Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e302e302f32322d3234203d3e20383334.roa
File: 3134332e32302e302e302f32322d3234203d3e20383334.roa (raw, json)
Hash identifier: eVgHYLOsfsr4co8IOKLb2shslG5zxfYMavAihdUuo2s=
Subject key identifier: 5B:9C:41:6E:62:41:A0:06:CE:6B:EC:F5:FB:25:B8:4E:00:47:7C:CC
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 335332BDE8CAFFFF29594906F7A8F48151E7D2BD
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e302e302f32322d3234203d3e20383334.roa
Signing time: Tue 13 May 2025 06:01:39 +0000
ROA not before: Tue 13 May 2025 05:56:39 +0000
ROA not after: Tue 12 May 2026 06:01:39 +0000
asID: 834
IP address blocks: 143.20.0.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 May 2025 12:51:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:53:32:bd:e8:ca:ff:ff:29:59:49:06:f7:a8:f4:81:51:e7:d2:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 13 05:56:39 2025 GMT
Not After : May 12 06:01:39 2026 GMT
Subject: CN=5B9C416E6241A006CE6BECF5FB25B84E00477CCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:34:37:c8:7c:2f:05:0e:5a:e5:0c:25:d3:fb:
8f:b1:d2:2b:f7:1e:c5:60:2d:2c:29:11:b9:f4:f5:
b9:0b:79:96:70:f5:05:6a:68:00:bd:55:c5:1a:00:
e4:e1:64:14:1d:b3:9c:d1:9f:52:dd:e4:30:47:95:
6e:23:13:8c:28:68:bf:8f:4a:a5:33:51:17:b6:df:
db:9e:26:55:93:e1:e4:55:df:fd:1e:cd:ab:8c:c3:
5a:d5:2b:4c:8b:17:f4:b0:80:d5:9a:bd:73:4d:7c:
30:a3:5b:81:58:61:c7:30:f9:80:ad:e5:61:0c:f7:
b9:af:22:e9:04:2f:75:b5:3f:d9:40:dd:f7:6e:d6:
c4:71:38:d3:64:81:cf:54:db:15:63:49:18:b7:f0:
65:87:dd:ad:73:4d:d7:67:b1:2b:61:d3:7e:ef:a2:
ae:ac:c2:a6:26:04:63:a7:40:c5:43:7f:55:2b:c9:
b7:69:65:55:53:b6:6d:80:9a:44:97:dc:38:74:b9:
c4:5b:b3:6d:d6:17:24:38:54:ff:52:35:2d:2c:78:
2b:bc:7a:fb:b9:08:10:c8:f0:22:2d:f2:e7:26:ee:
b3:13:38:4a:98:60:5a:af:e5:19:6a:1a:95:86:92:
e4:6c:c8:45:49:70:21:c0:50:46:96:ef:28:3a:a3:
12:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:9C:41:6E:62:41:A0:06:CE:6B:EC:F5:FB:25:B8:4E:00:47:7C:CC
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e302e302f32322d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.0.0/22
Signature Algorithm: sha256WithRSAEncryption
56:60:26:6d:e3:52:4d:01:f1:59:53:1a:9b:ed:16:a2:27:a0:
db:53:46:c5:58:0c:7d:30:9f:88:4a:3f:1d:42:3b:f2:ca:f0:
76:c7:00:9f:8a:b0:01:c8:47:40:bc:e8:bf:7b:10:d8:87:9c:
b1:af:0b:8d:8a:cc:65:30:66:c6:3c:76:db:3d:7a:93:6b:c8:
ed:d6:cd:52:1c:12:27:ae:63:1c:e0:8c:de:aa:53:bd:1e:f2:
c6:0a:cc:ef:f8:0d:ef:1d:16:84:8d:cd:88:f3:d2:a8:44:0d:
f4:b7:15:67:a2:69:ee:67:f7:07:2d:18:92:bb:03:c3:62:21:
44:ab:81:cc:83:c8:eb:82:ab:67:59:b6:55:6a:a2:95:c9:8b:
b1:5d:fb:7d:94:07:37:d3:a0:42:71:a4:8c:c7:e0:0a:cd:11:
39:2f:5a:d0:40:84:e3:7a:fe:02:54:12:1b:9f:f3:fc:5a:60:
23:3b:52:6b:a7:73:bd:93:eb:2a:d9:97:16:f2:2c:1d:28:85:
2c:58:15:77:c4:2b:90:9f:94:b7:46:5c:7e:2b:71:a7:8f:51:
8b:18:1c:ee:36:7a:85:82:91:71:12:0c:82:ba:65:d9:d1:8e:
8e:5b:a1:09:c5:b2:18:f9:85:42:91:cc:d2:d3:30:53:45:b8:
ea:38:1f:71
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUM1MyvejK//8pWUkG96j0gVHn0r0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MTMwNTU2MzlaFw0yNjA1MTIwNjAxMzlaMDMxMTAvBgNV
BAMTKDVCOUM0MTZFNjI0MUEwMDZDRTZCRUNGNUZCMjVCODRFMDA0NzdDQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4NDfIfC8FDlrlDCXT+4+x0iv3
HsVgLSwpEbn09bkLeZZw9QVqaAC9VcUaAOThZBQds5zRn1Ld5DBHlW4jE4woaL+P
SqUzURe239ueJlWT4eRV3/0ezauMw1rVK0yLF/SwgNWavXNNfDCjW4FYYccw+YCt
5WEM97mvIukEL3W1P9lA3fdu1sRxONNkgc9U2xVjSRi38GWH3a1zTddnsSth037v
oq6swqYmBGOnQMVDf1UrybdpZVVTtm2AmkSX3Dh0ucRbs23WFyQ4VP9SNS0seCu8
evu5CBDI8CIt8ucm7rMTOEqYYFqv5RlqGpWGkuRsyEVJcCHAUEaW7yg6oxIhAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUW5xBbmJBoAbOa+z1+yW4TgBHfMwwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMDJl
MzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAo8UADANBgkq
hkiG9w0BAQsFAAOCAQEAVmAmbeNSTQHxWVMam+0Woieg21NGxVgMfTCfiEo/HUI7
8srwdscAn4qwAchHQLzov3sQ2Iecsa8LjYrMZTBmxjx22z16k2vI7dbNUhwSJ65j
HOCM3qpTvR7yxgrM7/gN7x0WhI3NiPPSqEQN9LcVZ6Jp7mf3By0YkrsDw2IhRKuB
zIPI64KrZ1m2VWqilcmLsV37fZQHN9OgQnGkjMfgCs0ROS9a0ECE43r+AlQSG5/z
/FpgIztSa6dzvZPrKtmXFvIsHSiFLFgVd8QrkJ+Ut0Zcfitxp49Rixgc7jZ6hYKR
cRIMgrpl2dGOjluhCcWyGPmFQpHM0tMwU0W46jgfcQ==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:34:13 2025 by rpki-client