Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/mXyId1jytJjw_zkT5EQvyHKSxiE.roa
File: mXyId1jytJjw_zkT5EQvyHKSxiE.roa (raw, json)
Hash identifier: 3ZUdJ8Wk6aauKWHOMkrZ0l8uSPzp/z4WGLszPtar+0U=
Subject key identifier: 99:7C:88:77:58:F2:B4:98:F0:FF:39:13:E4:44:2F:C8:72:92:C6:21
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019C358373C50835CD8585FAE9C60908740A
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/mXyId1jytJjw_zkT5EQvyHKSxiE.roa
Signing time: Sat 07 Feb 2026 00:32:13 +0000
ROA not before: Sat 07 Feb 2026 00:32:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 174
IP address blocks: 158.94.220.0/24 maxlen: 24
158.94.221.0/24 maxlen: 24
2a01:fb01::/32 maxlen: 64
2a01:fb04::/32 maxlen: 64
2a01:fb07::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 02 Mar 2026 04:28:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:35:83:73:c5:08:35:cd:85:85:fa:e9:c6:09:08:74:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Feb 7 00:32:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=997c887758f2b498f0ff3913e4442fc87292c621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:56:62:67:79:69:b6:cf:c3:ee:99:6e:8d:cd:
ce:52:4e:9e:80:2a:fc:1d:c6:8c:f0:8b:ac:34:1f:
a6:cd:c9:8b:e6:4a:09:ab:93:a8:31:25:d3:c4:ad:
7b:69:70:f2:d8:85:75:1f:e2:45:13:c3:1d:ad:03:
c8:ba:57:f7:15:0c:5c:2d:e5:bb:df:8c:69:e9:36:
ca:db:74:7e:54:b4:d3:ea:e2:6d:d1:bb:27:5e:6d:
17:c9:00:9f:ed:8f:ff:cd:6f:88:bf:46:3f:1c:8f:
06:18:b6:85:0e:86:ae:31:7d:ce:9f:0c:e1:af:04:
c4:dd:8d:68:75:e4:f6:96:f0:44:1a:46:73:f6:23:
a2:4f:0a:fd:ae:b8:bc:82:37:81:07:c4:51:31:34:
72:40:ce:98:04:10:93:0a:2f:69:6a:c0:75:cc:63:
a9:df:cb:de:c0:35:7e:5f:ce:a6:0f:ec:05:13:ba:
3e:36:ef:37:dc:a4:c4:41:7a:b7:df:bb:e8:d7:c2:
80:a0:ee:ab:6f:d1:e8:47:31:50:81:4b:97:63:f3:
81:15:18:09:15:be:96:fe:ed:b2:cf:43:da:8d:22:
07:22:a1:27:dc:3a:70:a2:cf:bd:2a:67:92:20:21:
f8:e5:75:6c:b9:54:35:5c:6f:68:6b:82:c2:b7:68:
f2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:7C:88:77:58:F2:B4:98:F0:FF:39:13:E4:44:2F:C8:72:92:C6:21
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/mXyId1jytJjw_zkT5EQvyHKSxiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.94.220.0/23
IPv6:
2a01:fb01::/32
2a01:fb04::/32
2a01:fb07::/32
Signature Algorithm: sha256WithRSAEncryption
23:92:2f:af:6c:08:b6:3c:57:59:4d:dc:8e:9b:2e:77:92:82:
cd:ea:03:68:e2:ec:c6:bf:c0:2a:cf:1a:cf:0f:8b:4c:d9:4a:
85:06:3d:9f:fb:b1:50:86:6d:91:30:b8:0c:b1:e3:4f:28:3e:
6f:f7:19:41:97:48:9f:4d:af:56:b6:1f:3b:07:da:47:b8:eb:
75:a5:59:8f:97:80:77:ab:ef:2e:05:09:cb:46:d0:30:05:a9:
45:1e:7c:69:01:da:af:3c:2c:e7:06:f0:f1:64:4b:9e:4d:9b:
81:56:a5:d5:74:83:25:82:8d:63:7a:3a:d0:bb:f6:ba:a1:0e:
f5:24:8c:56:7c:d0:66:48:90:bc:15:f7:a4:d1:34:f5:ad:e5:
e2:a5:a9:5a:c6:4e:a1:e5:f6:95:ba:00:58:45:65:d1:99:ba:
e0:1d:86:1f:35:32:4b:4e:0a:a6:e0:08:97:4f:5b:27:6d:eb:
e0:be:6c:d0:60:70:bc:f4:cc:68:a8:02:a4:84:ce:40:fd:0a:
b0:ee:84:ae:11:ec:c0:75:19:a0:bb:a7:04:f1:94:3f:b2:13:
60:43:4f:69:55:a1:d1:8c:ad:44:b7:42:d4:7c:54:2c:d7:a5:
c9:0b:81:81:32:22:3c:13:fd:6c:e3:97:11:85:29:e0:25:df:
df:4f:65:41
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZw1g3PFCDXNhYX66cYJCHQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjYwMjA3MDAzMjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTdjODg3NzU4ZjJiNDk4ZjBmZjM5MTNlNDQ0MmZjODcyOTJjNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFZiZ3lpts/D7plujc3OUk6egCr8
HcaM8IusNB+mzcmL5koJq5OoMSXTxK17aXDy2IV1H+JFE8MdrQPIulf3FQxcLeW7
34xp6TbK23R+VLTT6uJt0bsnXm0XyQCf7Y//zW+Iv0Y/HI8GGLaFDoauMX3Onwzh
rwTE3Y1odeT2lvBEGkZz9iOiTwr9rri8gjeBB8RRMTRyQM6YBBCTCi9pasB1zGOp
38vewDV+X86mD+wFE7o+Nu833KTEQXq337vo18KAoO6rb9HoRzFQgUuXY/OBFRgJ
Fb6W/u2yz0PajSIHIqEn3Dpwos+9KmeSICH45XVsuVQ1XG9oa4LCt2jygwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJl8iHdY8rSY8P85E+REL8hyksYhMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvbVh5SWQxanl0Smp3X3prVDVFUXZ5SEtTeGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQBnl7cMBsE
AgACMBUDBQAqAfsBAwUAKgH7BAMFACoB+wcwDQYJKoZIhvcNAQELBQADggEBACOS
L69sCLY8V1lN3I6bLneSgs3qA2ji7Ma/wCrPGs8Pi0zZSoUGPZ/7sVCGbZEwuAyx
408oPm/3GUGXSJ9Nr1a2HzsH2ke463WlWY+XgHer7y4FCctG0DAFqUUefGkB2q88
LOcG8PFkS55Nm4FWpdV0gyWCjWN6OtC79rqhDvUkjFZ80GZIkLwV96TRNPWt5eKl
qVrGTqHl9pW6AFhFZdGZuuAdhh81MktOCqbgCJdPWydt6+C+bNBgcLz0zGioAqSE
zkD9CrDuhK4R7MB1GaC7pwTxlD+yE2BDT2lVodGMrUS3QtR8VCzXpckLgYEyIjwT
/WzjlxGFKeAl399PZUE=
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:23:45 2026 by rpki-client