Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/LbMFuQPFzLx9J3axDc-ex4ce9Fk.roa
File: LbMFuQPFzLx9J3axDc-ex4ce9Fk.roa (raw, json)
Hash identifier: UuNt1A3K2d3p+8rkNYfKIAZJoMkFP3bPy2PmcHuh7ig=
Subject key identifier: 2D:B3:05:B9:03:C5:CC:BC:7D:27:76:B1:0D:CF:9E:C7:87:1E:F4:59
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019D9218EC4396A07427572E5A29F0E0DFC7
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/LbMFuQPFzLx9J3axDc-ex4ce9Fk.roa
Signing time: Wed 15 Apr 2026 17:03:20 +0000
ROA not before: Wed 15 Apr 2026 17:03:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200436
IP address blocks: 5.42.217.0/24 maxlen: 24
62.3.14.0/24 maxlen: 24
217.18.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Apr 2026 18:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:92:18:ec:43:96:a0:74:27:57:2e:5a:29:f0:e0:df:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Apr 15 17:03:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2db305b903c5ccbc7d2776b10dcf9ec7871ef459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4a:94:dc:f9:6a:e6:3c:f0:40:1f:b6:68:b3:
79:68:21:3c:0c:09:dd:13:53:73:23:7d:82:fc:71:
2c:70:e2:b7:26:b5:54:96:31:8a:0a:c4:91:95:92:
84:b3:4e:cc:2f:20:16:a2:6d:ec:43:c0:1f:60:aa:
0c:e7:2e:8b:a8:eb:cc:dd:f1:13:2e:03:b1:02:0f:
f1:74:d7:bc:89:9e:a5:f9:22:cd:3a:21:64:79:90:
66:6c:56:e4:71:7d:be:57:83:ac:2f:ab:ab:07:bf:
0a:9f:6d:71:db:34:7a:1d:78:47:96:2e:76:fa:04:
37:09:a3:6a:84:91:75:c1:68:7c:0d:51:df:21:88:
40:12:d0:5a:d8:ae:f2:20:71:13:51:bb:60:88:3f:
e4:7a:a0:e4:59:ef:76:72:1f:4b:6e:ef:c7:26:3b:
2a:94:28:3a:16:ff:41:13:99:15:68:92:36:74:dd:
cd:5d:55:e9:63:05:45:12:1e:b8:55:50:ca:c5:1b:
1e:b6:88:90:31:45:3d:b6:3a:a0:18:d5:4c:9e:13:
a1:36:c6:d4:08:44:a0:71:cd:3c:f4:b9:6a:7d:8b:
92:2a:38:ab:fc:87:d7:81:f2:b0:be:74:16:35:a8:
f9:a4:51:b1:03:4e:04:1a:71:50:4f:85:fb:67:6b:
80:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B3:05:B9:03:C5:CC:BC:7D:27:76:B1:0D:CF:9E:C7:87:1E:F4:59
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/LbMFuQPFzLx9J3axDc-ex4ce9Fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.217.0/24
62.3.14.0/24
217.18.90.0/24
Signature Algorithm: sha256WithRSAEncryption
63:8f:e6:27:ae:3c:60:d3:46:c4:0f:ad:92:bf:02:22:84:75:
08:60:36:11:e2:70:29:51:11:51:74:e4:f0:51:c8:2f:75:07:
60:49:fd:e0:bf:1c:e2:7b:60:06:19:78:57:4f:ca:37:c2:32:
bd:da:70:ba:32:9f:be:f6:1e:d2:18:28:9b:f5:c1:e0:ae:dd:
3f:e1:cc:b7:91:a7:47:20:82:a0:a4:47:06:33:c3:99:5c:15:
c1:57:a3:82:11:6c:8a:d8:f9:c5:cf:a7:0f:11:07:af:31:62:
79:e7:dd:ba:e2:5e:87:75:9b:eb:46:d3:99:4f:dd:52:13:20:
26:dc:8a:09:32:00:a3:0f:6e:03:f0:2d:3a:6c:e5:aa:4c:b9:
62:e1:f1:aa:ad:77:d7:3e:1a:9c:c3:db:e9:55:cb:d1:c8:fc:
d0:14:12:2c:5e:4a:20:08:db:39:1e:62:27:82:43:d0:6d:68:
41:62:1e:74:79:1a:3b:9f:78:6f:ba:98:6f:e6:cd:7d:31:48:
38:c5:e0:d3:b8:05:17:7d:8e:00:76:24:d8:0f:79:b4:e2:74:
2e:14:ef:d2:0a:f7:1e:55:07:db:e9:0c:b4:e1:24:33:08:82:
d1:13:cb:24:eb:84:a7:ba:55:07:df:a2:ab:c9:05:23:d0:3e:
0a:07:22:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ2SGOxDlqB0J1cuWinw4N/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwNDE1MTcwMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGIzMDViOTAzYzVjY2JjN2QyNzc2YjEwZGNmOWVjNzg3MWVmNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UqU3Plq5jzwQB+2aLN5aCE8DAnd
E1NzI32C/HEscOK3JrVUljGKCsSRlZKEs07MLyAWom3sQ8AfYKoM5y6LqOvM3fET
LgOxAg/xdNe8iZ6l+SLNOiFkeZBmbFbkcX2+V4OsL6urB78Kn21x2zR6HXhHli52
+gQ3CaNqhJF1wWh8DVHfIYhAEtBa2K7yIHETUbtgiD/keqDkWe92ch9Lbu/HJjsq
lCg6Fv9BE5kVaJI2dN3NXVXpYwVFEh64VVDKxRsetoiQMUU9tjqgGNVMnhOhNsbU
CESgcc089LlqfYuSKjir/IfXgfKwvnQWNaj5pFGxA04EGnFQT4X7Z2uABwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC2zBbkDxcy8fSd2sQ3PnseHHvRZMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvTGJNRnVRUEZ6THg5SjNheERjLWV4NGNlOUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABSrZAwQA
PgMOAwQA2RJaMA0GCSqGSIb3DQEBCwUAA4IBAQBjj+Ynrjxg00bED62SvwIihHUI
YDYR4nApURFRdOTwUcgvdQdgSf3gvxzie2AGGXhXT8o3wjK92nC6Mp++9h7SGCib
9cHgrt0/4cy3kadHIIKgpEcGM8OZXBXBV6OCEWyK2PnFz6cPEQevMWJ559264l6H
dZvrRtOZT91SEyAm3IoJMgCjD24D8C06bOWqTLli4fGqrXfXPhqcw9vpVcvRyPzQ
FBIsXkogCNs5HmIngkPQbWhBYh50eRo7n3hvuphv5s19MUg4xeDTuAUXfY4AdiTY
D3m04nQuFO/SCvceVQfb6Qy04SQzCILRE8sk64SnulUH36KryQUj0D4KByIW
-----END CERTIFICATE-----
Generated at Wed Apr 15 20:43:05 2026 by rpki-client