Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/1286f6-688c-4cfa-a02d-1a89ab7b8cb5/1/HwD4cyrwIKeODHcEWvQPjWNfNAU.roa
File: HwD4cyrwIKeODHcEWvQPjWNfNAU.roa (raw, json)
Hash identifier: A9msp0CJMQoW2BR940+KvuS4ZriMwEJxGVLiaXmijlw=
Subject key identifier: 1F:00:F8:73:2A:F0:20:A7:8E:0C:77:04:5A:F4:0F:8D:63:5F:34:05
Certificate issuer: /CN=84d509259f700cdc4448f1fbf530c19e40754ec4
Certificate serial: 019B7AC7B6475DBA221F11E746558A4D0E8D
Authority key identifier: 84:D5:09:25:9F:70:0C:DC:44:48:F1:FB:F5:30:C1:9E:40:75:4E:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hNUJJZ9wDNxESPH79TDBnkB1TsQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/1286f6-688c-4cfa-a02d-1a89ab7b8cb5/1/HwD4cyrwIKeODHcEWvQPjWNfNAU.roa
Signing time: Thu 01 Jan 2026 18:17:47 +0000
ROA not before: Thu 01 Jan 2026 18:17:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59689
IP address blocks: 185.3.128.0/22 maxlen: 22
2a02:5cc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 28 Jan 2026 15:22:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:c7:b6:47:5d:ba:22:1f:11:e7:46:55:8a:4d:0e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84d509259f700cdc4448f1fbf530c19e40754ec4
Validity
Not Before: Jan 1 18:17:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1f00f8732af020a78e0c77045af40f8d635f3405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:07:e9:13:5a:3c:84:07:60:99:8e:b2:d9:1b:
4a:b2:4e:13:29:62:09:09:ef:73:d4:e6:f0:12:55:
4e:23:db:de:fe:b9:90:3f:68:db:bf:0a:d7:b3:b4:
e5:4f:09:99:7b:89:81:dd:d0:75:0a:36:8b:ba:1c:
35:18:b1:94:33:8a:9b:7b:c1:fe:e4:65:43:dd:0b:
55:fb:52:fb:31:21:10:db:d1:86:c4:51:1a:54:e9:
4e:29:00:d5:42:29:96:dd:82:55:4c:25:4d:f0:1c:
9c:ac:2c:10:4a:23:b5:10:77:c2:ed:fd:1b:1f:8a:
92:6d:e8:b0:ad:8c:79:47:3b:75:d7:61:23:86:4b:
64:6b:7c:9c:f1:bd:4d:44:67:8d:72:23:33:e0:6f:
ce:83:ed:07:94:c3:7e:3f:7a:2d:50:f1:d1:03:e7:
83:d4:b1:53:e1:89:08:9b:af:88:6f:d6:9d:96:07:
b7:53:23:91:85:01:79:91:c3:79:4a:eb:5a:6f:fd:
10:e9:46:78:11:d9:62:6c:4e:ba:99:97:60:c7:b8:
73:96:11:83:27:32:a4:29:95:57:5f:22:dd:8e:8d:
a6:33:18:b6:ad:99:64:ee:4a:f3:be:03:2e:60:1a:
f6:62:c8:1d:81:22:dd:ec:f3:15:d3:1b:be:0b:5c:
b3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:00:F8:73:2A:F0:20:A7:8E:0C:77:04:5A:F4:0F:8D:63:5F:34:05
X509v3 Authority Key Identifier:
keyid:84:D5:09:25:9F:70:0C:DC:44:48:F1:FB:F5:30:C1:9E:40:75:4E:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNUJJZ9wDNxESPH79TDBnkB1TsQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/1286f6-688c-4cfa-a02d-1a89ab7b8cb5/1/HwD4cyrwIKeODHcEWvQPjWNfNAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/1286f6-688c-4cfa-a02d-1a89ab7b8cb5/1/hNUJJZ9wDNxESPH79TDBnkB1TsQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.128.0/22
IPv6:
2a02:5cc0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:09:fe:b0:3b:4e:33:e6:6e:6a:9e:ef:b4:c1:11:aa:15:b8:
78:72:d4:01:19:75:d5:a1:f6:61:87:c6:1c:72:f8:25:8c:01:
13:b5:f3:a9:ba:54:92:80:b7:4a:87:e5:4b:b7:4b:cb:48:69:
bd:b0:e6:fd:db:6f:26:c0:d0:f1:92:b8:8d:58:9a:93:c4:72:
79:ca:74:42:03:9a:3c:61:a5:dd:d0:fb:40:9a:9f:92:b1:68:
de:7c:b5:a1:90:76:24:f2:54:c2:b4:c3:12:7c:f0:67:ed:39:
2b:cd:01:18:e4:2a:8d:74:13:ff:27:ac:85:ae:a6:c4:75:ca:
b7:7e:96:01:1d:23:d6:26:e1:f6:07:fc:e7:4d:fa:e8:e1:44:
d0:2e:fe:38:9d:03:66:80:3c:e0:5a:7e:26:0e:29:a5:9e:af:
66:c0:9d:8a:7f:2c:81:f7:51:0d:46:0b:82:3c:38:ca:d1:f8:
00:3d:46:0a:42:14:af:83:f0:38:5d:00:c5:ec:36:f8:58:9d:
99:8e:fc:d8:96:7f:e8:f9:36:c5:ba:c2:b3:dc:43:73:00:19:
8a:fd:0b:f8:ea:7f:c4:16:b3:d9:89:36:1d:ee:10:66:97:e5:
c7:f8:1d:7b:57:9b:0a:76:56:d7:ee:80:17:57:69:5a:e6:64:
7f:ec:8e:08
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt6x7ZHXboiHxHnRlWKTQ6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZDUwOTI1OWY3MDBjZGM0NDQ4ZjFmYmY1MzBjMTllNDA3
NTRlYzQwHhcNMjYwMTAxMTgxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjAwZjg3MzJhZjAyMGE3OGUwYzc3MDQ1YWY0MGY4ZDYzNWYzNDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQfpE1o8hAdgmY6y2RtKsk4TKWIJ
Ce9z1ObwElVOI9ve/rmQP2jbvwrXs7TlTwmZe4mB3dB1CjaLuhw1GLGUM4qbe8H+
5GVD3QtV+1L7MSEQ29GGxFEaVOlOKQDVQimW3YJVTCVN8BycrCwQSiO1EHfC7f0b
H4qSbeiwrYx5Rzt112Ejhktka3yc8b1NRGeNciMz4G/Og+0HlMN+P3otUPHRA+eD
1LFT4YkIm6+Ib9adlge3UyORhQF5kcN5Sutab/0Q6UZ4EdlibE66mZdgx7hzlhGD
JzKkKZVXXyLdjo2mMxi2rZlk7krzvgMuYBr2YsgdgSLd7PMV0xu+C1yz+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB8A+HMq8CCnjgx3BFr0D41jXzQFMB8GA1UdIwQY
MBaAFITVCSWfcAzcREjx+/UwwZ5AdU7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE5VSkpaOXdETnhFU1BINzlUREJua0IxVHNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xMjg2ZjYtNjg4Yy00Y2ZhLWEwMmQt
MWE4OWFiN2I4Y2I1LzEvSHdENGN5cndJS2VPREhjRVd2UVBqV05mTkFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xMjg2ZjYtNjg4Yy00Y2ZhLWEwMmQtMWE4OWFiN2I4Y2I1
LzEvaE5VSkpaOXdETnhFU1BINzlUREJua0IxVHNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQOAMA0E
AgACMAcDBQAqAlzAMA0GCSqGSIb3DQEBCwUAA4IBAQAcCf6wO04z5m5qnu+0wRGq
Fbh4ctQBGXXVofZhh8YccvgljAETtfOpulSSgLdKh+VLt0vLSGm9sOb9228mwNDx
kriNWJqTxHJ5ynRCA5o8YaXd0PtAmp+SsWjefLWhkHYk8lTCtMMSfPBn7TkrzQEY
5CqNdBP/J6yFrqbEdcq3fpYBHSPWJuH2B/znTfro4UTQLv44nQNmgDzgWn4mDiml
nq9mwJ2KfyyB91ENRguCPDjK0fgAPUYKQhSvg/A4XQDF7Db4WJ2ZjvzYln/o+TbF
usKz3ENzABmK/Qv46n/EFrPZiTYd7hBml+XH+B17V5sKdlbX7oAXV2la5mR/7I4I
-----END CERTIFICATE-----
Generated at Wed Mar 11 12:11:16 2026 by rpki-client