Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P2WTJnUVCwPiczdjSl9FwAJTtwQ.roa
File: P2WTJnUVCwPiczdjSl9FwAJTtwQ.roa (raw, json)
Hash identifier: 8KIeIAoUXmx84eS6Q/+taUe/p06BD1o6FNzIHmsavX4=
Subject key identifier: 3F:65:93:26:75:15:0B:03:E2:73:37:63:4A:5F:45:C0:02:53:B7:04
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019D9586EFD28D27E090F410CB0755705FE2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P2WTJnUVCwPiczdjSl9FwAJTtwQ.roa
Signing time: Thu 16 Apr 2026 09:02:21 +0000
ROA not before: Thu 16 Apr 2026 09:02:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401322
IP address blocks: 213.218.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Apr 2026 11:21:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:95:86:ef:d2:8d:27:e0:90:f4:10:cb:07:55:70:5f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 16 09:02:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3f65932675150b03e27337634a5f45c00253b704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:33:ec:38:bb:d3:2b:3e:58:f0:22:54:1f:6b:
ff:78:09:4d:4f:4e:fa:b4:a1:55:fc:42:04:97:e9:
3c:03:cf:37:65:89:94:20:4a:6e:b5:26:b6:97:28:
5e:b1:56:6c:2f:5e:f4:63:f1:ac:81:e4:20:c2:56:
88:d7:7f:f5:b2:90:46:f2:11:2b:47:a6:f8:f3:03:
2d:14:ad:2d:50:f8:38:82:22:c7:58:2e:0c:2c:ea:
7d:71:86:0d:8a:29:61:e8:c1:61:1f:6c:8e:d4:44:
ac:a9:2d:62:6b:58:b4:46:9c:6d:d0:9d:f9:af:79:
5b:3e:e5:85:43:76:5f:31:41:d8:ce:14:35:51:8a:
c0:1f:a6:c9:53:35:2d:90:48:fa:f9:ce:95:2e:85:
28:80:96:18:3a:ac:eb:2b:19:63:09:a0:e1:a3:97:
93:20:db:78:8a:c9:14:f0:ce:f1:86:b3:0d:5c:ea:
6e:57:93:fb:9a:bf:c8:20:ed:fb:36:48:d1:c7:46:
8d:3b:20:0d:ce:1e:c2:17:32:ae:75:99:6c:61:d1:
8b:a8:52:d3:d7:23:91:d1:44:bc:b4:f9:88:7f:a0:
01:f9:99:10:65:b9:e2:b0:29:5f:df:c3:76:c6:07:
56:0e:a1:f3:5f:fe:8f:ce:34:68:3e:b5:da:40:66:
f5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:65:93:26:75:15:0B:03:E2:73:37:63:4A:5F:45:C0:02:53:B7:04
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P2WTJnUVCwPiczdjSl9FwAJTtwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.224.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:05:a4:10:8f:b7:66:3b:f8:10:d8:9f:92:77:39:91:40:8b:
e7:b0:1d:2d:2a:ba:93:6c:e0:af:ce:53:56:a6:34:68:a3:47:
89:27:40:de:ce:fc:05:15:67:ad:43:fb:b5:b6:9a:53:a5:7e:
98:72:02:5d:81:34:b8:b7:3f:ff:54:44:1b:fe:4b:5e:a1:96:
72:47:7b:59:81:c3:f1:88:33:33:53:e5:af:23:cc:a9:2d:17:
e1:39:e3:67:f1:a3:52:c3:0a:71:0b:72:2b:f1:99:67:28:f1:
34:d8:1b:73:44:01:39:ff:a1:ad:7a:79:d2:d2:34:d6:d4:fa:
4f:c1:26:97:98:d5:d7:90:be:d2:f0:6c:17:fe:34:25:5d:5d:
22:03:e3:77:39:04:52:a0:4f:02:99:ce:9a:6b:40:21:7d:27:
c2:de:a3:b3:ec:91:e2:3d:e3:b1:d6:f5:41:e6:03:eb:b5:0c:
0e:ac:86:89:b1:6f:98:af:0c:47:7f:b6:97:d0:5d:f9:6d:9d:
f6:06:86:f6:91:8a:62:dd:e2:66:4b:05:ec:f2:e8:c9:f6:e6:
da:1c:0c:7d:d3:3e:b8:29:26:78:2c:32:59:08:72:79:3f:a7:
31:19:2e:91:ac:92:1d:4b:4a:02:b8:ad:6a:25:85:23:0a:6c:
f6:69:bc:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2Vhu/SjSfgkPQQywdVcF/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNDE2MDkwMjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjY1OTMyNjc1MTUwYjAzZTI3MzM3NjM0YTVmNDVjMDAyNTNiNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTPsOLvTKz5Y8CJUH2v/eAlNT076
tKFV/EIEl+k8A883ZYmUIEputSa2lyhesVZsL170Y/GsgeQgwlaI13/1spBG8hEr
R6b48wMtFK0tUPg4giLHWC4MLOp9cYYNiilh6MFhH2yO1ESsqS1ia1i0Rpxt0J35
r3lbPuWFQ3ZfMUHYzhQ1UYrAH6bJUzUtkEj6+c6VLoUogJYYOqzrKxljCaDho5eT
INt4iskU8M7xhrMNXOpuV5P7mr/IIO37NkjRx0aNOyANzh7CFzKudZlsYdGLqFLT
1yOR0US8tPmIf6AB+ZkQZbnisClf38N2xgdWDqHzX/6PzjRoPrXaQGb1SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD9lkyZ1FQsD4nM3Y0pfRcACU7cEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUDJXVEpuVVZDd1BpY3pkalNsOUZ3QUpUdHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1drgMA0G
CSqGSIb3DQEBCwUAA4IBAQCqBaQQj7dmO/gQ2J+SdzmRQIvnsB0tKrqTbOCvzlNW
pjRoo0eJJ0DezvwFFWetQ/u1tppTpX6YcgJdgTS4tz//VEQb/kteoZZyR3tZgcPx
iDMzU+WvI8ypLRfhOeNn8aNSwwpxC3Ir8ZlnKPE02BtzRAE5/6GtennS0jTW1PpP
wSaXmNXXkL7S8GwX/jQlXV0iA+N3OQRSoE8Cmc6aa0AhfSfC3qOz7JHiPeOx1vVB
5gPrtQwOrIaJsW+YrwxHf7aX0F35bZ32Bob2kYpi3eJmSwXs8ujJ9ubaHAx90z64
KSZ4LDJZCHJ5P6cxGS6RrJIdS0oCuK1qJYUjCmz2abyL
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:11:59 2026 by rpki-client