Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/e344bc-168b-4f6e-a05c-c8798e88527a/1/GabqIJy5JlK0EDATcw6IHX-jDWI.roa
File: GabqIJy5JlK0EDATcw6IHX-jDWI.roa (raw, json)
Hash identifier: 4mZyfqMDFu/CTt69BCgq0EmZfdnmHdRmWlxoep+yh3Y=
Subject key identifier: 19:A6:EA:20:9C:B9:26:52:B4:10:30:13:73:0E:88:1D:7F:A3:0D:62
Certificate issuer: /CN=bdf9884aaa8bc4530a6fdad7926bffb69a7a5003
Certificate serial: 019BC2BC9BDAD8044F36FF75267C440A9650
Authority key identifier: BD:F9:88:4A:AA:8B:C4:53:0A:6F:DA:D7:92:6B:FF:B6:9A:7A:50:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfmISqqLxFMKb9rXkmv_tpp6UAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/e344bc-168b-4f6e-a05c-c8798e88527a/1/GabqIJy5JlK0EDATcw6IHX-jDWI.roa
Signing time: Thu 15 Jan 2026 17:38:19 +0000
ROA not before: Thu 15 Jan 2026 17:38:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209851
IP address blocks: 91.201.216.0/22 maxlen: 22
91.201.216.0/24 maxlen: 24
91.201.217.0/24 maxlen: 24
91.201.218.0/24 maxlen: 24
91.201.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jan 2026 07:28:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:c2:bc:9b:da:d8:04:4f:36:ff:75:26:7c:44:0a:96:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdf9884aaa8bc4530a6fdad7926bffb69a7a5003
Validity
Not Before: Jan 15 17:38:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=19a6ea209cb92652b4103013730e881d7fa30d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8c:2e:89:c7:ee:24:34:c6:d3:9a:d9:42:df:
42:9b:6b:68:05:09:e0:b7:c3:4d:60:30:80:3d:34:
65:bc:79:4c:fe:26:c9:de:f9:1b:87:d7:4b:52:d5:
27:4e:1d:78:a4:8a:d8:40:31:06:55:b0:4d:62:98:
09:e0:31:a5:7c:51:b2:a4:3f:14:a4:8b:9c:1a:97:
08:4c:a0:d9:99:60:e5:eb:94:09:01:04:89:a9:52:
f0:a7:2c:3c:73:55:cb:dc:c4:fa:54:53:b9:82:0c:
b9:e8:7b:66:65:71:50:69:2c:22:60:9c:97:66:62:
dc:9c:55:31:69:df:b4:47:30:01:58:5f:d8:c0:8d:
42:7e:ec:eb:0c:66:b6:20:f5:03:36:f8:e7:54:1d:
bf:76:7d:11:c3:9b:54:2a:21:e4:14:e3:cb:38:cf:
f5:56:5d:4c:13:5d:6f:d4:a6:b5:09:63:89:a3:9f:
07:01:4e:cd:c3:6f:60:da:5e:e0:4e:c5:98:df:36:
30:74:4c:25:1c:bd:f6:77:ad:b9:31:44:17:be:82:
51:23:bd:9f:e2:80:9e:ef:c5:7a:1e:96:ef:7d:5c:
51:9a:03:61:55:3a:3a:a3:39:a4:48:f5:fc:65:e6:
78:5f:b7:07:31:ba:e6:d2:91:80:be:79:36:1c:fa:
0a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A6:EA:20:9C:B9:26:52:B4:10:30:13:73:0E:88:1D:7F:A3:0D:62
X509v3 Authority Key Identifier:
keyid:BD:F9:88:4A:AA:8B:C4:53:0A:6F:DA:D7:92:6B:FF:B6:9A:7A:50:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfmISqqLxFMKb9rXkmv_tpp6UAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/e344bc-168b-4f6e-a05c-c8798e88527a/1/GabqIJy5JlK0EDATcw6IHX-jDWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/e344bc-168b-4f6e-a05c-c8798e88527a/1/vfmISqqLxFMKb9rXkmv_tpp6UAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.216.0/22
Signature Algorithm: sha256WithRSAEncryption
71:74:db:50:db:39:e2:24:a0:47:c0:c5:0a:6d:67:67:be:d2:
fa:35:0f:61:fa:f1:19:56:1b:24:0e:d9:8e:3e:fc:d0:07:2f:
1c:69:80:1c:09:c1:a3:32:39:ff:be:70:a6:1c:ef:2a:86:4b:
fd:56:98:44:10:33:df:a5:79:43:13:9b:27:77:5e:be:66:a7:
13:c9:d1:a0:9b:1b:78:93:30:bd:35:d8:39:4f:ad:9a:c8:e2:
4f:3f:52:eb:9d:d8:8d:b7:88:14:de:3c:63:08:9d:e3:05:aa:
69:0b:30:ed:c5:b7:c4:db:a2:7d:f3:26:26:1e:61:82:b4:56:
ac:98:e3:46:2e:ec:04:ef:43:a2:6c:73:41:10:df:64:ef:07:
14:b0:2f:bb:4c:3f:fc:ab:45:e8:da:31:e3:3c:ee:af:48:53:
4f:f3:9e:c8:d4:d4:d3:48:18:86:44:f2:1c:0d:d0:36:c8:88:
9a:75:91:93:f9:84:51:e3:82:bd:e7:fe:98:1c:ee:48:4d:09:
f5:c9:84:7a:f0:54:29:ad:e5:19:d5:35:8c:90:09:2f:ac:1a:
a4:0a:06:9d:04:4d:1a:6b:94:dd:82:e2:fa:d8:9e:ef:93:75:
44:70:3b:56:50:c6:60:ff:06:8d:a1:39:32:4c:a8:f9:04:44:
0a:fa:13:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZvCvJva2ARPNv91JnxECpZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZjk4ODRhYWE4YmM0NTMwYTZmZGFkNzkyNmJmZmI2OWE3
YTUwMDMwHhcNMjYwMTE1MTczODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE2ZWEyMDljYjkyNjUyYjQxMDMwMTM3MzBlODgxZDdmYTMwZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YwuicfuJDTG05rZQt9Cm2toBQng
t8NNYDCAPTRlvHlM/ibJ3vkbh9dLUtUnTh14pIrYQDEGVbBNYpgJ4DGlfFGypD8U
pIucGpcITKDZmWDl65QJAQSJqVLwpyw8c1XL3MT6VFO5ggy56HtmZXFQaSwiYJyX
ZmLcnFUxad+0RzABWF/YwI1CfuzrDGa2IPUDNvjnVB2/dn0Rw5tUKiHkFOPLOM/1
Vl1ME11v1Ka1CWOJo58HAU7Nw29g2l7gTsWY3zYwdEwlHL32d625MUQXvoJRI72f
4oCe78V6HpbvfVxRmgNhVTo6ozmkSPX8ZeZ4X7cHMbrm0pGAvnk2HPoKKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBmm6iCcuSZStBAwE3MOiB1/ow1iMB8GA1UdIwQY
MBaAFL35iEqqi8RTCm/a15Jr/7aaelADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZtSVNxcUx4Rk1LYjlyWGttdl90cHA2VUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9lMzQ0YmMtMTY4Yi00ZjZlLWEwNWMt
Yzg3OThlODg1MjdhLzEvR2FicUlKeTVKbEswRURBVGN3NklIWC1qRFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9lMzQ0YmMtMTY4Yi00ZjZlLWEwNWMtYzg3OThlODg1Mjdh
LzEvdmZtSVNxcUx4Rk1LYjlyWGttdl90cHA2VUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8nYMA0G
CSqGSIb3DQEBCwUAA4IBAQBxdNtQ2zniJKBHwMUKbWdnvtL6NQ9h+vEZVhskDtmO
PvzQBy8caYAcCcGjMjn/vnCmHO8qhkv9VphEEDPfpXlDE5snd16+ZqcTydGgmxt4
kzC9Ndg5T62ayOJPP1LrndiNt4gU3jxjCJ3jBappCzDtxbfE26J98yYmHmGCtFas
mONGLuwE70OibHNBEN9k7wcUsC+7TD/8q0Xo2jHjPO6vSFNP857I1NTTSBiGRPIc
DdA2yIiadZGT+YRR44K95/6YHO5ITQn1yYR68FQpreUZ1TWMkAkvrBqkCgadBE0a
a5TdguL62J7vk3VEcDtWUMZg/waNoTkyTKj5BEQK+hNE
-----END CERTIFICATE-----
Generated at Wed Mar 11 09:36:46 2026 by rpki-client