Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1.roa
File: AS1.roa (raw, json)
Hash identifier: s6P6R6GoBvfubdnlrb7COPfmuiN5hqeVZNEe7XCORoQ=
Subject key identifier: C5:84:2F:D9:6D:C8:E4:17:48:5F:63:68:8F:B9:70:E1:7E:70:7D:1A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 029DD140AEAD7269A15804FE390B9456A886BD52
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1.roa
Signing time: Mon 12 May 2025 10:41:08 +0000
ROA not before: Mon 12 May 2025 10:36:08 +0000
ROA not after: Mon 11 May 2026 10:41:08 +0000
asID: 1
IP address blocks: 143.14.176.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 May 2025 07:54:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:9d:d1:40:ae:ad:72:69:a1:58:04:fe:39:0b:94:56:a8:86:bd:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 12 10:36:08 2025 GMT
Not After : May 11 10:41:08 2026 GMT
Subject: CN=C5842FD96DC8E417485F63688FB970E17E707D1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ff:63:e3:3c:81:91:d6:75:07:d3:f9:57:c5:
f3:db:95:18:45:88:14:c8:a6:69:a7:eb:45:e1:11:
6a:90:34:63:43:96:80:ef:e5:2c:98:2d:58:a6:49:
ba:f5:7e:28:cf:b2:22:0a:49:dd:dc:c6:9e:f6:9c:
79:03:0a:d2:cf:19:a0:e0:93:6b:e9:15:7f:22:11:
1d:42:31:61:6e:44:0d:ff:34:b3:f3:0d:9d:56:4e:
6c:e3:95:80:48:2b:17:e1:19:84:fb:38:de:d5:d2:
ce:d3:7e:95:5a:9d:59:eb:b3:0d:a7:24:59:bf:27:
90:b1:f7:2d:ca:2a:25:2b:41:f8:6b:d3:45:09:2c:
f3:ad:2e:0a:0d:e4:6f:78:77:2b:d9:56:62:30:c4:
cd:22:d5:d6:c9:22:d2:b2:88:f8:3a:d5:9b:1f:16:
84:7e:26:9d:e1:c8:30:25:74:fe:88:bd:ed:a1:b9:
71:25:92:c6:3b:e1:a5:41:7d:13:de:c2:e7:74:4c:
17:8e:e4:9e:44:b6:1c:c9:02:80:f2:ae:cf:0b:81:
ef:08:2a:5d:31:44:df:fa:eb:9c:1b:59:f2:15:9b:
9f:c9:91:dd:6c:13:cd:21:ae:0e:dc:ad:9d:35:e7:
75:ee:47:be:47:d6:f6:82:7a:7b:b7:80:97:25:7e:
dc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:84:2F:D9:6D:C8:E4:17:48:5F:63:68:8F:B9:70:E1:7E:70:7D:1A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.176.0/20
Signature Algorithm: sha256WithRSAEncryption
66:b8:68:85:58:12:c7:af:c0:fa:19:8d:63:e2:28:6f:96:80:
8f:a5:ad:ae:6a:a5:d5:96:a1:fb:3c:87:86:fa:5e:f1:6b:5d:
a4:68:27:a2:13:74:7a:ea:28:3e:b4:4f:c1:12:ac:f8:68:a0:
a4:02:5d:68:25:1f:c1:9d:72:9f:d4:99:2c:c2:99:06:61:cd:
ef:ec:77:2d:b3:6b:3b:7a:16:e7:83:90:73:23:c3:8a:34:e0:
18:a1:64:bc:5c:b0:7b:da:24:4c:10:15:b1:93:35:02:3d:11:
3b:ff:bd:14:2e:35:88:fd:df:45:f0:c4:23:f4:59:7a:48:91:
82:7f:b2:e4:80:76:6c:52:63:bf:71:52:55:d6:a7:e3:ac:45:
1c:80:67:93:48:c2:21:f3:d3:e1:83:c2:6c:04:02:0a:ae:cf:
61:84:aa:7e:b3:a3:f5:cf:b8:84:e7:d2:38:ab:98:90:d4:69:
08:c8:7e:e3:c3:93:26:ab:c0:dc:26:dd:38:33:bc:66:9d:64:
a9:3f:37:a3:39:90:68:0c:12:ae:ea:53:89:41:2e:47:35:a7:
57:40:e4:22:22:47:16:a3:d4:59:b0:5f:b5:15:a7:e5:65:f6:
9a:ca:2a:13:31:bb:56:21:a0:f5:2d:af:aa:f1:47:c1:94:14:
46:59:a8:56
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIUAp3RQK6tcmmhWAT+OQuUVqiGvVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MTIxMDM2MDhaFw0yNjA1MTExMDQxMDhaMDMxMTAvBgNV
BAMTKEM1ODQyRkQ5NkRDOEU0MTc0ODVGNjM2ODhGQjk3MEUxN0U3MDdEMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq/2PjPIGR1nUH0/lXxfPblRhF
iBTIpmmn60XhEWqQNGNDloDv5SyYLVimSbr1fijPsiIKSd3cxp72nHkDCtLPGaDg
k2vpFX8iER1CMWFuRA3/NLPzDZ1WTmzjlYBIKxfhGYT7ON7V0s7TfpVanVnrsw2n
JFm/J5Cx9y3KKiUrQfhr00UJLPOtLgoN5G94dyvZVmIwxM0i1dbJItKyiPg61Zsf
FoR+Jp3hyDAldP6Ive2huXElksY74aVBfRPewud0TBeO5J5EthzJAoDyrs8Lge8I
Kl0xRN/665wbWfIVm5/Jkd1sE80hrg7crZ0153XuR75H1vaCenu3gJclftxfAgMB
AAGjggIFMIICATAdBgNVHQ4EFgQUxYQv2W3I5BdIX2Noj7lw4X5wfRowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBI8OsDANBgkq
hkiG9w0BAQsFAAOCAQEAZrhohVgSx6/A+hmNY+Iob5aAj6Wtrmql1Zah+zyHhvpe
8WtdpGgnohN0euooPrRPwRKs+GigpAJdaCUfwZ1yn9SZLMKZBmHN7+x3LbNrO3oW
54OQcyPDijTgGKFkvFywe9okTBAVsZM1Aj0RO/+9FC41iP3fRfDEI/RZekiRgn+y
5IB2bFJjv3FSVdan46xFHIBnk0jCIfPT4YPCbAQCCq7PYYSqfrOj9c+4hOfSOKuY
kNRpCMh+48OTJqvA3CbdODO8Zp1kqT83ozmQaAwSrupTiUEuRzWnV0DkIiJHFqPU
WbBftRWn5WX2msoqEzG7ViGg9S2vqvFHwZQURlmoVg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:38:30 2025 by rpki-client