Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130302e302f32342d3234203d3e203336323331.roa
File: 3134332e32302e3130302e302f32342d3234203d3e203336323331.roa (raw, json)
Hash identifier: oFBOA5MQzgCo7Dpl1u+4iedSL5H9acgOQr7hCd4oFrw=
Subject key identifier: CD:B1:10:03:AA:50:7E:AB:E4:3E:0E:5A:46:C1:8E:D7:FD:73:AA:DB
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 36D95391823717D5D99EFD5D46DFE45062D60746
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130302e302f32342d3234203d3e203336323331.roa
Signing time: Thu 29 May 2025 11:54:30 +0000
ROA not before: Thu 29 May 2025 11:49:30 +0000
ROA not after: Thu 28 May 2026 11:54:30 +0000
asID: 36231
IP address blocks: 143.20.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:d9:53:91:82:37:17:d5:d9:9e:fd:5d:46:df:e4:50:62:d6:07:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 29 11:49:30 2025 GMT
Not After : May 28 11:54:30 2026 GMT
Subject: CN=CDB11003AA507EABE43E0E5A46C18ED7FD73AADB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f4:b4:7c:e0:44:8e:37:c9:ae:3f:64:cd:d5:
c0:1e:c9:63:d3:a0:f1:b5:35:b6:8c:81:a2:cc:e3:
17:78:10:2b:a7:79:9b:2b:ab:4e:de:18:37:17:75:
fa:aa:8f:8d:2b:15:04:f1:7c:fd:60:d0:83:22:35:
20:ba:03:fc:db:b5:91:29:f0:cd:7a:97:31:80:a0:
be:4e:f8:ad:9c:ab:58:a1:d2:a3:66:07:73:9b:61:
07:72:a8:68:aa:64:cc:f2:7f:aa:8d:58:02:b7:e0:
ca:f1:a3:ef:69:27:0e:17:a7:e3:bd:61:f8:dc:c9:
1c:6f:aa:8c:3b:7c:56:50:3c:fd:15:3d:dd:35:9f:
80:99:69:94:65:57:cf:de:00:71:7a:71:95:db:12:
b0:4f:08:46:b1:0f:60:14:74:8c:1e:41:d4:5a:e2:
4a:88:a5:d9:6e:8e:64:d8:41:e7:49:01:55:44:25:
52:b4:89:ba:91:aa:4e:1e:48:54:b2:7e:2c:03:5c:
9e:8f:e0:13:7c:da:1d:b4:44:7a:a7:37:d0:cc:07:
72:b9:92:83:37:8a:38:d4:08:cf:38:1a:08:f1:2a:
52:66:31:23:06:0f:ae:b6:89:b0:27:f3:fc:3d:fa:
47:b4:ca:f1:40:fc:9f:1c:b3:8e:bb:50:8d:98:c6:
2b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B1:10:03:AA:50:7E:AB:E4:3E:0E:5A:46:C1:8E:D7:FD:73:AA:DB
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130302e302f32342d3234203d3e203336323331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.100.0/24
Signature Algorithm: sha256WithRSAEncryption
00:52:b3:cb:8e:c4:d2:db:0a:2c:e2:9d:37:0f:f9:11:62:3a:
72:8d:b2:b2:36:46:cb:76:5b:c0:2b:0b:26:4b:f0:a2:ba:06:
ab:39:14:85:76:a2:be:8f:3c:ec:e9:d2:e0:09:f5:e9:d3:d6:
87:bc:8c:f1:ee:f1:56:22:3d:1b:ce:b8:90:2b:1d:20:b2:36:
01:63:81:45:f7:62:ee:d3:e6:93:10:6b:f2:f8:59:82:d1:6d:
e7:7a:d4:c3:f4:e3:47:8d:d7:00:a5:ce:06:f7:74:8f:18:48:
6c:a5:8c:da:a7:9f:a2:4a:fd:b6:a9:3c:82:7b:89:1a:73:f3:
03:80:37:e4:70:4f:a7:09:59:2c:97:53:87:bc:c0:dc:ec:28:
b7:79:6a:3a:f4:19:e4:72:c2:dd:9e:f5:52:cb:b1:7c:23:59:
aa:aa:95:3c:90:f9:d5:9a:3c:19:58:b3:5d:aa:01:01:eb:4d:
fa:c8:a9:b8:68:28:3f:0a:54:bd:0f:a3:02:3a:93:a8:37:92:
55:26:98:81:b4:46:01:82:58:4a:ff:ee:4d:79:bd:af:18:76:
46:db:32:87:72:7d:e9:a2:55:22:24:ce:84:8d:60:17:80:e5:
53:16:9f:dc:42:76:4b:f0:25:d3:3a:1c:41:e0:75:09:08:c3:
8a:b8:46:1b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNtlTkYI3F9XZnv1dRt/kUGLWB0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MjkxMTQ5MzBaFw0yNjA1MjgxMTU0MzBaMDMxMTAvBgNV
BAMTKENEQjExMDAzQUE1MDdFQUJFNDNFMEU1QTQ2QzE4RUQ3RkQ3M0FBREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN9LR84ESON8muP2TN1cAeyWPT
oPG1NbaMgaLM4xd4ECuneZsrq07eGDcXdfqqj40rFQTxfP1g0IMiNSC6A/zbtZEp
8M16lzGAoL5O+K2cq1ih0qNmB3ObYQdyqGiqZMzyf6qNWAK34Mrxo+9pJw4Xp+O9
YfjcyRxvqow7fFZQPP0VPd01n4CZaZRlV8/eAHF6cZXbErBPCEaxD2AUdIweQdRa
4kqIpdlujmTYQedJAVVEJVK0ibqRqk4eSFSyfiwDXJ6P4BN82h20RHqnN9DMB3K5
koM3ijjUCM84GgjxKlJmMSMGD662ibAn8/w9+ke0yvFA/J8cs467UI2Yxis/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzbEQA6pQfqvkPg5aRsGO1/1zqtswHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMw
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM2MzIzMzMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
jxRkMA0GCSqGSIb3DQEBCwUAA4IBAQAAUrPLjsTS2wos4p03D/kRYjpyjbKyNkbL
dlvAKwsmS/CiugarORSFdqK+jzzs6dLgCfXp09aHvIzx7vFWIj0bzriQKx0gsjYB
Y4FF92Lu0+aTEGvy+FmC0W3netTD9ONHjdcApc4G93SPGEhspYzap5+iSv22qTyC
e4kac/MDgDfkcE+nCVksl1OHvMDc7Ci3eWo69BnkcsLdnvVSy7F8I1mqqpU8kPnV
mjwZWLNdqgEB6036yKm4aCg/ClS9D6MCOpOoN5JVJpiBtEYBglhK/+5Neb2vGHZG
2zKHcn3polUiJM6EjWAXgOVTFp/cQnZL8CXTOhxB4HUJCMOKuEYb
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:47:02 2025 by rpki-client