Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/pGKAAmqpgeWQ9aMUboRDbLrKqPA.roa
File: pGKAAmqpgeWQ9aMUboRDbLrKqPA.roa (raw, json)
Hash identifier: yIypnn97FAr3ipAr2qNcn9b7KgsozTxedsfYUZvlNAQ=
Subject key identifier: A4:62:80:02:6A:A9:81:E5:90:F5:A3:14:6E:84:43:6C:BA:CA:A8:F0
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019E98161798103052096A234D4C18ABD822
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/pGKAAmqpgeWQ9aMUboRDbLrKqPA.roa
Signing time: Fri 05 Jun 2026 14:00:45 +0000
ROA not before: Fri 05 Jun 2026 14:00:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 77.242.146.0/23 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.226.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jun 2026 12:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:98:16:17:98:10:30:52:09:6a:23:4d:4c:18:ab:d8:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 5 14:00:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a46280026aa981e590f5a3146e84436cbacaa8f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7a:05:3a:e4:db:5f:01:14:16:d4:63:84:74:
39:e4:eb:17:c5:a4:f9:13:b4:d9:2f:02:bb:35:59:
c8:7c:22:51:b0:d1:bb:4d:d1:fa:e9:0e:b6:da:cb:
e2:dd:a6:5e:ab:0b:5f:db:57:36:c0:01:a9:23:e5:
43:15:cb:6b:bc:2c:f2:9f:84:ee:81:50:7e:96:c1:
e7:cb:46:5d:b2:35:87:6d:dc:7c:c4:a8:64:54:f9:
d4:01:39:34:f1:63:e3:30:ad:a6:9b:d7:16:a8:9b:
cd:86:01:69:cc:98:81:ad:dc:2f:c1:8b:c2:43:ec:
1e:fa:0f:58:2b:c4:7d:15:cf:e0:d3:07:dc:d5:a8:
d5:cf:d5:ff:0f:ba:39:12:8b:e1:95:62:d2:c5:89:
eb:aa:07:c3:e4:75:20:66:17:fe:63:1a:a1:a6:d8:
0b:b1:85:e0:93:43:aa:75:20:9d:e5:18:6e:43:3f:
11:4d:fd:f8:75:cc:e6:9b:ac:3e:c1:bd:cf:ba:4d:
af:e7:1d:bf:74:a7:d0:58:3d:72:2e:63:0c:dd:91:
4b:77:14:18:a3:56:8b:d8:f2:51:d6:3f:07:1c:c1:
38:dd:a3:f6:63:de:7d:1e:66:1d:b2:97:5d:74:9c:
45:ee:91:44:81:77:a8:72:5b:c5:9f:5d:15:96:0c:
2a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:62:80:02:6A:A9:81:E5:90:F5:A3:14:6E:84:43:6C:BA:CA:A8:F0
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/pGKAAmqpgeWQ9aMUboRDbLrKqPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.146.0/23
88.151.56.0/23
88.209.201.0/24
88.209.226.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:f1:eb:a0:cf:5c:f5:ec:56:4e:f6:5f:db:4a:13:09:3a:3e:
0a:45:cd:96:ee:d7:fd:d2:d6:ee:d6:4c:ca:d0:f1:d6:cb:12:
20:64:81:a7:bd:6e:99:58:91:04:de:1e:13:13:21:5a:7e:6a:
7b:9c:4b:54:ce:98:b8:79:9d:34:2f:09:27:19:6b:47:38:56:
3e:e6:e3:8c:a2:31:f2:2e:ba:11:a6:4a:27:db:48:29:2c:d8:
a2:34:61:29:f8:df:f1:c8:23:68:9d:36:94:42:b8:5a:da:84:
ac:e4:66:16:de:e6:b9:45:d4:51:e9:5f:a3:f6:81:23:01:ea:
b5:1a:da:ec:bf:20:00:20:b7:ec:0f:8e:04:81:c8:fb:5c:3d:
50:be:5b:88:00:1b:85:34:d3:18:da:54:0d:85:70:b0:ca:5b:
c0:e2:3b:75:60:5d:17:87:0e:8c:c8:52:ba:d1:8f:f2:7a:98:
d3:3e:67:e5:5f:a3:4f:c6:93:2b:e7:81:eb:5d:5c:a7:2c:76:
14:05:76:e7:0d:45:31:2e:a8:bf:78:d6:54:98:d6:fe:d4:71:
dc:b5:45:55:99:ec:ac:95:8e:02:4e:0d:d9:ac:7a:0c:72:e2:
06:ff:12:95:a3:ab:1b:c5:23:df:1c:38:13:15:98:89:e2:2e:
76:95:a5:3e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6YFheYEDBSCWojTUwYq9giMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjYwNjA1MTQwMDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDYyODAwMjZhYTk4MWU1OTBmNWEzMTQ2ZTg0NDM2Y2JhY2FhOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XoFOuTbXwEUFtRjhHQ55OsXxaT5
E7TZLwK7NVnIfCJRsNG7TdH66Q622svi3aZeqwtf21c2wAGpI+VDFctrvCzyn4Tu
gVB+lsHny0ZdsjWHbdx8xKhkVPnUATk08WPjMK2mm9cWqJvNhgFpzJiBrdwvwYvC
Q+we+g9YK8R9Fc/g0wfc1ajVz9X/D7o5EovhlWLSxYnrqgfD5HUgZhf+YxqhptgL
sYXgk0OqdSCd5RhuQz8RTf34dczmm6w+wb3Puk2v5x2/dKfQWD1yLmMM3ZFLdxQY
o1aL2PJR1j8HHME43aP2Y959HmYdspdddJxF7pFEgXeoclvFn10VlgwqHwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKRigAJqqYHlkPWjFG6EQ2y6yqjwMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcEdLQUFtcXBnZVdROWFNVWJvUkRiTHJLcVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBTfKSAwQB
WJc4AwQAWNHJAwQAWNHiAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQBP8eugz1z1
7FZO9l/bShMJOj4KRc2W7tf90tbu1kzK0PHWyxIgZIGnvW6ZWJEE3h4TEyFafmp7
nEtUzpi4eZ00LwknGWtHOFY+5uOMojHyLroRpkon20gpLNiiNGEp+N/xyCNonTaU
Qrha2oSs5GYW3ua5RdRR6V+j9oEjAeq1GtrsvyAAILfsD44Egcj7XD1QvluIABuF
NNMY2lQNhXCwylvA4jt1YF0Xhw6MyFK60Y/yepjTPmflX6NPxpMr54HrXVynLHYU
BXbnDUUxLqi/eNZUmNb+1HHctUVVmeyslY4CTg3ZrHoMcuIG/xKVo6sbxSPfHDgT
FZiJ4i52laU+
-----END CERTIFICATE-----
Generated at Fri Jun 26 21:08:38 2026 by rpki-client