Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/2Tqbi0oTcv7Hdhk2za1YuuNq6p4.roa
File: 2Tqbi0oTcv7Hdhk2za1YuuNq6p4.roa (raw, json)
Hash identifier: KAX2M8OUpRX7dJ9FhVTEo9WJnYelYTkRAog3QeVdWjM=
Subject key identifier: D9:3A:9B:8B:4A:13:72:FE:C7:76:19:36:CD:AD:58:BA:E3:6A:EA:9E
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 019B01BC82C23FAF7EFB661FBC4C4EF62520
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/2Tqbi0oTcv7Hdhk2za1YuuNq6p4.roa
Signing time: Tue 09 Dec 2025 06:11:29 +0000
ROA not before: Tue 09 Dec 2025 06:11:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206604
IP address blocks: 2a0d:d940:70::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Dec 2025 12:53:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:01:bc:82:c2:3f:af:7e:fb:66:1f:bc:4c:4e:f6:25:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Dec 9 06:11:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d93a9b8b4a1372fec7761936cdad58bae36aea9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ba:40:0b:48:ac:d9:0d:a7:71:26:8e:cb:93:
c3:b6:97:b2:43:36:aa:ff:e2:0f:4a:f2:c2:69:56:
d8:76:b4:e1:be:63:89:13:62:bd:a9:42:17:22:80:
de:24:3c:e5:21:73:b7:ce:f1:47:b2:0a:e9:13:75:
c9:f2:f6:89:2b:cb:e4:ea:65:c3:25:55:89:cd:61:
d2:15:61:1b:48:ef:39:40:12:39:93:cd:c8:eb:c8:
94:e4:c2:e3:92:81:25:43:f3:10:2f:b0:33:11:af:
0b:5e:b8:85:bc:74:0e:da:06:b4:0e:f8:f8:41:c5:
a4:19:37:6e:ca:2b:30:49:53:5e:24:63:30:09:06:
bd:ac:53:54:b2:58:33:e2:3f:b8:cb:0c:94:47:f3:
12:83:62:2f:3b:d1:f4:3c:4b:34:43:03:a3:44:2a:
f7:c4:e6:92:7b:0a:bc:23:8b:d9:1e:dc:8b:29:ca:
1f:c3:1f:60:ec:06:9b:6a:3c:f3:5d:1e:5f:cd:8b:
0b:04:e7:c0:a1:1e:9c:f6:1b:56:74:8b:ed:d6:c8:
ff:58:2e:d2:19:6e:0c:79:2a:c6:22:69:89:72:d4:
e4:4c:12:b5:ba:ce:5d:9c:62:40:ad:02:a2:9c:52:
08:19:8e:24:d9:c8:f2:a0:cf:29:e6:91:db:37:59:
c7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3A:9B:8B:4A:13:72:FE:C7:76:19:36:CD:AD:58:BA:E3:6A:EA:9E
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/2Tqbi0oTcv7Hdhk2za1YuuNq6p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:70::/44
Signature Algorithm: sha256WithRSAEncryption
d9:8d:55:6e:b9:1d:34:26:23:b4:ff:93:9a:e4:e7:30:49:1a:
d4:10:97:2f:ea:5f:b6:f8:ec:22:02:ef:12:f1:e8:89:70:68:
bb:d0:98:1e:46:fe:9f:1c:88:87:62:f7:12:c9:4c:39:cb:66:
52:c7:d5:c2:80:16:52:25:b8:4a:64:fe:24:ba:ba:3c:65:b3:
90:2f:3e:ba:6a:c0:fc:6e:24:3c:de:3a:bd:3a:d3:a1:ae:54:
17:86:d5:20:d4:7d:60:cc:cd:0a:fb:fb:5f:9a:38:24:e3:e1:
36:66:98:69:91:67:dc:ae:b3:db:ec:08:b0:e4:86:1d:e9:6e:
8e:60:f0:3f:a0:b2:39:83:24:a8:f7:e3:af:02:b3:a5:fb:3f:
f6:a5:d1:10:47:04:71:04:43:22:de:52:d3:24:5d:29:80:9d:
ec:df:f6:ac:30:6c:d2:b1:c8:fe:0c:e3:c5:56:95:66:45:86:
9b:49:cc:67:cc:09:f4:fa:64:a7:72:9d:76:ff:cb:25:f0:15:
34:7e:56:85:3d:84:f3:7c:65:92:5b:86:de:29:ef:ea:7a:11:
1e:a4:eb:a6:d9:50:1f:81:c0:8c:de:da:c9:4a:96:47:ab:53:
84:cc:35:58:fa:1d:60:44:87:6b:81:eb:b1:95:a2:28:ab:7b:
db:a1:c0:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZsBvILCP69++2YfvExO9iUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUxMjA5MDYxMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTNhOWI4YjRhMTM3MmZlYzc3NjE5MzZjZGFkNThiYWUzNmFlYTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLpAC0is2Q2ncSaOy5PDtpeyQzaq
/+IPSvLCaVbYdrThvmOJE2K9qUIXIoDeJDzlIXO3zvFHsgrpE3XJ8vaJK8vk6mXD
JVWJzWHSFWEbSO85QBI5k83I68iU5MLjkoElQ/MQL7AzEa8LXriFvHQO2ga0Dvj4
QcWkGTduyiswSVNeJGMwCQa9rFNUslgz4j+4ywyUR/MSg2IvO9H0PEs0QwOjRCr3
xOaSewq8I4vZHtyLKcofwx9g7AabajzzXR5fzYsLBOfAoR6c9htWdIvt1sj/WC7S
GW4MeSrGImmJctTkTBK1us5dnGJArQKinFIIGY4k2cjyoM8p5pHbN1nH6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNk6m4tKE3L+x3YZNs2tWLrjauqeMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvMlRxYmkwb1RjdjdIZGhrMnphMVl1dU5xNnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg3ZQABw
MA0GCSqGSIb3DQEBCwUAA4IBAQDZjVVuuR00JiO0/5Oa5OcwSRrUEJcv6l+2+Owi
Au8S8eiJcGi70JgeRv6fHIiHYvcSyUw5y2ZSx9XCgBZSJbhKZP4kuro8ZbOQLz66
asD8biQ83jq9OtOhrlQXhtUg1H1gzM0K+/tfmjgk4+E2ZphpkWfcrrPb7Aiw5IYd
6W6OYPA/oLI5gySo9+OvArOl+z/2pdEQRwRxBEMi3lLTJF0pgJ3s3/asMGzSscj+
DOPFVpVmRYabScxnzAn0+mSncp12/8sl8BU0flaFPYTzfGWSW4beKe/qehEepOum
2VAfgcCM3trJSpZHq1OEzDVY+h1gRIdrgeuxlaIoq3vbocAn
-----END CERTIFICATE-----
Generated at Tue Mar 10 05:53:03 2026 by rpki-client