Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/bl2xOIYLM74bPFklMgHNqjDtV04.roa
File: bl2xOIYLM74bPFklMgHNqjDtV04.roa (raw, json)
Hash identifier: ZwaAPwaSHnS9MOGqSV2Sj74jqALU6hUZOjY2vN0ClHs=
Subject key identifier: 6E:5D:B1:38:86:0B:33:BE:1B:3C:59:25:32:01:CD:AA:30:ED:57:4E
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019E91DAB5772E33D57DB15D882D0831FB04
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/bl2xOIYLM74bPFklMgHNqjDtV04.roa
Signing time: Thu 04 Jun 2026 08:58:10 +0000
ROA not before: Thu 04 Jun 2026 08:58:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 91.226.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Jun 2026 10:15:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:91:da:b5:77:2e:33:d5:7d:b1:5d:88:2d:08:31:fb:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 4 08:58:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e5db138860b33be1b3c59253201cdaa30ed574e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3d:ec:e4:d9:a8:7a:01:3d:db:02:5a:0d:d7:
b0:a8:3c:09:42:39:07:71:0b:5f:44:1b:47:5e:59:
4e:c6:4a:04:3d:ca:5b:0b:36:0c:81:fa:fb:51:87:
30:5c:21:d0:dc:04:78:5d:78:fc:08:8f:36:8d:d6:
3c:20:76:e2:50:ee:e6:80:49:a3:2d:a6:e7:b1:90:
b2:ae:be:58:cb:45:74:a5:2e:d7:c0:1d:f7:8c:29:
e9:bb:74:87:e2:14:cb:ab:48:41:98:18:e9:80:13:
5e:e3:37:c6:5c:89:61:61:66:36:09:fe:0e:07:dd:
fe:d9:4e:2b:34:0f:73:21:54:2d:e5:c5:81:81:fd:
7f:39:88:7b:92:3c:77:6a:c9:f8:e1:af:9b:de:35:
2c:cc:88:08:3b:ed:ac:d1:28:1e:ec:ed:c2:d8:81:
ae:26:61:b3:e3:cc:3b:1c:81:52:3e:9c:ad:08:c7:
2b:9f:f2:4c:8b:47:66:78:e6:3b:7a:24:f1:f2:f0:
48:b6:cf:9a:a7:29:a7:2e:a2:cd:ca:30:30:91:e1:
48:9d:40:0d:8f:67:8b:f3:cf:49:bd:34:da:60:b9:
4a:17:d4:8e:73:53:83:c3:cc:12:b7:38:3c:9a:c4:
94:b9:4e:fc:71:aa:f7:c3:87:a4:00:a1:9a:12:ec:
b6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:5D:B1:38:86:0B:33:BE:1B:3C:59:25:32:01:CD:AA:30:ED:57:4E
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/bl2xOIYLM74bPFklMgHNqjDtV04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.56.0/24
Signature Algorithm: sha256WithRSAEncryption
08:96:8f:65:ce:17:2c:d3:b5:79:78:b9:e4:3d:1b:88:45:55:
de:7c:ba:c2:93:f0:5c:9e:19:bb:90:2b:b3:03:89:64:f3:fb:
5e:a7:56:63:1e:63:1f:44:9c:d1:ef:87:5a:d4:f7:3e:fe:f6:
06:e5:5d:33:06:54:c2:f9:78:fd:78:35:4a:0c:62:9a:f2:c3:
33:92:1d:b1:c5:60:95:f3:b8:0b:b1:fa:c5:f4:bb:74:9a:99:
29:67:26:6c:b1:05:dd:3e:c5:a0:bf:b0:2c:7c:71:3c:e7:63:
99:1e:aa:3f:56:72:1e:06:3b:69:dd:9f:dc:31:5f:4e:36:3a:
f0:aa:c1:e8:6c:bd:0a:1d:1c:cd:27:d7:37:81:13:78:b6:ff:
33:d0:2e:ab:48:86:a3:f6:64:85:cd:eb:3b:7e:9b:c3:e5:38:
5b:a0:56:5f:c7:7d:fa:f6:32:89:6b:12:47:1d:c2:81:e9:21:
20:bf:2f:97:1c:4a:17:b8:4d:a4:0f:02:c8:f5:19:4d:dd:ef:
c9:09:a6:39:dd:41:80:6a:da:f6:06:40:13:2c:6d:b4:d3:22:
48:33:14:1d:5c:0f:d8:d4:4e:10:65:71:4b:7d:3a:34:d7:c3:
52:79:5b:0e:9f:de:5e:bc:98:d4:7a:ae:c2:ce:ef:6e:04:56:
2b:22:e7:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6R2rV3LjPVfbFdiC0IMfsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjYwNjA0MDg1ODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTVkYjEzODg2MGIzM2JlMWIzYzU5MjUzMjAxY2RhYTMwZWQ1NzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtj3s5NmoegE92wJaDdewqDwJQjkH
cQtfRBtHXllOxkoEPcpbCzYMgfr7UYcwXCHQ3AR4XXj8CI82jdY8IHbiUO7mgEmj
LabnsZCyrr5Yy0V0pS7XwB33jCnpu3SH4hTLq0hBmBjpgBNe4zfGXIlhYWY2Cf4O
B93+2U4rNA9zIVQt5cWBgf1/OYh7kjx3asn44a+b3jUszIgIO+2s0Sge7O3C2IGu
JmGz48w7HIFSPpytCMcrn/JMi0dmeOY7eiTx8vBIts+apymnLqLNyjAwkeFInUAN
j2eL889JvTTaYLlKF9SOc1ODw8wStzg8msSUuU78car3w4ekAKGaEuy2awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5dsTiGCzO+GzxZJTIBzaow7VdOMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvYmwyeE9JWUxNNzRiUEZrbE1nSE5xakR0VjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+I4MA0G
CSqGSIb3DQEBCwUAA4IBAQAIlo9lzhcs07V5eLnkPRuIRVXefLrCk/Bcnhm7kCuz
A4lk8/tep1ZjHmMfRJzR74da1Pc+/vYG5V0zBlTC+Xj9eDVKDGKa8sMzkh2xxWCV
87gLsfrF9Lt0mpkpZyZssQXdPsWgv7AsfHE852OZHqo/VnIeBjtp3Z/cMV9ONjrw
qsHobL0KHRzNJ9c3gRN4tv8z0C6rSIaj9mSFzes7fpvD5ThboFZfx3369jKJaxJH
HcKB6SEgvy+XHEoXuE2kDwLI9RlN3e/JCaY53UGAatr2BkATLG200yJIMxQdXA/Y
1E4QZXFLfTo018NSeVsOn95evJjUeq7Czu9uBFYrIudE
-----END CERTIFICATE-----
Generated at Fri Jun 26 21:07:08 2026 by rpki-client