Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5KtHvbF4fQ1pE48M8K92bWETPRs.roa
File: 5KtHvbF4fQ1pE48M8K92bWETPRs.roa (raw, json)
Hash identifier: 7l9ChlPczeGMbZGxqufs6UnZ4cZQqJ8uSDPiJYaG2Yg=
Subject key identifier: E4:AB:47:BD:B1:78:7D:0D:69:13:8F:0C:F0:AF:76:6D:61:13:3D:1B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019C23700D3195A17972AE77EBAFEBB950A4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5KtHvbF4fQ1pE48M8K92bWETPRs.roa
Signing time: Tue 03 Feb 2026 12:17:51 +0000
ROA not before: Tue 03 Feb 2026 12:17:51 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 82.197.200.0/23 maxlen: 24
84.245.26.0/23 maxlen: 24
87.101.0.0/24 maxlen: 24
87.101.1.0/24 maxlen: 24
87.101.2.0/24 maxlen: 24
87.101.3.0/24 maxlen: 24
87.101.4.0/24 maxlen: 24
87.101.5.0/24 maxlen: 24
87.101.6.0/24 maxlen: 24
87.101.7.0/24 maxlen: 24
185.227.72.0/24 maxlen: 24
185.227.73.0/24 maxlen: 24
185.227.74.0/24 maxlen: 24
185.227.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Feb 2026 10:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:23:70:0d:31:95:a1:79:72:ae:77:eb:af:eb:b9:50:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 3 12:17:51 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e4ab47bdb1787d0d69138f0cf0af766d61133d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d7:d9:b8:b9:08:ea:c0:36:35:b9:5c:00:54:
47:52:8f:e7:2b:99:31:b3:00:09:da:d5:53:23:6f:
42:4c:56:dc:d8:f1:f8:d1:87:ce:44:c4:ad:5b:f2:
61:5d:56:25:10:27:27:93:a9:10:bd:d7:fa:59:b3:
f2:a5:fc:ca:15:3a:06:16:61:15:4b:25:3d:05:a7:
d0:21:73:47:52:8c:9c:9f:51:15:e7:14:d3:e9:5a:
35:9a:a8:9e:a1:46:d3:84:05:ed:1c:47:db:38:7f:
28:1f:ef:ee:8f:3f:68:07:cf:e9:22:0a:41:42:d2:
6c:59:bf:11:0d:e4:cf:84:25:b9:cc:a1:09:ba:51:
17:0a:5d:f5:f0:0a:88:fb:20:25:52:95:67:37:0f:
de:d1:88:39:f7:24:59:f7:5d:af:55:31:4d:a1:f7:
e2:79:0e:7a:ce:9d:80:df:37:3b:5f:79:cd:7a:47:
26:fb:31:d4:f5:ee:c5:9f:c8:93:c0:be:9f:36:8a:
2c:2f:8b:3a:bf:fb:b5:82:90:e8:19:1f:07:fd:c2:
c2:da:82:2d:fd:c4:56:fe:d4:ed:a2:e3:39:3b:18:
bd:f2:49:62:2d:63:46:9b:fd:50:be:4d:64:d9:17:
d5:60:ed:ef:1b:bd:ac:03:45:e3:0b:17:4e:2e:af:
31:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AB:47:BD:B1:78:7D:0D:69:13:8F:0C:F0:AF:76:6D:61:13:3D:1B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5KtHvbF4fQ1pE48M8K92bWETPRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.197.200.0/23
84.245.26.0/23
87.101.0.0/21
185.227.72.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:17:03:23:b3:3c:09:fe:54:ee:20:99:33:69:1e:1a:36:79:
82:e4:a1:77:58:06:54:b0:be:80:29:93:b4:d3:65:eb:e9:dc:
8e:49:96:bd:fd:39:cf:13:1b:00:2e:e4:aa:d0:70:06:0c:94:
32:be:ef:c5:dc:cd:2d:e5:82:e4:4f:38:99:f2:f0:a3:fb:a0:
2f:7a:c2:75:25:b6:fc:71:88:ac:f5:cb:27:4b:34:87:9a:f7:
89:35:f8:58:4d:55:16:40:64:a2:58:bb:8a:00:23:0f:8d:db:
ce:d8:3d:c8:ca:e9:3f:6d:06:0d:c6:3f:28:4c:49:45:cf:17:
8d:b0:26:96:c0:c4:1a:c1:c7:6d:57:37:a3:af:99:4c:87:15:
ee:b8:47:bf:5c:24:1f:25:8c:2b:16:81:63:7e:9b:dc:ef:fd:
29:d0:a5:8a:4f:6a:f4:27:47:60:05:ce:15:47:49:9f:ea:ce:
a2:73:f5:34:2e:97:6d:17:da:d0:fc:a6:bb:be:e6:89:60:a6:
76:34:b8:8c:e0:c4:bd:7a:70:cf:79:dd:83:1a:cc:47:b1:c3:
46:25:88:47:24:69:e3:54:ac:c3:78:35:6f:3f:c7:0b:f2:03:
cc:aa:4d:e8:9d:32:40:00:44:f0:3b:fc:73:b8:6e:4c:b2:35:
aa:68:d3:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZwjcA0xlaF5cq5366/ruVCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjYwMjAzMTIxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGFiNDdiZGIxNzg3ZDBkNjkxMzhmMGNmMGFmNzY2ZDYxMTMzZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdfZuLkI6sA2NblcAFRHUo/nK5kx
swAJ2tVTI29CTFbc2PH40YfORMStW/JhXVYlECcnk6kQvdf6WbPypfzKFToGFmEV
SyU9BafQIXNHUoycn1EV5xTT6Vo1mqieoUbThAXtHEfbOH8oH+/ujz9oB8/pIgpB
QtJsWb8RDeTPhCW5zKEJulEXCl318AqI+yAlUpVnNw/e0Yg59yRZ912vVTFNoffi
eQ56zp2A3zc7X3nNekcm+zHU9e7Fn8iTwL6fNoosL4s6v/u1gpDoGR8H/cLC2oIt
/cRW/tTtouM5Oxi98kliLWNGm/1Qvk1k2RfVYO3vG72sA0XjCxdOLq8x8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOSrR72xeH0NaROPDPCvdm1hEz0bMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNUt0SHZiRjRmUTFwRTQ4TThLOTJiV0VUUFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUsXIAwQB
VPUaAwQDV2UAAwQCueNIMA0GCSqGSIb3DQEBCwUAA4IBAQBrFwMjszwJ/lTuIJkz
aR4aNnmC5KF3WAZUsL6AKZO002Xr6dyOSZa9/TnPExsALuSq0HAGDJQyvu/F3M0t
5YLkTziZ8vCj+6AvesJ1Jbb8cYis9csnSzSHmveJNfhYTVUWQGSiWLuKACMPjdvO
2D3Iyuk/bQYNxj8oTElFzxeNsCaWwMQawcdtVzejr5lMhxXuuEe/XCQfJYwrFoFj
fpvc7/0p0KWKT2r0J0dgBc4VR0mf6s6ic/U0LpdtF9rQ/Ka7vuaJYKZ2NLiM4MS9
enDPed2DGsxHscNGJYhHJGnjVKzDeDVvP8cL8gPMqk3onTJAAETwO/xzuG5MsjWq
aNOW
-----END CERTIFICATE-----
Generated at Wed Mar 18 08:06:53 2026 by rpki-client