Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/GskMIaZXDi1CEyxOa5XVTlmmHfA.roa
File: GskMIaZXDi1CEyxOa5XVTlmmHfA.roa (raw, json)
Hash identifier: 2lrrm/d3Qds5DKkhYDFrz7y98zAfGjcRuu6EN7qoYBw=
Subject key identifier: 1A:C9:0C:21:A6:57:0E:2D:42:13:2C:4E:6B:95:D5:4E:59:A6:1D:F0
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019E92B75A189005A2F761F808F5312E1F70
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/GskMIaZXDi1CEyxOa5XVTlmmHfA.roa
Signing time: Thu 04 Jun 2026 12:59:10 +0000
ROA not before: Thu 04 Jun 2026 12:59:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63023
IP address blocks: 2001:3080::/29 maxlen: 29
2001:3180::/29 maxlen: 29
2a10:6c40::/29 maxlen: 32
2a10:9600::/29 maxlen: 29
2a14:6ac0::/29 maxlen: 29
2a14:6bc6::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 13 Jun 2026 19:22:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:92:b7:5a:18:90:05:a2:f7:61:f8:08:f5:31:2e:1f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jun 4 12:59:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1ac90c21a6570e2d42132c4e6b95d54e59a61df0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3f:df:6d:24:9a:ae:82:85:3b:f5:32:d4:a4:
78:b8:f4:b9:d2:93:14:b5:19:82:6f:15:72:bb:f4:
d3:2c:28:7f:a4:3e:9e:58:81:4e:7e:9c:b4:da:25:
82:35:fe:d2:67:7c:43:e3:1c:c0:2d:5c:80:6b:fd:
d4:a0:2e:f3:2c:47:37:65:52:e4:d7:a8:70:94:ce:
53:ed:a9:91:94:4c:3a:b7:2a:f6:eb:1a:24:d4:e5:
9f:66:2f:48:41:53:a4:60:91:7a:eb:77:35:1d:eb:
13:46:4d:3f:71:40:1e:72:fc:79:2a:52:80:44:9b:
16:c9:9a:d3:ff:7e:42:ec:01:db:60:56:47:f4:c1:
28:59:e8:53:2b:d8:d3:21:45:2d:d3:7b:4d:c5:54:
5e:bb:ff:23:04:e9:0d:6a:35:68:77:c9:c4:96:d5:
8d:fd:a8:63:b5:8b:94:18:7f:7c:d6:5c:e6:28:4b:
bf:86:38:4a:2e:4d:a0:02:f4:0d:36:36:e4:e4:c5:
dc:2b:cc:fa:82:ab:db:a9:7e:cb:a5:59:d7:4e:a8:
d0:a8:f3:b0:e9:81:03:13:a8:75:de:f1:1b:b6:3f:
f8:d8:4c:23:7c:38:b2:7b:2b:4d:c1:19:f2:bf:64:
61:a3:3b:5d:06:95:be:cc:f3:6e:01:2b:6b:41:e1:
3a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C9:0C:21:A6:57:0E:2D:42:13:2C:4E:6B:95:D5:4E:59:A6:1D:F0
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/GskMIaZXDi1CEyxOa5XVTlmmHfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3080::/29
2001:3180::/29
2a10:6c40::/29
2a10:9600::/29
2a14:6ac0::/29
2a14:6bc6::/32
Signature Algorithm: sha256WithRSAEncryption
71:e4:66:5b:39:5f:60:6c:38:76:37:0b:bf:43:b1:35:b1:44:
bb:91:9f:39:a4:27:1b:b7:98:ba:c4:7f:c5:92:a7:01:17:53:
d2:26:fc:5c:8c:6c:17:df:01:fa:32:4e:05:2e:6e:fb:4a:e9:
95:db:3c:c3:04:e9:b8:a5:d2:8b:ec:48:ef:69:99:95:74:f2:
c6:ab:94:9d:03:fb:d2:f3:bc:3f:c8:58:16:f0:06:0e:c5:4e:
3d:6d:55:77:72:12:31:a8:91:6b:80:01:41:ab:6d:a6:d9:ef:
ca:d4:76:ff:53:fe:dc:4c:e0:e9:0a:6a:9b:56:27:7e:ba:ca:
b6:c0:35:32:77:3e:76:58:5b:a1:03:a5:99:25:0c:2e:e6:0f:
0b:3e:c3:3e:69:f1:63:90:f9:df:e5:82:dd:8f:a8:50:ec:fa:
0c:04:38:7f:b1:d2:4f:e1:1e:d4:c7:1d:b6:e0:86:40:54:71:
c6:47:fd:82:5f:49:87:bc:9b:6f:6f:c7:4a:45:e6:b5:17:30:
d0:07:61:5a:76:fd:c4:e6:35:b8:a4:11:4b:3a:51:14:34:ce:
6c:9d:03:db:c2:78:c2:be:54:f8:c6:07:07:c7:92:d5:b6:37:
12:84:5b:e5:87:96:98:73:ef:f6:fa:fa:85:27:af:c0:f1:3d:
ab:03:73:fa
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ6St1oYkAWi92H4CPUxLh9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjYwNjA0MTI1OTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWM5MGMyMWE2NTcwZTJkNDIxMzJjNGU2Yjk1ZDU0ZTU5YTYxZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyz/fbSSaroKFO/Uy1KR4uPS50pMU
tRmCbxVyu/TTLCh/pD6eWIFOfpy02iWCNf7SZ3xD4xzALVyAa/3UoC7zLEc3ZVLk
16hwlM5T7amRlEw6tyr26xok1OWfZi9IQVOkYJF663c1HesTRk0/cUAecvx5KlKA
RJsWyZrT/35C7AHbYFZH9MEoWehTK9jTIUUt03tNxVReu/8jBOkNajVod8nEltWN
/ahjtYuUGH981lzmKEu/hjhKLk2gAvQNNjbk5MXcK8z6gqvbqX7LpVnXTqjQqPOw
6YEDE6h13vEbtj/42EwjfDiyeytNwRnyv2RhoztdBpW+zPNuAStrQeE6VQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBrJDCGmVw4tQhMsTmuV1U5Zph3wMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvR3NrTUlhWlhEaTFDRXl4T2E1WFZUbG1tSGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDIAEwgAMF
AyABMYADBQMqEGxAAwUDKhCWAAMFAyoUasADBQAqFGvGMA0GCSqGSIb3DQEBCwUA
A4IBAQBx5GZbOV9gbDh2Nwu/Q7E1sUS7kZ85pCcbt5i6xH/FkqcBF1PSJvxcjGwX
3wH6Mk4FLm77SumV2zzDBOm4pdKL7EjvaZmVdPLGq5SdA/vS87w/yFgW8AYOxU49
bVV3chIxqJFrgAFBq22m2e/K1Hb/U/7cTODpCmqbVid+usq2wDUydz52WFuhA6WZ
JQwu5g8LPsM+afFjkPnf5YLdj6hQ7PoMBDh/sdJP4R7Uxx224IZAVHHGR/2CX0mH
vJtvb8dKRea1FzDQB2Fadv3E5jW4pBFLOlEUNM5snQPbwnjCvlT4xgcHx5LVtjcS
hFvlh5aYc+/2+vqFJ6/A8T2rA3P6
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:27:58 2026 by rpki-client