Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XnyNHP-Tv5E7qtAjVDu9kyBhpp8.roa
File: XnyNHP-Tv5E7qtAjVDu9kyBhpp8.roa (raw, json)
Hash identifier: UYZpLBwTQ5gDF5lX1BTeBxmzKMK+np4z404UX4CFpHY=
Subject key identifier: 5E:7C:8D:1C:FF:93:BF:91:3B:AA:D0:23:54:3B:BD:93:20:61:A6:9F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019A24F405E096648232F12945DFEB66A3B7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XnyNHP-Tv5E7qtAjVDu9kyBhpp8.roa
Signing time: Mon 27 Oct 2025 09:16:03 +0000
ROA not before: Mon 27 Oct 2025 09:16:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199925
IP address blocks: 2a0d:b740::/29 maxlen: 29
2a13:2b40::/29 maxlen: 32
2a13:9b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 04 Nov 2025 16:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:f4:05:e0:96:64:82:32:f1:29:45:df:eb:66:a3:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 27 09:16:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e7c8d1cff93bf913baad023543bbd932061a69f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:18:a7:c5:5c:d1:37:11:ac:14:ad:1f:ef:f1:
54:a0:6e:0b:2f:b1:90:e8:a5:f6:8f:8f:59:a5:87:
d0:1c:75:44:25:6a:e8:de:2d:6f:44:7c:7a:71:09:
6c:8a:b1:8d:b5:ca:6d:ca:33:e5:10:26:c3:f2:93:
af:ba:f6:0e:a4:b1:b2:9e:64:cd:0e:95:08:51:8d:
4a:be:71:0b:fd:5c:83:ee:ed:33:a2:dd:67:e6:d7:
b8:ff:21:bd:ae:d9:23:f4:79:78:0c:62:29:e7:6f:
1b:66:ed:9a:c7:8d:39:72:7e:fe:7b:63:8c:1f:f0:
a7:89:ff:13:bd:fa:c4:9d:66:c4:9c:84:ef:3e:c9:
5a:0a:30:51:bd:cb:df:90:83:c5:28:b0:87:6a:dc:
6c:3c:14:16:35:d3:de:09:1f:50:42:5e:70:fa:81:
22:1d:6d:78:36:45:12:84:9e:26:91:0e:f7:d2:f0:
11:06:a4:8e:58:e9:4b:d4:ee:57:22:b8:62:65:61:
7c:7f:f7:e9:bc:fc:5d:b4:3e:84:11:0b:3f:21:a5:
6d:39:7f:4a:3b:ad:a4:83:0e:0b:55:bb:73:35:87:
b0:11:0d:5b:d1:01:69:fb:8a:72:fd:1d:6a:12:cd:
74:8f:03:b1:9c:ba:e0:59:20:04:db:24:cd:9f:b8:
01:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7C:8D:1C:FF:93:BF:91:3B:AA:D0:23:54:3B:BD:93:20:61:A6:9F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XnyNHP-Tv5E7qtAjVDu9kyBhpp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b740::/29
2a13:2b40::/29
2a13:9b00::/29
Signature Algorithm: sha256WithRSAEncryption
5d:cb:01:83:d1:c5:2d:a9:9b:52:7c:1c:d6:ac:c5:0a:34:b3:
39:17:f5:f9:33:73:e4:fd:34:b6:33:c3:11:56:71:03:c5:71:
bf:85:56:44:b5:67:4f:d2:74:62:2e:18:52:72:60:e1:21:fa:
97:90:ab:2d:e5:1a:7b:fc:6f:cb:58:57:4d:22:3b:a9:73:e2:
2c:0b:bb:fb:0d:9a:da:f7:4e:41:aa:e4:08:5e:55:03:0e:6d:
bb:38:70:81:5a:13:7e:50:5e:fc:bf:d2:80:2a:ef:f6:e6:fb:
0e:9e:09:8d:5e:83:77:45:27:5c:35:dd:1a:c0:84:a2:0a:2b:
f3:92:35:3e:df:8b:8e:e1:ae:02:0c:4a:48:d8:a8:ac:4c:8f:
3c:85:e9:f5:0e:d1:38:e1:11:89:31:57:95:42:8e:36:2c:10:
3e:b4:cc:5a:ce:46:89:2c:49:a2:14:33:6a:99:5b:94:a7:94:
71:39:ca:4a:86:52:97:8d:fa:4e:4a:5c:ea:ee:58:d3:6d:51:
0d:bb:d9:46:9d:87:ff:b8:06:b9:69:0d:1e:c5:6d:b4:d1:96:
b6:b5:87:ae:b0:8c:08:96:71:02:d9:2a:8d:25:99:ed:a0:08:
9f:6f:62:c2:e1:bb:e8:bb:16:bb:16:27:b1:bd:b4:d1:ba:2b:
e3:15:d3:8d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZok9AXglmSCMvEpRd/rZqO3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUxMDI3MDkxNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTdjOGQxY2ZmOTNiZjkxM2JhYWQwMjM1NDNiYmQ5MzIwNjFhNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBinxVzRNxGsFK0f7/FUoG4LL7GQ
6KX2j49ZpYfQHHVEJWro3i1vRHx6cQlsirGNtcptyjPlECbD8pOvuvYOpLGynmTN
DpUIUY1KvnEL/VyD7u0zot1n5te4/yG9rtkj9Hl4DGIp528bZu2ax405cn7+e2OM
H/Cnif8TvfrEnWbEnITvPslaCjBRvcvfkIPFKLCHatxsPBQWNdPeCR9QQl5w+oEi
HW14NkUShJ4mkQ730vARBqSOWOlL1O5XIrhiZWF8f/fpvPxdtD6EEQs/IaVtOX9K
O62kgw4LVbtzNYewEQ1b0QFp+4py/R1qEs10jwOxnLrgWSAE2yTNn7gBUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF58jRz/k7+RO6rQI1Q7vZMgYaafMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWG55TkhQLVR2NUU3cXRBalZEdTlreUJocHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg23QAMF
AyoTK0ADBQMqE5sAMA0GCSqGSIb3DQEBCwUAA4IBAQBdywGD0cUtqZtSfBzWrMUK
NLM5F/X5M3Pk/TS2M8MRVnEDxXG/hVZEtWdP0nRiLhhScmDhIfqXkKst5Rp7/G/L
WFdNIjupc+IsC7v7DZra905BquQIXlUDDm27OHCBWhN+UF78v9KAKu/25vsOngmN
XoN3RSdcNd0awISiCivzkjU+34uO4a4CDEpI2KisTI88hen1DtE44RGJMVeVQo42
LBA+tMxazkaJLEmiFDNqmVuUp5RxOcpKhlKXjfpOSlzq7ljTbVENu9lGnYf/uAa5
aQ0exW200Za2tYeusIwIlnEC2SqNJZntoAifb2LC4bvouxa7FiexvbTRuivjFdON
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:38:25 2025 by rpki-client