFI9AZJhqTfdUQOmU60BSmn2gcY7SFcL23kNG3iBzaDChVZPnl25wWLbgJeV
vYtP+eajKSVyHStUKrGffnnR+HOaZC9+o95jHOTHeWCWRNtBIh+gCVkYEMpZ7iOw
TjlAKx1h9nMUJ+cDS0my6iuUEHKvDvj1m5Ne7zwhxXUG1G+t0ENRMzAgvBOy2ePy
UQIxZ0YD1Av5aM3OJnjuJVg=
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:58:32 2026 by rpki-client