Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/x3Oz5g__90kAEW_U4c6lNNuTcn4.roa
File: x3Oz5g__90kAEW_U4c6lNNuTcn4.roa (raw, json)
Hash identifier: F5hoVIbVeeLPPdspRMOAsh8lnT4jwMghYJpbE/kuyPQ=
Subject key identifier: C7:73:B3:E6:0F:FF:F7:49:00:11:6F:D4:E1:CE:A5:34:DB:93:72:7E
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 019E91B097CDFBBCDE26B578F2BD95249369
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/x3Oz5g__90kAEW_U4c6lNNuTcn4.roa
Signing time: Thu 04 Jun 2026 08:12:10 +0000
ROA not before: Thu 04 Jun 2026 08:12:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 5.102.37.0/24 maxlen: 24
5.102.39.0/24 maxlen: 24
195.5.125.0/24 maxlen: 24
195.222.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jun 2026 21:13:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:91:b0:97:cd:fb:bc:de:26:b5:78:f2:bd:95:24:93:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Jun 4 08:12:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c773b3e60ffff74900116fd4e1cea534db93727e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0b:39:08:76:f7:59:b5:b7:79:62:99:b8:31:
ce:47:66:b3:4e:0a:10:3f:a3:04:a3:3d:b3:17:cc:
8b:5e:a8:6e:e5:66:c8:15:35:b8:fb:7c:d8:19:cb:
a3:1d:ce:85:1f:12:18:08:24:40:34:b3:79:f1:ce:
19:cb:69:48:00:03:d3:7b:94:86:05:ef:0c:f9:24:
a8:4c:03:43:53:ad:c4:f8:be:b8:e7:c5:86:a7:c7:
a9:34:1a:39:01:0d:73:e8:c2:cf:5d:3b:5d:1a:65:
43:78:2b:71:f4:f6:e2:93:66:1b:6d:2e:ae:6e:1d:
c9:bb:79:11:c7:d3:9d:f3:1b:ba:7c:33:90:cf:85:
55:0d:5e:ae:89:22:01:03:50:98:d4:7d:26:4b:1e:
d2:d4:3d:a4:12:f8:da:11:7b:27:e7:33:c5:b9:a1:
33:f7:a3:41:26:91:d4:f8:7b:e9:c2:ed:cf:91:a8:
94:1e:cc:18:ac:79:52:c4:11:ec:31:48:7e:98:e7:
fe:9b:fe:f7:02:cf:93:0a:43:dd:dc:41:f6:4f:d6:
40:52:ba:2f:39:f4:a1:e1:cf:6b:69:5f:ef:75:de:
99:f1:64:dd:58:28:ab:5b:04:bd:b0:d7:18:c2:6a:
38:ea:e5:b8:19:33:a6:bb:b7:4a:1d:0a:ad:4b:30:
4c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:73:B3:E6:0F:FF:F7:49:00:11:6F:D4:E1:CE:A5:34:DB:93:72:7E
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/x3Oz5g__90kAEW_U4c6lNNuTcn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.37.0/24
5.102.39.0/24
195.5.125.0/24
195.222.127.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:6b:51:ac:33:a7:71:31:c5:5d:2a:ab:f2:b5:75:2d:99:ef:
7f:90:5f:b4:78:02:da:6d:e5:6a:f1:bb:dd:45:81:24:6a:e2:
92:de:34:11:79:2d:a5:2a:ff:4e:20:d1:20:2c:bb:d1:68:74:
5c:5d:cf:42:24:89:6d:36:5b:bf:de:33:62:08:81:45:43:05:
15:ec:2a:99:a1:21:bb:f7:0d:12:ba:d0:df:b2:ab:84:6c:ba:
e7:de:79:1c:c4:a3:7b:d3:5d:43:4c:80:c7:70:5a:f9:4b:ad:
0b:85:5d:ac:16:7a:1b:c6:9f:5a:b1:52:b2:01:09:ae:a0:aa:
ac:27:83:97:68:2a:ee:bb:81:72:64:10:f5:67:ea:a9:eb:b6:
1b:57:f2:b4:81:45:c0:27:a9:9a:b1:e8:b3:ed:f7:5c:eb:47:
63:5c:4d:49:34:17:67:e6:75:7c:d6:a0:1a:5a:0b:83:f4:8b:
7d:72:4d:8d:6c:dd:24:77:0d:16:d3:2c:61:de:51:87:03:65:
39:4f:4b:49:27:3c:71:04:34:24:1f:97:77:58:3c:0e:21:aa:
dc:75:7f:e3:91:e6:41:36:55:54:9e:a9:76:e9:d5:57:e7:7d:
85:b5:ad:79:22:44:87:65:42:10:b4:c3:68:1e:e2:73:8a:e9:
e7:33:24:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6RsJfN+7zeJrV48r2VJJNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjYwNjA0MDgxMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzczYjNlNjBmZmZmNzQ5MDAxMTZmZDRlMWNlYTUzNGRiOTM3MjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsws5CHb3WbW3eWKZuDHOR2azTgoQ
P6MEoz2zF8yLXqhu5WbIFTW4+3zYGcujHc6FHxIYCCRANLN58c4Zy2lIAAPTe5SG
Be8M+SSoTANDU63E+L6458WGp8epNBo5AQ1z6MLPXTtdGmVDeCtx9Pbik2YbbS6u
bh3Ju3kRx9Od8xu6fDOQz4VVDV6uiSIBA1CY1H0mSx7S1D2kEvjaEXsn5zPFuaEz
96NBJpHU+Hvpwu3PkaiUHswYrHlSxBHsMUh+mOf+m/73As+TCkPd3EH2T9ZAUrov
OfSh4c9raV/vdd6Z8WTdWCirWwS9sNcYwmo46uW4GTOmu7dKHQqtSzBMvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMdzs+YP//dJABFv1OHOpTTbk3J+MB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEveDNPejVnX185MGtBRVdfVTRjNmxOTnVUY240LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABWYlAwQA
BWYnAwQAwwV9AwQAw95/MA0GCSqGSIb3DQEBCwUAA4IBAQANa1GsM6dxMcVdKqvy
tXUtme9/kF+0eALabeVq8bvdRYEkauKS3jQReS2lKv9OINEgLLvRaHRcXc9CJIlt
Nlu/3jNiCIFFQwUV7CqZoSG79w0SutDfsquEbLrn3nkcxKN7011DTIDHcFr5S60L
hV2sFnobxp9asVKyAQmuoKqsJ4OXaCruu4FyZBD1Z+qp67YbV/K0gUXAJ6maseiz
7fdc60djXE1JNBdn5nV81qAaWguD9It9ck2NbN0kdw0W0yxh3lGHA2U5T0tJJzxx
BDQkH5d3WDwOIarcdX/jkeZBNlVUnql26dVX532Fta15IkSHZUIQtMNoHuJziunn
MySk
-----END CERTIFICATE-----
Generated at Fri Jun 26 21:05:48 2026 by rpki-client