Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3134342e302f32302d3234203d3e20383334.roa
File: 3134332e32302e3134342e302f32302d3234203d3e20383334.roa (raw, json)
Hash identifier: lTttD0agaDqFYZ4UGoSVOmbwAxZjhMnSz7b1CV9DYaw=
Subject key identifier: F2:3B:E6:F2:13:06:52:A4:3B:2D:6D:84:54:C5:F5:09:86:27:4B:CE
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 22D77690C349AF3B1AA8299697BF84E7C3121E64
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3134342e302f32302d3234203d3e20383334.roa
Signing time: Mon 02 Jun 2025 12:42:50 +0000
ROA not before: Mon 02 Jun 2025 12:37:50 +0000
ROA not after: Mon 01 Jun 2026 12:42:50 +0000
asID: 834
IP address blocks: 143.20.144.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:d7:76:90:c3:49:af:3b:1a:a8:29:96:97:bf:84:e7:c3:12:1e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 2 12:37:50 2025 GMT
Not After : Jun 1 12:42:50 2026 GMT
Subject: CN=F23BE6F2130652A43B2D6D8454C5F50986274BCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e2:f7:c9:50:c0:54:91:31:3b:56:8e:ad:31:
01:84:fb:82:ff:01:dd:15:5d:ef:17:01:07:ce:c1:
3d:1d:30:35:41:ac:a5:02:2b:ed:8a:49:c8:fe:bb:
09:5d:d1:e8:f6:21:d9:10:8e:86:bc:3a:98:8c:75:
c1:82:a6:ce:5c:f6:f2:77:fa:26:87:d3:7b:f8:cb:
89:cc:78:30:40:d1:98:80:ce:a1:0d:fc:21:df:2e:
16:35:49:54:96:09:20:2c:e1:83:41:fd:dd:ce:6f:
28:51:e1:90:31:ec:6e:a3:d6:f0:de:0c:92:b0:84:
fa:52:f5:85:02:ce:40:94:93:9d:25:69:8c:f2:fd:
2e:95:5d:3c:87:b6:34:4f:65:70:15:4c:87:69:9f:
78:01:76:4b:b4:3c:95:a8:94:b6:30:5d:62:0f:6f:
89:f6:a1:c0:cd:c9:9b:46:af:51:e9:c1:ec:6b:60:
03:7c:31:de:f3:eb:f4:e9:c6:2b:d3:35:18:f2:c9:
09:eb:38:7d:8b:a1:5c:43:58:0e:d6:bb:79:1f:5b:
fb:6e:c4:99:09:f5:b9:a5:26:87:94:77:e6:e7:52:
45:03:0f:19:3c:2e:00:42:b2:cb:55:60:90:4e:d6:
d7:25:2b:5b:cb:3a:be:d9:d6:da:dc:03:19:b7:2f:
fc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:3B:E6:F2:13:06:52:A4:3B:2D:6D:84:54:C5:F5:09:86:27:4B:CE
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3134342e302f32302d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.144.0/20
Signature Algorithm: sha256WithRSAEncryption
bf:4d:02:9b:36:67:e7:5f:32:ac:f6:dd:85:28:5e:eb:c9:9a:
c1:ef:b4:b0:96:97:9d:89:27:9e:26:5d:b9:a5:2c:0a:91:2a:
50:b3:32:53:0b:ce:f3:a1:7a:32:2a:2f:3b:48:3f:2f:db:14:
9b:55:68:0d:c0:72:0c:c5:f7:8d:08:84:20:d3:22:51:8f:26:
09:f5:48:e8:d0:d7:c9:ed:fd:2d:7a:87:1d:47:6e:f5:4b:63:
f4:d1:d5:4e:45:c3:84:fe:bc:5a:27:2d:03:54:72:ad:0a:37:
3d:e6:78:5c:f5:bc:80:72:23:4e:67:42:b3:c3:09:05:a6:14:
36:c1:9b:50:fc:5e:31:f4:f6:de:3a:34:8c:64:83:d6:2d:67:
9d:67:d0:1b:27:ad:05:c7:1b:07:06:47:a0:f3:bf:19:38:18:
72:73:08:1d:51:01:8c:b2:3c:d1:f6:4e:aa:5e:66:e7:cb:e2:
e3:7d:0d:db:cd:92:ca:a5:7e:5b:f9:52:32:f2:52:18:b7:b4:
24:4e:e0:6b:48:ff:8a:ac:84:de:4a:55:44:96:3a:43:42:ba:
6f:60:ef:25:d3:c6:37:89:c4:a2:11:15:7c:52:93:6a:41:7c:
bf:47:24:b6:e2:79:34:7f:7c:cd:c2:05:0b:f1:14:65:2a:ce:
f5:28:4c:24
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUItd2kMNJrzsaqCmWl7+E58MSHmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MDIxMjM3NTBaFw0yNjA2MDExMjQyNTBaMDMxMTAvBgNV
BAMTKEYyM0JFNkYyMTMwNjUyQTQzQjJENkQ4NDU0QzVGNTA5ODYyNzRCQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK4vfJUMBUkTE7Vo6tMQGE+4L/
Ad0VXe8XAQfOwT0dMDVBrKUCK+2KScj+uwld0ej2IdkQjoa8OpiMdcGCps5c9vJ3
+iaH03v4y4nMeDBA0ZiAzqEN/CHfLhY1SVSWCSAs4YNB/d3ObyhR4ZAx7G6j1vDe
DJKwhPpS9YUCzkCUk50laYzy/S6VXTyHtjRPZXAVTIdpn3gBdku0PJWolLYwXWIP
b4n2ocDNyZtGr1HpwexrYAN8Md7z6/TpxivTNRjyyQnrOH2LoVxDWA7Wu3kfW/tu
xJkJ9bmlJoeUd+bnUkUDDxk8LgBCsstVYJBO1tclK1vLOr7Z1trcAxm3L/zhAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU8jvm8hMGUqQ7LW2EVMX1CYYnS84wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTM0
MzQyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASPFJAw
DQYJKoZIhvcNAQELBQADggEBAL9NAps2Z+dfMqz23YUoXuvJmsHvtLCWl52JJ54m
XbmlLAqRKlCzMlMLzvOhejIqLztIPy/bFJtVaA3AcgzF940IhCDTIlGPJgn1SOjQ
18nt/S16hx1HbvVLY/TR1U5Fw4T+vFonLQNUcq0KNz3meFz1vIByI05nQrPDCQWm
FDbBm1D8XjH09t46NIxkg9YtZ51n0BsnrQXHGwcGR6Dzvxk4GHJzCB1RAYyyPNH2
TqpeZufL4uN9DdvNksqlflv5UjLyUhi3tCRO4GtI/4qshN5KVUSWOkNCum9g7yXT
xjeJxKIRFXxSk2pBfL9HJLbieTR/fM3CBQvxFGUqzvUoTCQ=
-----END CERTIFICATE-----
Generated at Tue Jul 22 20:58:16 2025 by rpki-client