Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130312e302f32342d3234203d3e20383334.roa
File: 3134332e32302e3130312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: U4l7fsN+zXMb61brYllfyhhYtqm1+pubHoLCyZZjGDk=
Subject key identifier: 2C:96:C1:C6:73:99:8A:55:36:8F:E0:CD:FE:4E:05:3E:72:E0:16:28
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 12BE4B07D30EDF2DF6885FCD924F379D1345C31D
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130312e302f32342d3234203d3e20383334.roa
Signing time: Thu 29 May 2025 11:54:42 +0000
ROA not before: Thu 29 May 2025 11:49:42 +0000
ROA not after: Thu 28 May 2026 11:54:42 +0000
asID: 834
IP address blocks: 143.20.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 12:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:be:4b:07:d3:0e:df:2d:f6:88:5f:cd:92:4f:37:9d:13:45:c3:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 29 11:49:42 2025 GMT
Not After : May 28 11:54:42 2026 GMT
Subject: CN=2C96C1C673998A55368FE0CDFE4E053E72E01628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:0c:c0:06:0b:06:5c:40:fb:4a:05:78:10:81:
3d:db:13:37:6f:83:64:a5:c6:b5:53:f3:4c:12:23:
bb:fb:67:aa:9b:25:6d:9d:84:f2:8d:c6:db:e2:b8:
84:c7:41:34:c8:69:db:71:1c:93:22:2a:79:24:83:
33:4c:05:81:1d:03:95:bd:87:05:4f:24:25:9c:52:
23:c6:78:40:ca:17:d1:05:4e:ac:3e:93:7d:03:ce:
bc:ee:ae:f3:fe:61:12:b0:81:99:7b:3e:7d:5c:4e:
1e:da:cf:a2:42:53:7e:ff:5f:cc:20:95:e1:2d:fa:
f7:46:e7:d2:95:b9:58:d3:71:2a:63:e3:ca:4b:1e:
38:4f:be:7b:8f:eb:fb:25:72:0f:02:55:ae:2d:da:
5d:6b:85:59:7e:b5:b6:ce:5f:61:22:f3:2c:25:a8:
14:da:64:bc:7f:5d:38:da:94:a5:26:1f:64:57:70:
e6:a9:29:ff:6e:4f:c3:0e:87:be:62:03:65:9b:ae:
96:d6:1e:47:53:43:47:3d:f5:db:ba:74:6f:9c:8e:
02:69:ec:e7:41:10:ca:6c:b2:0b:e4:0f:84:62:cc:
36:76:e7:c8:de:d9:63:fd:21:d8:65:da:bb:6c:28:
be:b4:30:11:a2:27:50:50:07:87:b8:46:7e:34:62:
51:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:96:C1:C6:73:99:8A:55:36:8F:E0:CD:FE:4E:05:3E:72:E0:16:28
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.101.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:3d:d5:5c:b0:42:f9:0a:88:2e:6e:cb:85:dc:92:b6:23:c4:
5b:aa:57:b4:dd:77:fb:4f:46:83:54:ac:ca:35:ee:cf:e5:1e:
3e:b1:1c:9e:c3:42:44:e9:02:35:ca:00:2a:b2:fb:51:64:21:
68:15:2c:5f:66:72:33:9f:5e:07:b5:10:d3:22:31:c6:c9:3b:
b7:34:57:52:a9:c8:a2:c1:03:af:a5:17:4c:be:c1:e9:94:e9:
32:7b:d7:a8:95:f2:90:71:2c:61:4d:05:55:46:a6:47:d7:36:
22:63:22:48:73:07:d1:58:d0:33:03:42:7a:2f:60:e7:5b:6b:
49:48:89:e4:cc:ea:c5:25:6f:83:6e:17:01:0c:11:c7:f9:b1:
be:f0:2a:58:44:38:49:ac:ca:41:03:ed:ac:4b:6c:78:8a:c1:
62:2c:8e:29:e6:d6:b9:8e:0d:46:14:46:ed:c7:39:7a:5d:3b:
98:33:37:71:e0:87:22:87:98:16:67:30:75:ef:4b:48:0b:3b:
cf:9f:64:7a:ec:59:60:9d:78:58:14:c3:1d:f8:64:2d:a4:61:
28:76:77:bf:e1:78:da:f0:61:fc:fc:da:fd:7d:63:01:e4:2d:
bd:b8:f8:79:a7:ee:e6:7f:d2:73:50:8c:f8:5f:31:b2:20:da:
40:a1:83:80
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUEr5LB9MO3y32iF/Nkk83nRNFwx0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MjkxMTQ5NDJaFw0yNjA1MjgxMTU0NDJaMDMxMTAvBgNV
BAMTKDJDOTZDMUM2NzM5OThBNTUzNjhGRTBDREZFNEUwNTNFNzJFMDE2MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkDMAGCwZcQPtKBXgQgT3bEzdv
g2SlxrVT80wSI7v7Z6qbJW2dhPKNxtviuITHQTTIadtxHJMiKnkkgzNMBYEdA5W9
hwVPJCWcUiPGeEDKF9EFTqw+k30DzrzurvP+YRKwgZl7Pn1cTh7az6JCU37/X8wg
leEt+vdG59KVuVjTcSpj48pLHjhPvnuP6/slcg8CVa4t2l1rhVl+tbbOX2Ei8ywl
qBTaZLx/XTjalKUmH2RXcOapKf9uT8MOh75iA2WbrpbWHkdTQ0c99du6dG+cjgJp
7OdBEMpssgvkD4RizDZ258je2WP9Idhl2rtsKL60MBGiJ1BQB4e4Rn40YlG/AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQULJbBxnOZilU2j+DN/k4FPnLgFigwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMw
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACPFGUw
DQYJKoZIhvcNAQELBQADggEBAE491VywQvkKiC5uy4XckrYjxFuqV7Tdd/tPRoNU
rMo17s/lHj6xHJ7DQkTpAjXKACqy+1FkIWgVLF9mcjOfXge1ENMiMcbJO7c0V1Kp
yKLBA6+lF0y+wemU6TJ716iV8pBxLGFNBVVGpkfXNiJjIkhzB9FY0DMDQnovYOdb
a0lIieTM6sUlb4NuFwEMEcf5sb7wKlhEOEmsykED7axLbHiKwWIsjinm1rmODUYU
Ru3HOXpdO5gzN3HghyKHmBZnMHXvS0gLO8+fZHrsWWCdeFgUwx34ZC2kYSh2d7/h
eNrwYfz82v19YwHkLb24+Hmn7uZ/0nNQjPhfMbIg2kChg4A=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:22:26 2025 by rpki-client