Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/hsEiocmm0djC-qge4mkwDRsnfWo.roa
File: hsEiocmm0djC-qge4mkwDRsnfWo.roa (raw, json)
Hash identifier: qi9YV9eEyUEvEGxm2yth1VXeLe7xL9iKXOpVgYgttzU=
Subject key identifier: 86:C1:22:A1:C9:A6:D1:D8:C2:FA:A8:1E:E2:69:30:0D:1B:27:7D:6A
Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial: 019D340C58DAD9D7CCAC6CF2924847B8D51E
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/hsEiocmm0djC-qge4mkwDRsnfWo.roa
Signing time: Sat 28 Mar 2026 10:45:17 +0000
ROA not before: Sat 28 Mar 2026 10:45:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 2a0a:100::/29 maxlen: 48
2a0a:3280::/29 maxlen: 48
2a0a:f780::/29 maxlen: 48
2a0a:fa00::/29 maxlen: 48
2a0b:f00::/29 maxlen: 48
2a0d:4fc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Apr 2026 08:53:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:34:0c:58:da:d9:d7:cc:ac:6c:f2:92:48:47:b8:d5:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Validity
Not Before: Mar 28 10:45:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86c122a1c9a6d1d8c2faa81ee269300d1b277d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:ac:dc:ce:5b:7d:fe:0e:29:7b:69:59:b3:d2:
85:10:8e:f6:1a:fa:66:22:e3:6e:15:66:a7:4f:c6:
a4:d2:83:30:e7:53:12:3a:e4:d1:54:5c:0e:15:c4:
68:2f:fd:1a:cd:50:01:2c:0a:62:02:fd:97:72:82:
6c:0c:94:d7:a3:d4:5a:72:cb:56:95:80:3c:31:25:
35:76:47:1f:bc:fc:8b:35:93:47:90:88:38:2a:d5:
fa:6a:a5:87:1f:fd:01:a5:8a:fc:d0:67:ea:9e:e5:
e8:aa:3f:25:cf:55:96:b1:9b:d1:18:bf:77:95:e7:
86:04:21:27:35:0d:51:1d:88:be:71:24:30:4e:ff:
11:3d:02:0c:94:c5:59:95:47:26:f2:c5:7e:69:39:
f9:46:b2:33:9a:17:02:e8:04:f1:fb:18:32:57:d0:
5f:c5:fd:5d:ae:c4:82:87:a6:c7:ef:81:bb:d7:92:
f0:00:18:0e:ee:50:d3:c2:21:37:7d:64:b8:b7:47:
1c:15:cd:d5:41:50:3f:07:94:a4:1a:a0:cb:9f:1e:
31:d7:88:8a:05:48:e8:9d:d1:4f:e9:50:a0:f1:e0:
40:c7:11:ad:57:10:e5:17:8a:28:4f:29:9b:96:30:
ab:63:ca:a2:85:81:38:86:c0:50:bc:c3:5e:57:62:
db:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C1:22:A1:C9:A6:D1:D8:C2:FA:A8:1E:E2:69:30:0D:1B:27:7D:6A
X509v3 Authority Key Identifier:
keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/hsEiocmm0djC-qge4mkwDRsnfWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:100::/29
2a0a:3280::/29
2a0a:f780::/29
2a0a:fa00::/29
2a0b:f00::/29
2a0d:4fc0::/29
Signature Algorithm: sha256WithRSAEncryption
74:2a:16:ab:6c:c1:c8:3b:bb:9b:a6:f8:75:eb:3e:58:26:7e:
33:31:91:08:1c:61:5c:48:c3:a8:c6:e5:aa:a6:1b:6f:58:c1:
ac:2a:7c:7f:59:af:94:9c:7b:0d:b7:b4:72:6a:ce:50:6e:51:
da:26:a5:75:b9:cd:ef:15:e5:b3:b8:f0:f8:48:cc:db:0e:10:
b5:8b:b1:e9:c7:de:a0:85:e3:ca:57:79:7b:8f:89:b8:23:2d:
a6:f6:5c:65:35:92:f6:4e:a2:1b:47:05:fd:cd:88:cb:6a:86:
fe:ed:8c:d5:4c:4b:fc:73:31:e1:63:c5:59:de:66:50:45:85:
0b:99:b5:73:0f:d9:5f:2c:55:c1:f0:8d:a1:eb:8d:9c:9b:3e:
a0:b3:10:6e:19:fb:f0:b7:1e:44:b5:9b:b8:d0:be:aa:7b:e8:
44:09:1c:97:65:c1:d5:65:f4:6f:4f:a6:eb:76:d5:5f:4e:57:
c5:c4:e0:c9:e5:6b:d3:7d:00:66:2b:a9:44:d5:49:dd:99:04:
e2:8a:69:e3:e8:8b:cc:21:58:f0:b9:5f:5b:46:a2:60:4e:df:
73:b2:9c:71:86:5c:1c:67:b7:4e:da:bf:ff:d2:19:c8:e7:7c:
8c:d6:ff:b8:cb:99:b4:c0:b7:8b:8d:e4:91:2f:69:81:e3:39:
4d:bf:b2:d1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ00DFja2dfMrGzykkhHuNUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjYwMzI4MTA0NTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmMxMjJhMWM5YTZkMWQ4YzJmYWE4MWVlMjY5MzAwZDFiMjc3ZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9qzczlt9/g4pe2lZs9KFEI72Gvpm
IuNuFWanT8ak0oMw51MSOuTRVFwOFcRoL/0azVABLApiAv2XcoJsDJTXo9RacstW
lYA8MSU1dkcfvPyLNZNHkIg4KtX6aqWHH/0BpYr80GfqnuXoqj8lz1WWsZvRGL93
leeGBCEnNQ1RHYi+cSQwTv8RPQIMlMVZlUcm8sV+aTn5RrIzmhcC6ATx+xgyV9Bf
xf1drsSCh6bH74G715LwABgO7lDTwiE3fWS4t0ccFc3VQVA/B5SkGqDLnx4x14iK
BUjondFP6VCg8eBAxxGtVxDlF4ooTymbljCrY8qihYE4hsBQvMNeV2LbXwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIbBIqHJptHYwvqoHuJpMA0bJ31qMB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEvaHNFaW9jbW0wZGpDLXFnZTRta3dEUnNuZldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgoBAAMF
AyoKMoADBQMqCveAAwUDKgr6AAMFAyoLDwADBQMqDU/AMA0GCSqGSIb3DQEBCwUA
A4IBAQB0KharbMHIO7ubpvh16z5YJn4zMZEIHGFcSMOoxuWqphtvWMGsKnx/Wa+U
nHsNt7Ryas5QblHaJqV1uc3vFeWzuPD4SMzbDhC1i7Hpx96ghePKV3l7j4m4Iy2m
9lxlNZL2TqIbRwX9zYjLaob+7YzVTEv8czHhY8VZ3mZQRYULmbVzD9lfLFXB8I2h
642cmz6gsxBuGfvwtx5EtZu40L6qe+hECRyXZcHVZfRvT6brdtVfTlfFxODJ5WvT
fQBmK6lE1UndmQTiimnj6IvMIVjwuV9bRqJgTt9zspxxhlwcZ7dO2r//0hnI53yM
1v+4y5m0wLeLjeSRL2mB4zlNv7LR
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:54:22 2026 by rpki-client