Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/A9hOoQltdbF-NOwf6RIygVr73MY.roa
File: A9hOoQltdbF-NOwf6RIygVr73MY.roa (raw, json)
Hash identifier: AOee+WJpya+ftvb2fsb7SiA+h27DW9QDrSMafF1bNnY=
Subject key identifier: 03:D8:4E:A1:09:6D:75:B1:7E:34:EC:1F:E9:12:32:81:5A:FB:DC:C6
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019B04AD119F35F4FB405ECF4FA135180649
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/A9hOoQltdbF-NOwf6RIygVr73MY.roa
Signing time: Tue 09 Dec 2025 19:53:29 +0000
ROA not before: Tue 09 Dec 2025 19:53:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 77.239.100.0/22 maxlen: 24
77.239.112.0/22 maxlen: 24
144.31.8.0/23 maxlen: 24
144.31.11.0/24 maxlen: 24
144.31.13.0/24 maxlen: 24
144.31.15.0/24 maxlen: 24
144.31.28.0/24 maxlen: 24
144.31.29.0/24 maxlen: 24
144.31.32.0/19 maxlen: 19
144.31.91.0/24 maxlen: 24
144.31.96.0/22 maxlen: 24
144.31.100.0/22 maxlen: 24
144.31.109.0/24 maxlen: 24
144.31.110.0/24 maxlen: 24
144.31.111.0/24 maxlen: 24
144.31.112.0/22 maxlen: 24
144.31.128.0/21 maxlen: 24
144.31.140.0/23 maxlen: 24
144.31.142.0/23 maxlen: 24
144.31.144.0/20 maxlen: 24
144.31.160.0/22 maxlen: 24
144.31.248.0/21 maxlen: 24
150.241.64.0/24 maxlen: 24
150.241.65.0/24 maxlen: 24
150.241.66.0/24 maxlen: 24
150.241.80.0/23 maxlen: 24
193.23.192.0/24 maxlen: 24
193.23.198.0/24 maxlen: 24
193.23.204.0/22 maxlen: 22
193.23.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Dec 2025 17:20:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:04:ad:11:9f:35:f4:fb:40:5e:cf:4f:a1:35:18:06:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Dec 9 19:53:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03d84ea1096d75b17e34ec1fe91232815afbdcc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d8:f2:59:ba:ad:4f:90:b3:25:e5:f6:be:33:
5c:0c:eb:de:80:90:6d:79:df:58:9a:5c:62:96:ef:
f0:c3:18:97:f4:81:9a:0b:25:97:57:44:d8:59:93:
ce:af:34:8f:62:9e:35:72:a2:64:8c:62:57:67:46:
38:4d:c5:2c:be:83:84:e0:ed:a7:42:27:50:f5:c3:
48:57:35:5d:ed:33:a3:c9:51:48:1d:76:9e:8a:4e:
0d:c2:e8:54:ba:21:81:1f:a0:cf:07:68:9d:4d:98:
33:91:e7:1e:30:63:68:07:97:0a:48:9e:63:fd:75:
22:5d:1c:3a:5f:1a:1b:ee:da:3f:a1:00:a7:a5:c6:
82:a4:17:c7:b7:05:bd:fd:dd:1b:aa:bd:46:76:b0:
ad:c9:1b:42:81:52:43:0b:ff:3a:c7:66:6e:f2:63:
5e:dd:27:a0:36:8d:74:98:57:cf:2a:7e:1b:84:dc:
32:05:2d:b8:33:e7:5a:21:8a:99:11:41:1c:e5:a6:
ba:cc:8b:6f:a2:15:7e:2f:85:9c:ec:f9:b6:67:36:
40:c0:38:b4:d1:e5:3f:f3:6c:85:f8:cf:8d:f7:3b:
d5:d2:a2:f5:bf:78:b1:36:9a:90:83:11:b9:e8:0f:
36:53:d9:2e:c3:18:6f:6a:49:a3:22:cb:c4:12:6c:
3f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D8:4E:A1:09:6D:75:B1:7E:34:EC:1F:E9:12:32:81:5A:FB:DC:C6
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/A9hOoQltdbF-NOwf6RIygVr73MY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.239.100.0/22
77.239.112.0/22
144.31.8.0/23
144.31.11.0/24
144.31.13.0/24
144.31.15.0/24
144.31.28.0/23
144.31.32.0/19
144.31.91.0/24
144.31.96.0/21
144.31.109.0-144.31.115.255
144.31.128.0/21
144.31.140.0-144.31.163.255
144.31.248.0/21
150.241.64.0-150.241.66.255
150.241.80.0/23
193.23.192.0/24
193.23.198.0/24
193.23.204.0/22
193.23.212.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:54:9b:b4:34:a9:41:b6:72:74:46:c1:f9:1b:87:0f:c5:51:
d0:06:95:d5:8b:12:3d:66:92:e3:91:7d:d6:76:63:50:53:a9:
26:88:d7:c7:26:45:0f:b5:f0:51:8e:fc:5c:1f:bd:e7:e8:e8:
38:a0:8d:32:2a:1c:17:ba:8b:6e:1c:d8:6e:59:9d:f2:33:c5:
ce:57:21:25:d2:76:31:f9:d0:e7:56:6c:bd:08:cb:11:f3:4e:
0f:aa:d5:b7:db:1a:ac:3b:2a:83:39:86:e1:08:29:b2:48:de:
95:33:6a:7f:03:52:d2:60:b4:03:a8:d2:10:46:f2:78:b3:ae:
35:11:92:4d:04:2f:6d:be:0c:92:ad:3f:8b:81:88:dc:bf:31:
b2:28:ac:7c:3f:c9:50:a1:14:91:5a:19:a0:5f:a7:b2:5e:fc:
b1:e7:e6:34:61:9f:58:00:d7:b2:50:06:e1:eb:08:94:64:79:
23:fe:de:ef:78:47:38:db:38:9c:d1:b8:0f:63:ca:c3:d5:09:
a4:eb:f8:a0:f8:1c:cd:a8:3e:ec:30:4e:09:8d:8b:55:84:20:
28:05:9e:ca:94:f5:19:6e:01:e4:84:49:d7:1c:2c:49:2a:00:
27:1c:06:f7:c5:4d:43:50:c0:42:98:66:33:d9:34:32:22:9d:
9a:b4:69:a2
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZsErRGfNfT7QF7PT6E1GAZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUxMjA5MTk1MzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Q4NGVhMTA5NmQ3NWIxN2UzNGVjMWZlOTEyMzI4MTVhZmJkY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudjyWbqtT5CzJeX2vjNcDOvegJBt
ed9Ymlxilu/wwxiX9IGaCyWXV0TYWZPOrzSPYp41cqJkjGJXZ0Y4TcUsvoOE4O2n
QidQ9cNIVzVd7TOjyVFIHXaeik4NwuhUuiGBH6DPB2idTZgzkeceMGNoB5cKSJ5j
/XUiXRw6Xxob7to/oQCnpcaCpBfHtwW9/d0bqr1GdrCtyRtCgVJDC/86x2Zu8mNe
3SegNo10mFfPKn4bhNwyBS24M+daIYqZEUEc5aa6zItvohV+L4Wc7Pm2ZzZAwDi0
0eU/82yF+M+N9zvV0qL1v3ixNpqQgxG56A82U9kuwxhvakmjIsvEEmw/FwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFAPYTqEJbXWxfjTsH+kSMoFa+9zGMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvQTloT29RbHRkYkYtTk93ZjZSSXlnVnI3M01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAJN
72QDBAJN73ADBAGQHwgDBACQHwsDBACQHw0DBACQHw8DBAGQHxwDBAWQHyADBACQ
H1sDBAOQH2AwDAMEAJAfbQMEApAfcAMEA5AfgDAMAwQCkB+MAwQCkB+gAwQDkB/4
MAwDBAaW8UADBACW8UIDBAGW8VADBADBF8ADBADBF8YDBALBF8wDBALBF9QwDQYJ
KoZIhvcNAQELBQADggEBAA9Um7Q0qUG2cnRGwfkbhw/FUdAGldWLEj1mkuORfdZ2
Y1BTqSaI18cmRQ+18FGO/Fwfvefo6DigjTIqHBe6i24c2G5ZnfIzxc5XISXSdjH5
0OdWbL0IyxHzTg+q1bfbGqw7KoM5huEIKbJI3pUzan8DUtJgtAOo0hBG8nizrjUR
kk0EL22+DJKtP4uBiNy/MbIorHw/yVChFJFaGaBfp7Je/LHn5jRhn1gA17JQBuHr
CJRkeSP+3u94RzjbOJzRuA9jysPVCaTr+KD4HM2oPuwwTgmNi1WEICgFnsqU9Rlu
AeSESdccLEkqACccBvfFTUNQwEKYZjPZNDIinZq0aaI=
-----END CERTIFICATE-----
Generated at Tue Mar 17 10:25:01 2026 by rpki-client