Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e302e302f32342d3234203d3e20323133393230.roa
File: 3134332e32302e302e302f32342d3234203d3e20323133393230.roa (raw, json)
Hash identifier: jNhAsDqsn6G4nQS3V7C+8Vg39P/cRjZS4boEFylhKyw=
Subject key identifier: FB:D7:D3:D5:F2:5A:79:6B:5E:59:19:A1:A1:F5:68:39:AE:29:49:4C
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 1066DAB8088C16C1A3ECED5382675D3F5B2F2D62
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e302e302f32342d3234203d3e20323133393230.roa
Signing time: Wed 21 May 2025 12:51:17 +0000
ROA not before: Wed 21 May 2025 12:46:17 +0000
ROA not after: Wed 20 May 2026 12:51:17 +0000
asID: 213920
IP address blocks: 143.20.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:66:da:b8:08:8c:16:c1:a3:ec:ed:53:82:67:5d:3f:5b:2f:2d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 21 12:46:17 2025 GMT
Not After : May 20 12:51:17 2026 GMT
Subject: CN=FBD7D3D5F25A796B5E5919A1A1F56839AE29494C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:44:b0:f3:41:4a:06:db:3a:15:05:4b:1b:1a:
d1:d1:8d:70:87:a4:df:8c:6a:fb:c0:01:55:40:bb:
27:26:81:02:4e:a1:08:0c:02:b8:c6:f8:af:f0:5d:
ac:a8:4f:01:c3:d6:fe:8b:c0:1d:20:03:53:d2:af:
91:bf:f9:26:d9:fe:a4:ef:af:c9:36:f1:8c:04:76:
a0:02:3d:8d:0c:4f:83:8a:61:75:1a:7a:83:50:73:
56:bf:00:76:d6:29:69:cf:45:29:09:b4:57:61:47:
3e:2e:b6:be:db:8a:ec:72:a8:ab:4b:06:01:30:6d:
eb:80:90:8b:65:e1:ff:c6:0d:5e:b4:36:14:cc:b8:
b9:4f:98:2a:3d:15:de:c9:7e:b2:fb:d7:e3:ac:fe:
c2:c8:de:41:04:b8:04:42:7e:dc:3c:b7:83:3d:97:
44:90:a3:77:26:a7:e1:ea:91:ec:ea:22:6d:8a:89:
7e:44:20:23:cf:81:99:f6:18:b5:a5:22:f1:48:5b:
59:fc:d2:5d:fb:c7:71:11:d6:d3:70:4a:eb:72:59:
1c:2a:62:58:44:6f:41:63:c7:3b:de:7a:a0:45:32:
3d:aa:c1:3d:ea:d8:26:54:d2:8c:7c:74:bf:7c:8a:
76:ed:95:9e:33:bc:74:4d:ef:7e:a9:cb:23:a1:29:
e5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D7:D3:D5:F2:5A:79:6B:5E:59:19:A1:A1:F5:68:39:AE:29:49:4C
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e302e302f32342d3234203d3e20323133393230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.0.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:d9:00:6e:02:09:ce:9c:3c:4b:37:44:ba:dc:6c:65:b5:90:
ad:b4:1f:b3:a1:2e:c8:3b:42:2d:88:95:cd:21:db:f9:15:58:
a8:78:e0:23:2b:cd:78:35:3e:32:19:9b:b8:98:e9:07:e7:61:
0f:4d:b3:b8:01:91:e8:69:09:8c:2f:39:65:05:e6:29:b4:9f:
67:e5:38:5f:a1:c2:a2:63:94:96:ca:eb:2e:c4:12:a3:0c:97:
f5:f1:b5:3c:70:58:8a:b0:b4:2a:ab:d2:41:84:a5:b4:70:93:
e2:39:64:d6:57:92:a7:6d:50:28:24:96:2d:a5:ec:c0:f7:27:
28:3d:a8:6d:69:da:69:eb:ad:52:00:74:e6:6e:df:79:00:5b:
7d:7e:81:ac:bb:21:4b:45:85:87:f0:f3:0c:b4:55:91:b9:59:
b5:6d:9f:02:a2:67:79:74:17:9f:4f:6c:f4:ad:12:ca:75:dd:
d5:41:89:29:60:73:fa:cb:02:ef:80:45:04:02:f8:cc:73:0f:
d7:64:b0:6c:bf:f6:6c:64:c4:e4:66:90:52:1f:f3:70:a3:be:
28:59:24:ce:27:32:c6:7f:dc:be:1c:37:5e:63:d4:08:48:9a:
95:a1:b9:b1:50:16:b6:61:eb:75:33:71:88:53:50:eb:35:0e:
37:ed:74:d9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUEGbauAiMFsGj7O1TgmddP1svLWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MjExMjQ2MTdaFw0yNjA1MjAxMjUxMTdaMDMxMTAvBgNV
BAMTKEZCRDdEM0Q1RjI1QTc5NkI1RTU5MTlBMUExRjU2ODM5QUUyOTQ5NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIRLDzQUoG2zoVBUsbGtHRjXCH
pN+MavvAAVVAuycmgQJOoQgMArjG+K/wXayoTwHD1v6LwB0gA1PSr5G/+SbZ/qTv
r8k28YwEdqACPY0MT4OKYXUaeoNQc1a/AHbWKWnPRSkJtFdhRz4utr7biuxyqKtL
BgEwbeuAkItl4f/GDV60NhTMuLlPmCo9Fd7JfrL71+Os/sLI3kEEuARCftw8t4M9
l0SQo3cmp+HqkezqIm2KiX5EICPPgZn2GLWlIvFIW1n80l37x3ER1tNwSutyWRwq
YlhEb0FjxzveeqBFMj2qwT3q2CZU0ox8dL98inbtlZ4zvHRN736pyyOhKeWBAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU+9fT1fJaeWteWRmhofVoOa4pSUwwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMzM5MzIzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI8U
ADANBgkqhkiG9w0BAQsFAAOCAQEAX9kAbgIJzpw8SzdEutxsZbWQrbQfs6EuyDtC
LYiVzSHb+RVYqHjgIyvNeDU+MhmbuJjpB+dhD02zuAGR6GkJjC85ZQXmKbSfZ+U4
X6HComOUlsrrLsQSowyX9fG1PHBYirC0KqvSQYSltHCT4jlk1leSp21QKCSWLaXs
wPcnKD2obWnaaeutUgB05m7feQBbfX6BrLshS0WFh/DzDLRVkblZtW2fAqJneXQX
n09s9K0SynXd1UGJKWBz+ssC74BFBAL4zHMP12SwbL/2bGTE5GaQUh/zcKO+KFkk
zicyxn/cvhw3XmPUCEialaG5sVAWtmHrdTNxiFNQ6zUON+102Q==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:53:45 2025 by rpki-client