Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/hufmao7EDi4vsFZkPiZ-JVz8klc.roa
File: hufmao7EDi4vsFZkPiZ-JVz8klc.roa (raw, json)
Hash identifier: 3A/5RuAXaYKBv5YysD5BYiMkmsBqAgMfTjzVsflstZE=
Subject key identifier: 86:E7:E6:6A:8E:C4:0E:2E:2F:B0:56:64:3E:26:7E:25:5C:FC:92:57
Certificate issuer: /CN=e15136feff3574ef9b2262de59b06a21908fab3e
Certificate serial: 019B7CED59A61737B4B10057BEADE46587D6
Authority key identifier: E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/hufmao7EDi4vsFZkPiZ-JVz8klc.roa
Signing time: Fri 02 Jan 2026 04:18:08 +0000
ROA not before: Fri 02 Jan 2026 04:18:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202368
IP address blocks: 194.34.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Jan 2026 15:57:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:ed:59:a6:17:37:b4:b1:00:57:be:ad:e4:65:87:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15136feff3574ef9b2262de59b06a21908fab3e
Validity
Not Before: Jan 2 04:18:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86e7e66a8ec40e2e2fb056643e267e255cfc9257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:96:da:cd:7c:0a:f5:01:d9:f3:83:60:ea:49:
5d:af:8f:b2:5a:4b:bf:87:b1:12:e7:06:b9:fa:2b:
f3:e8:aa:d6:64:8f:5a:99:e0:33:76:1a:c0:ae:fe:
53:d4:1e:b6:1f:d8:52:a5:e5:d8:1a:a0:35:e4:1b:
4e:0f:75:2f:e6:7b:c1:70:7a:e4:88:31:5b:bc:98:
21:a5:c0:d9:6c:3a:10:90:0e:a4:3d:7b:53:53:b0:
80:24:2d:11:98:ea:cd:73:85:21:80:13:02:e0:79:
f2:2d:42:ca:9b:21:b8:16:dd:07:c7:eb:ae:57:c2:
ef:12:9b:d6:91:f2:1f:c7:3c:96:92:f3:7b:ee:e3:
c6:71:e1:b4:a2:54:f0:8c:1f:4f:ad:9d:36:59:70:
3d:1b:44:d1:ab:8a:33:bc:57:d5:42:02:d0:5f:c3:
ee:fd:a8:1a:da:c3:45:fd:88:33:3a:c1:e7:63:f6:
db:e5:ab:7f:f6:c0:e5:b7:be:9f:6a:ef:4e:8f:e0:
09:4f:05:8a:0e:31:eb:38:29:9c:07:fa:26:97:78:
79:f1:a3:9d:92:79:73:a7:a1:c3:42:38:a6:5d:13:
fa:4b:cb:7e:08:8b:73:de:7a:af:65:dc:df:5d:92:
82:51:e4:8f:f2:9b:b1:ca:24:3c:d1:fc:c8:94:27:
cd:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E7:E6:6A:8E:C4:0E:2E:2F:B0:56:64:3E:26:7E:25:5C:FC:92:57
X509v3 Authority Key Identifier:
keyid:E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/hufmao7EDi4vsFZkPiZ-JVz8klc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.163.0/24
Signature Algorithm: sha256WithRSAEncryption
25:1b:79:97:21:92:6f:56:a7:ae:2e:a4:ee:17:1d:06:5e:75:
9f:c4:46:fe:4e:35:30:4f:30:f8:70:95:d3:01:92:4f:99:e2:
15:b6:fb:56:c7:57:16:90:10:78:59:81:73:84:24:50:0c:79:
98:1d:54:49:9b:33:ef:67:91:f9:f3:3c:df:84:bb:67:ae:4e:
77:5d:41:03:9d:08:26:3f:70:6d:c4:85:91:c2:a1:71:a9:71:
a0:45:fa:4e:6a:db:0b:47:bc:1c:82:c7:83:8f:e7:4f:af:c7:
15:5b:42:73:78:53:73:80:39:09:1e:f6:e8:93:d8:66:25:97:
fc:de:e0:28:db:f8:7c:ed:ae:fd:3b:54:7d:82:a1:81:6d:53:
74:59:8a:1f:59:67:c2:78:ef:e7:32:a5:70:06:0a:bf:15:f4:
75:b8:31:d4:28:e1:cb:4c:5f:1b:6e:4f:00:87:fd:c0:6d:9c:
be:f7:50:f6:e1:1c:cf:d6:99:29:6e:e7:2a:28:75:e4:6f:e8:
95:e0:6d:39:15:68:aa:68:b1:35:8f:e2:ff:1f:66:4b:5e:28:
dc:77:36:54:0f:b6:95:0a:b3:09:cd:51:30:d0:57:8d:0a:af:
6d:fe:64:21:40:2a:87:65:cb:a9:66:10:d8:b7:4e:e6:a4:c1:
fb:22:66:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87VmmFze0sQBXvq3kZYfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTEzNmZlZmYzNTc0ZWY5YjIyNjJkZTU5YjA2YTIxOTA4
ZmFiM2UwHhcNMjYwMTAyMDQxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmU3ZTY2YThlYzQwZTJlMmZiMDU2NjQzZTI2N2UyNTVjZmM5MjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5bazXwK9QHZ84Ng6kldr4+yWku/
h7ES5wa5+ivz6KrWZI9ameAzdhrArv5T1B62H9hSpeXYGqA15BtOD3Uv5nvBcHrk
iDFbvJghpcDZbDoQkA6kPXtTU7CAJC0RmOrNc4UhgBMC4HnyLULKmyG4Ft0Hx+uu
V8LvEpvWkfIfxzyWkvN77uPGceG0olTwjB9PrZ02WXA9G0TRq4ozvFfVQgLQX8Pu
/aga2sNF/YgzOsHnY/bb5at/9sDlt76fau9Oj+AJTwWKDjHrOCmcB/oml3h58aOd
knlzp6HDQjimXRP6S8t+CItz3nqvZdzfXZKCUeSP8puxyiQ80fzIlCfNEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbn5mqOxA4uL7BWZD4mfiVc/JJXMB8GA1UdIwQY
MBaAFOFRNv7/NXTvmyJi3lmwaiGQj6s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMt
MDQxMzEyMjQyZmYzLzEvaHVmbWFvN0VEaTR2c0Zaa1BpWi1KVno4a2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMtMDQxMzEyMjQyZmYz
LzEvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiKjMA0G
CSqGSIb3DQEBCwUAA4IBAQAlG3mXIZJvVqeuLqTuFx0GXnWfxEb+TjUwTzD4cJXT
AZJPmeIVtvtWx1cWkBB4WYFzhCRQDHmYHVRJmzPvZ5H58zzfhLtnrk53XUEDnQgm
P3BtxIWRwqFxqXGgRfpOatsLR7wcgseDj+dPr8cVW0JzeFNzgDkJHvbok9hmJZf8
3uAo2/h87a79O1R9gqGBbVN0WYofWWfCeO/nMqVwBgq/FfR1uDHUKOHLTF8bbk8A
h/3AbZy+91D24RzP1pkpbucqKHXkb+iV4G05FWiqaLE1j+L/H2ZLXijcdzZUD7aV
CrMJzVEw0FeNCq9t/mQhQCqHZcupZhDYt07mpMH7ImYr
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:23:47 2026 by rpki-client