Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/yHoGz_C4wldG528epGNHto1gxQo.roa
File: yHoGz_C4wldG528epGNHto1gxQo.roa (raw, json)
Hash identifier: glJPMx//8zt+yG8He702w8iXfzLv6i3YIopNIKBNNJo=
Subject key identifier: C8:7A:06:CF:F0:B8:C2:57:46:E7:6F:1E:A4:63:47:B6:8D:60:C5:0A
Certificate issuer: /CN=4593b9ac0a486b0037765d605c8b1c8104046f0a
Certificate serial: 019E6A190CF46F32F682B251EE3FEE7DD2D0
Authority key identifier: 45:93:B9:AC:0A:48:6B:00:37:76:5D:60:5C:8B:1C:81:04:04:6F:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RZO5rApIawA3dl1gXIscgQQEbwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/yHoGz_C4wldG528epGNHto1gxQo.roa
Signing time: Wed 27 May 2026 15:41:27 +0000
ROA not before: Wed 27 May 2026 15:41:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205634
IP address blocks: 144.124.209.0/24 maxlen: 24
144.124.216.0/24 maxlen: 24
144.124.217.0/24 maxlen: 24
144.124.218.0/24 maxlen: 24
144.124.219.0/24 maxlen: 24
144.124.222.0/24 maxlen: 24
144.124.223.0/24 maxlen: 24
158.94.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jun 2026 19:46:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6a:19:0c:f4:6f:32:f6:82:b2:51:ee:3f:ee:7d:d2:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4593b9ac0a486b0037765d605c8b1c8104046f0a
Validity
Not Before: May 27 15:41:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c87a06cff0b8c25746e76f1ea46347b68d60c50a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ce:48:7d:a8:0a:1a:b7:71:47:26:0a:af:5a:
d1:89:5e:ea:b4:ef:15:5a:b6:cc:66:64:2b:cb:d4:
57:a0:fe:b9:29:5f:93:bb:7a:7d:17:72:e6:9d:03:
11:ca:1a:21:17:e4:ea:6f:be:99:49:27:09:db:4e:
37:d3:25:44:67:24:96:15:13:23:36:27:d7:35:63:
58:74:8c:fd:65:fa:1c:54:2a:4d:f3:fe:96:1a:42:
9b:ad:ab:fe:46:e7:cc:7b:be:34:05:f3:10:b9:e4:
5a:7c:a8:55:d9:62:57:24:f9:5a:a9:2c:c3:14:81:
62:33:f5:4c:af:d6:7d:a7:17:6d:a8:a4:9f:98:46:
9d:2e:94:47:69:2a:4c:11:c2:b2:01:3a:d5:86:35:
fd:27:f9:0c:b8:e2:43:da:f1:e7:af:b9:33:6d:a9:
1b:82:36:1e:94:06:4d:6c:44:71:b9:ab:a3:62:e7:
6a:b9:f9:c3:18:aa:2c:ce:6c:fe:e9:51:4d:bb:32:
c4:43:d5:60:0b:63:96:0a:63:ea:7e:4b:8e:50:d3:
0a:de:d7:9c:fe:2a:bd:f6:88:0c:ae:43:d9:60:9b:
c2:1a:7f:c4:6c:c1:6e:2e:b0:78:6d:5a:11:33:e0:
69:ca:19:08:2a:6e:e1:2b:54:cc:53:2e:26:9f:ce:
a3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7A:06:CF:F0:B8:C2:57:46:E7:6F:1E:A4:63:47:B6:8D:60:C5:0A
X509v3 Authority Key Identifier:
keyid:45:93:B9:AC:0A:48:6B:00:37:76:5D:60:5C:8B:1C:81:04:04:6F:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZO5rApIawA3dl1gXIscgQQEbwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/yHoGz_C4wldG528epGNHto1gxQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/RZO5rApIawA3dl1gXIscgQQEbwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.124.209.0/24
144.124.216.0/22
144.124.222.0/23
158.94.213.0/24
Signature Algorithm: sha256WithRSAEncryption
63:01:a3:57:f4:9b:0d:53:fd:26:35:71:91:da:7a:01:bd:01:
16:28:95:df:a1:02:8b:72:2f:0d:a6:78:29:dd:f1:8a:23:ed:
6c:bc:b5:51:b3:e3:8e:fd:e1:6f:fa:c3:aa:46:76:aa:64:ee:
44:3c:fb:0d:34:08:33:72:4b:67:26:3e:5b:99:69:ec:f4:8b:
4a:76:32:6e:06:66:c6:2f:ee:12:be:e3:f4:da:6d:7c:4f:8f:
06:e6:0c:a8:99:9e:39:35:7d:0a:d7:47:37:6f:62:bc:2e:77:
50:9c:a0:7d:32:39:76:d3:a6:94:1f:73:61:9c:73:d9:52:c7:
86:28:fd:fb:a0:4c:b2:da:46:24:3c:e7:48:6d:47:3e:c1:09:
ba:ec:7a:71:1f:4a:39:9e:f5:9b:a8:77:09:6e:e2:ac:56:06:
63:ab:ae:34:67:2c:45:61:5e:ee:79:10:d4:b1:4c:b3:0d:20:
b8:94:7e:d5:7d:0e:07:af:16:3c:f6:39:0a:46:5b:8c:2f:7c:
5c:bc:9c:ff:66:9d:3f:23:5a:27:95:d7:23:98:ff:83:4e:bc:
55:19:d5:68:41:b0:e7:81:f5:56:c6:98:ac:6d:bf:5e:95:ea:
16:2f:c7:dd:71:9f:70:31:2e:a4:89:f8:bc:8b:11:bd:97:48:
5f:2a:ab:d4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ5qGQz0bzL2grJR7j/ufdLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OTNiOWFjMGE0ODZiMDAzNzc2NWQ2MDVjOGIxYzgxMDQw
NDZmMGEwHhcNMjYwNTI3MTU0MTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODdhMDZjZmYwYjhjMjU3NDZlNzZmMWVhNDYzNDdiNjhkNjBjNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2s5IfagKGrdxRyYKr1rRiV7qtO8V
WrbMZmQry9RXoP65KV+Tu3p9F3LmnQMRyhohF+Tqb76ZSScJ20430yVEZySWFRMj
NifXNWNYdIz9ZfocVCpN8/6WGkKbrav+RufMe740BfMQueRafKhV2WJXJPlaqSzD
FIFiM/VMr9Z9pxdtqKSfmEadLpRHaSpMEcKyATrVhjX9J/kMuOJD2vHnr7kzbakb
gjYelAZNbERxuaujYudqufnDGKoszmz+6VFNuzLEQ9VgC2OWCmPqfkuOUNMK3tec
/iq99ogMrkPZYJvCGn/EbMFuLrB4bVoRM+BpyhkIKm7hK1TMUy4mn86jjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMh6Bs/wuMJXRudvHqRjR7aNYMUKMB8GA1UdIwQY
MBaAFEWTuawKSGsAN3ZdYFyLHIEEBG8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlpPNXJBcElhd0EzZGwxZ1hJc2NnUVFFYndvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWIwZDItMTZiYS00ZDcxLWEyMTgt
NDNlNmJmZjlhMjVlLzEveUhvR3pfQzR3bGRHNTI4ZXBHTkh0bzFneFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWIwZDItMTZiYS00ZDcxLWEyMTgtNDNlNmJmZjlhMjVl
LzEvUlpPNXJBcElhd0EzZGwxZ1hJc2NnUVFFYndvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkHzRAwQC
kHzYAwQBkHzeAwQAnl7VMA0GCSqGSIb3DQEBCwUAA4IBAQBjAaNX9JsNU/0mNXGR
2noBvQEWKJXfoQKLci8Npngp3fGKI+1svLVRs+OO/eFv+sOqRnaqZO5EPPsNNAgz
cktnJj5bmWns9ItKdjJuBmbGL+4SvuP02m18T48G5gyomZ45NX0K10c3b2K8LndQ
nKB9Mjl206aUH3NhnHPZUseGKP37oEyy2kYkPOdIbUc+wQm67HpxH0o5nvWbqHcJ
buKsVgZjq640ZyxFYV7ueRDUsUyzDSC4lH7VfQ4HrxY89jkKRluML3xcvJz/Zp0/
I1onldcjmP+DTrxVGdVoQbDngfVWxpisbb9eleoWL8fdcZ9wMS6kifi8ixG9l0hf
KqvU
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:53:46 2026 by rpki-client