Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/rwgPMtykbLfsrWkc0HlgV7osLf4.roa
File: rwgPMtykbLfsrWkc0HlgV7osLf4.roa (raw, json)
Hash identifier: mHffCXCabbo01NpYdN76vQVvSp+cHg29JEhgmrKuMe4=
Subject key identifier: AF:08:0F:32:DC:A4:6C:B7:EC:AD:69:1C:D0:79:60:57:BA:2C:2D:FE
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C2AD2F1A2D1D1268E16741CDA8FF59BB3
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/rwgPMtykbLfsrWkc0HlgV7osLf4.roa
Signing time: Wed 04 Feb 2026 22:43:13 +0000
ROA not before: Wed 04 Feb 2026 22:43:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213877
IP address blocks: 64.188.73.0/24 maxlen: 24
64.188.75.0/24 maxlen: 24
64.188.92.0/22 maxlen: 24
64.188.96.0/24 maxlen: 24
64.188.97.0/24 maxlen: 24
64.188.112.0/23 maxlen: 24
64.188.116.0/23 maxlen: 24
64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
77.239.104.0/24 maxlen: 24
77.239.105.0/24 maxlen: 24
77.239.122.0/24 maxlen: 24
77.239.123.0/24 maxlen: 24
144.31.26.0/23 maxlen: 24
144.31.64.0/22 maxlen: 24
144.31.68.0/22 maxlen: 24
144.31.72.0/22 maxlen: 24
144.31.76.0/22 maxlen: 24
144.31.86.0/23 maxlen: 24
144.31.89.0/24 maxlen: 24
144.31.104.0/23 maxlen: 24
144.31.114.0/23 maxlen: 24
144.31.120.0/23 maxlen: 24
144.31.137.0/24 maxlen: 24
144.31.192.0/23 maxlen: 24
144.31.198.0/23 maxlen: 24
144.31.228.0/23 maxlen: 24
144.31.246.0/23 maxlen: 24
144.31.252.0/23 maxlen: 24
144.31.254.0/23 maxlen: 24
150.241.105.0/24 maxlen: 24
150.241.108.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
185.184.122.0/24 maxlen: 24
185.184.123.0/24 maxlen: 24
185.207.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Feb 2026 14:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:2a:d2:f1:a2:d1:d1:26:8e:16:74:1c:da:8f:f5:9b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 4 22:43:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=af080f32dca46cb7ecad691cd0796057ba2c2dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c2:82:8a:9a:79:f5:22:20:36:3f:a2:33:87:
90:97:79:af:4f:1b:f0:44:7f:42:79:1b:90:45:de:
7d:fc:fc:3a:9e:dd:11:6f:3a:68:08:3f:e6:bc:93:
a8:e5:82:95:6d:73:4c:0b:2e:66:b6:d0:34:c7:39:
1b:1b:a7:12:dd:c1:28:62:17:06:43:0a:42:dd:55:
59:4b:5b:72:fa:09:c8:80:fb:3b:e7:e4:f0:07:fb:
56:c8:1d:fb:f4:99:ff:84:20:9e:9b:70:76:d3:8f:
ba:8e:56:0c:cf:e0:4d:3f:2a:ec:3e:c7:2f:12:94:
66:79:48:a2:b1:fb:61:bd:00:db:6a:d3:79:b7:55:
83:f0:ce:d5:9e:3c:4a:74:47:e9:5c:e2:25:19:9a:
87:f7:cf:8e:0c:ba:ba:30:53:74:48:e8:0d:2c:49:
f4:6c:61:60:43:e8:81:48:16:12:41:9a:03:0c:99:
dd:65:c4:31:c7:9f:8b:bc:d1:da:f1:5e:97:c0:32:
2e:06:f7:47:dd:19:e2:8b:29:e0:3f:29:b3:02:7b:
2e:d6:97:01:ba:d6:b5:f5:b5:25:a4:d5:b3:c0:7f:
1c:5d:93:70:a6:7e:04:9d:ca:06:65:72:83:29:35:
21:f7:ee:d7:fe:fb:cb:f8:a1:bd:2a:6d:e7:1a:73:
ba:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:08:0F:32:DC:A4:6C:B7:EC:AD:69:1C:D0:79:60:57:BA:2C:2D:FE
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/rwgPMtykbLfsrWkc0HlgV7osLf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.73.0/24
64.188.75.0/24
64.188.92.0-64.188.97.255
64.188.112.0/23
64.188.116.0/23
64.188.124.0-64.188.126.255
77.239.104.0/23
77.239.122.0/23
144.31.26.0/23
144.31.64.0/20
144.31.86.0/23
144.31.89.0/24
144.31.104.0/23
144.31.114.0/23
144.31.120.0/23
144.31.137.0/24
144.31.192.0/23
144.31.198.0/23
144.31.228.0/23
144.31.246.0/23
144.31.252.0/22
150.241.105.0/24
150.241.108.0/24
150.241.123.0/24
185.184.122.0/23
185.207.133.0/24
Signature Algorithm: sha256WithRSAEncryption
98:e5:32:b5:3e:e8:d0:e2:18:be:d2:5e:0a:19:a1:d6:ae:cb:
36:f5:51:1a:02:17:f8:aa:a4:bb:ab:72:74:4d:c7:23:38:1e:
fd:22:1e:a7:c0:15:e1:92:a2:f2:99:39:3c:ed:e6:aa:4e:4b:
70:e4:c0:3c:17:ae:0f:71:4e:73:09:3f:f6:f6:22:b0:07:55:
f6:e4:81:ed:6d:14:76:f3:23:4e:6b:ee:40:ec:38:d3:3b:c5:
28:3f:ec:51:b4:08:24:86:2a:75:60:b1:60:91:81:85:9f:56:
e4:36:9b:49:84:21:0e:3a:d9:ff:a0:58:6f:3d:e0:86:07:95:
5e:9f:56:bd:ce:d5:66:d3:66:61:ae:41:8e:d3:b2:10:4a:d3:
da:62:b7:0c:0d:e6:d5:4c:a1:70:2a:be:56:2e:34:a3:bc:a5:
b4:4a:07:b5:1a:a3:57:5c:92:a4:b8:bc:e5:84:1b:83:89:98:
98:cc:9a:77:40:b7:fa:ca:f3:f6:54:3a:76:53:21:48:ec:d8:
e8:a5:20:1a:a4:aa:98:de:8c:2e:b5:10:44:e0:46:a3:f6:44:
57:4a:a2:04:e6:e3:10:23:e6:42:2b:0d:60:2b:72:29:14:05:
e6:9c:83:f8:65:91:56:47:47:ca:32:73:46:bc:f3:32:9e:46:
57:f4:4f:d8
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZwq0vGi0dEmjhZ0HNqP9ZuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjA0MjI0MzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA4MGYzMmRjYTQ2Y2I3ZWNhZDY5MWNkMDc5NjA1N2JhMmMyZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7MKCipp59SIgNj+iM4eQl3mvTxvw
RH9CeRuQRd59/Pw6nt0RbzpoCD/mvJOo5YKVbXNMCy5mttA0xzkbG6cS3cEoYhcG
QwpC3VVZS1ty+gnIgPs75+TwB/tWyB379Jn/hCCem3B204+6jlYMz+BNPyrsPscv
EpRmeUiisfthvQDbatN5t1WD8M7VnjxKdEfpXOIlGZqH98+ODLq6MFN0SOgNLEn0
bGFgQ+iBSBYSQZoDDJndZcQxx5+LvNHa8V6XwDIuBvdH3RniiyngPymzAnsu1pcB
uta19bUlpNWzwH8cXZNwpn4EncoGZXKDKTUh9+7X/vvL+KG9Km3nGnO6jQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFK8IDzLcpGy37K1pHNB5YFe6LC3+MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvcndnUE10eWtiTGZzcldrYzBIbGdWN29zTGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBABA
vEkDBABAvEswDAMEAkC8XAMEAUC8YAMEAUC8cAMEAUC8dDAMAwQCQLx8AwQAQLx+
AwQBTe9oAwQBTe96AwQBkB8aAwQEkB9AAwQBkB9WAwQAkB9ZAwQBkB9oAwQBkB9y
AwQBkB94AwQAkB+JAwQBkB/AAwQBkB/GAwQBkB/kAwQBkB/2AwQCkB/8AwQAlvFp
AwQAlvFsAwQAlvF7AwQBubh6AwQAuc+FMA0GCSqGSIb3DQEBCwUAA4IBAQCY5TK1
PujQ4hi+0l4KGaHWrss29VEaAhf4qqS7q3J0TccjOB79Ih6nwBXhkqLymTk87eaq
Tktw5MA8F64PcU5zCT/29iKwB1X25IHtbRR28yNOa+5A7DjTO8UoP+xRtAgkhip1
YLFgkYGFn1bkNptJhCEOOtn/oFhvPeCGB5Ven1a9ztVm02ZhrkGO07IQStPaYrcM
DebVTKFwKr5WLjSjvKW0Sge1GqNXXJKkuLzlhBuDiZiYzJp3QLf6yvP2VDp2UyFI
7NjopSAapKqY3owutRBE4Eaj9kRXSqIE5uMQI+ZCKw1gK3IpFAXmnIP4ZZFWR0fK
MnNGvPMynkZX9E/Y
-----END CERTIFICATE-----
Generated at Sat Mar 14 09:15:14 2026 by rpki-client