Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Q1XhbS2j0M4eZHMlUm-XzwE3HxE.roa
File: Q1XhbS2j0M4eZHMlUm-XzwE3HxE.roa (raw, json)
Hash identifier: 0dbXA3/FyFpQ7QZoAPIu6lC9RpHEKCwBmxUlfbQYKLw=
Subject key identifier: 43:55:E1:6D:2D:A3:D0:CE:1E:64:73:25:52:6F:97:CF:01:37:1F:11
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C29E5D4030E201A8A88162857DE6A3FD4
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Q1XhbS2j0M4eZHMlUm-XzwE3HxE.roa
Signing time: Wed 04 Feb 2026 18:24:13 +0000
ROA not before: Wed 04 Feb 2026 18:24:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216127
IP address blocks: 77.239.96.0/22 maxlen: 24
144.31.96.0/22 maxlen: 24
144.31.154.0/23 maxlen: 24
144.31.180.0/22 maxlen: 24
144.31.200.0/23 maxlen: 24
144.31.204.0/23 maxlen: 24
144.31.250.0/23 maxlen: 24
150.241.90.0/23 maxlen: 24
185.184.120.0/24 maxlen: 24
185.184.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Feb 2026 17:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:29:e5:d4:03:0e:20:1a:8a:88:16:28:57:de:6a:3f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 4 18:24:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4355e16d2da3d0ce1e647325526f97cf01371f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:32:db:80:44:ad:60:ce:61:0c:47:2c:ba:4f:
fd:00:89:45:e7:1c:9f:ca:bb:47:a7:3f:56:33:03:
48:3a:b8:15:32:51:3a:05:91:6d:c6:69:a3:7d:31:
d4:de:6e:77:e5:81:53:04:81:60:7d:28:2d:7d:59:
21:9d:d4:52:7b:a2:6b:c4:fa:ef:71:c0:b3:04:1f:
83:03:78:d0:4f:0a:17:5e:1f:63:d7:f4:a2:64:3f:
cb:2c:56:c0:df:5c:c5:a6:a4:58:0b:92:46:1c:77:
3b:46:98:85:05:4c:fb:31:28:ff:da:e4:37:18:dd:
2d:01:5a:fc:47:0d:7c:b7:c4:4a:91:8d:5c:b6:9f:
98:5f:16:36:5e:67:47:97:c1:57:38:aa:b7:dc:e3:
6d:ae:4d:6a:10:96:88:03:11:44:83:a1:a0:23:2e:
87:4c:d5:dc:4a:f6:20:ef:04:e5:bf:03:15:bb:6f:
48:5c:3b:48:5a:ad:76:b9:fe:d3:80:3a:ef:45:19:
c3:25:1a:0d:8e:82:33:0e:85:34:fe:5a:10:91:ba:
0d:29:80:c6:ce:7c:3b:e3:e8:4a:36:c6:c3:7e:50:
b4:94:e8:f4:33:17:23:f2:5a:70:51:18:b7:e3:65:
f8:17:7f:33:a2:e8:01:87:91:47:16:de:13:d9:2c:
25:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:55:E1:6D:2D:A3:D0:CE:1E:64:73:25:52:6F:97:CF:01:37:1F:11
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Q1XhbS2j0M4eZHMlUm-XzwE3HxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.239.96.0/22
144.31.96.0/22
144.31.154.0/23
144.31.180.0/22
144.31.200.0/23
144.31.204.0/23
144.31.250.0/23
150.241.90.0/23
185.184.120.0/23
Signature Algorithm: sha256WithRSAEncryption
78:98:0a:e1:ed:42:fd:54:0b:58:f9:b4:5b:e9:92:e0:fe:a9:
f8:92:a9:e6:38:ff:0b:d7:6f:50:d6:74:38:af:70:5e:93:c5:
57:97:cb:31:ec:58:df:cf:8b:6d:cf:e9:d7:d3:00:d2:b1:fd:
16:79:2c:42:cc:88:f3:39:bf:8e:87:73:5c:a5:04:24:d2:18:
85:55:45:16:a3:36:c9:12:df:42:cb:cf:de:53:95:33:a9:8b:
ba:d6:97:92:b4:27:3c:a4:ce:1d:f1:48:51:10:af:e5:38:7f:
44:9b:e8:ff:6b:42:ac:b0:5c:45:40:ce:ae:77:b9:02:69:6e:
9f:1b:86:07:9b:63:ea:0d:ef:8b:2f:e2:27:0a:ff:70:7b:c2:
b4:24:e7:0d:db:eb:12:3d:63:2f:9d:5b:2d:88:e9:06:f4:0f:
13:b4:c2:e2:e6:45:d8:c6:c2:8c:e9:86:d9:e5:39:03:30:19:
15:09:aa:78:40:62:ea:00:db:7a:57:75:6e:c8:58:1c:20:13:
40:ce:32:bc:0b:73:77:b4:cd:13:71:92:8d:7a:f7:dd:d4:a5:
7c:4f:c4:87:f1:5c:1b:e9:08:fb:60:4e:ef:bc:a6:8d:1b:f8:
3a:a0:43:1d:bf:74:40:ac:b3:96:b1:cb:2c:cd:4b:78:be:db:
c4:28:ae:5c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZwp5dQDDiAaiogWKFfeaj/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjA0MTgyNDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzU1ZTE2ZDJkYTNkMGNlMWU2NDczMjU1MjZmOTdjZjAxMzcxZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzLbgEStYM5hDEcsuk/9AIlF5xyf
yrtHpz9WMwNIOrgVMlE6BZFtxmmjfTHU3m535YFTBIFgfSgtfVkhndRSe6JrxPrv
ccCzBB+DA3jQTwoXXh9j1/SiZD/LLFbA31zFpqRYC5JGHHc7RpiFBUz7MSj/2uQ3
GN0tAVr8Rw18t8RKkY1ctp+YXxY2XmdHl8FXOKq33ONtrk1qEJaIAxFEg6GgIy6H
TNXcSvYg7wTlvwMVu29IXDtIWq12uf7TgDrvRRnDJRoNjoIzDoU0/loQkboNKYDG
znw74+hKNsbDflC0lOj0Mxcj8lpwURi342X4F38zougBh5FHFt4T2SwlTwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFENV4W0to9DOHmRzJVJvl88BNx8RMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvUTFYaGJTMmowTTRlWkhNbFVtLVh6d0UzSHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCTe9gAwQC
kB9gAwQBkB+aAwQCkB+0AwQBkB/IAwQBkB/MAwQBkB/6AwQBlvFaAwQBubh4MA0G
CSqGSIb3DQEBCwUAA4IBAQB4mArh7UL9VAtY+bRb6ZLg/qn4kqnmOP8L129Q1nQ4
r3Bek8VXl8sx7Fjfz4ttz+nX0wDSsf0WeSxCzIjzOb+Oh3NcpQQk0hiFVUUWozbJ
Et9Cy8/eU5UzqYu61peStCc8pM4d8UhREK/lOH9Em+j/a0KssFxFQM6ud7kCaW6f
G4YHm2PqDe+LL+InCv9we8K0JOcN2+sSPWMvnVstiOkG9A8TtMLi5kXYxsKM6YbZ
5TkDMBkVCap4QGLqANt6V3VuyFgcIBNAzjK8C3N3tM0TcZKNevfd1KV8T8SH8Vwb
6Qj7YE7vvKaNG/g6oEMdv3RArLOWscsszUt4vtvEKK5c
-----END CERTIFICATE-----
Generated at Wed Mar 18 18:54:36 2026 by rpki-client