Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130342e302f32312d3234203d3e20383334.roa
File: 3134332e32302e3130342e302f32312d3234203d3e20383334.roa (raw, json)
Hash identifier: xfEhLGHvfmKTQgHeqBIZkFTWG5DrfBO3YXTfl82WJvM=
Subject key identifier: BC:DB:FF:AC:13:F8:DC:22:1F:83:2A:34:07:A7:1D:82:C5:F5:51:43
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 51C0EFEED96428F5A6FA278A7E50ECD7A4607EAA
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130342e302f32312d3234203d3e20383334.roa
Signing time: Sun 18 May 2025 17:41:36 +0000
ROA not before: Sun 18 May 2025 17:36:36 +0000
ROA not after: Sun 17 May 2026 17:41:36 +0000
asID: 834
IP address blocks: 143.20.104.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 15:10:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:c0:ef:ee:d9:64:28:f5:a6:fa:27:8a:7e:50:ec:d7:a4:60:7e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 18 17:36:36 2025 GMT
Not After : May 17 17:41:36 2026 GMT
Subject: CN=BCDBFFAC13F8DC221F832A3407A71D82C5F55143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c3:73:cc:9e:0c:33:54:51:64:57:4b:57:65:
fe:e6:e1:48:d1:50:58:4a:b2:e5:aa:ad:2d:e8:cd:
44:d0:cc:35:97:2b:a0:22:2f:c4:78:88:c0:e8:b1:
69:34:71:12:d2:c5:b9:cf:ae:f4:54:19:53:6a:83:
59:71:c5:98:1b:27:97:98:9f:87:59:be:6b:b4:0a:
db:08:d5:ae:b2:e3:f7:c8:e4:6a:ef:0b:53:35:cc:
30:13:f4:89:36:43:cb:7d:9a:b6:4d:49:b0:b5:b9:
d1:0a:37:99:c1:29:18:01:a4:d9:fb:a7:a8:30:61:
ed:ad:06:ac:8a:56:48:02:4e:55:7b:da:87:9f:3c:
65:5c:46:6e:66:b5:ac:52:b8:56:c0:41:d1:21:90:
28:36:d5:95:bb:a7:0d:2a:df:55:a5:56:d2:aa:ad:
b1:c9:75:9b:26:0b:f9:99:6f:ed:3a:b0:7a:aa:a1:
79:b6:e3:9f:b6:da:01:cb:37:69:a2:d6:e9:ad:7e:
3d:74:4c:77:3f:55:d2:1d:6f:3d:eb:62:ac:4b:4d:
f5:71:44:2a:41:0f:80:22:17:0e:a2:67:a2:ad:28:
42:55:73:68:4c:3d:50:8b:0e:12:c2:cd:e4:2a:22:
fa:83:e5:ed:9b:ae:c2:ad:15:73:b5:c6:d9:72:7a:
5c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:DB:FF:AC:13:F8:DC:22:1F:83:2A:34:07:A7:1D:82:C5:F5:51:43
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130342e302f32312d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.104.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:b5:36:22:8b:f1:9d:a4:c8:3e:fd:f9:1a:af:11:d3:95:64:
16:12:85:a9:f0:db:36:2a:08:c5:93:a5:bc:54:f5:89:5a:ee:
3e:27:f6:93:b4:64:c8:14:a3:ff:9a:bb:06:ed:17:e9:50:17:
d8:eb:8f:35:81:0b:0b:a8:71:22:ff:49:4b:63:ff:87:2f:15:
4c:c4:e5:50:82:07:8f:52:e0:79:ec:e9:0b:80:b5:1e:6f:69:
ea:e6:c6:d5:1a:eb:f8:72:b3:fb:c5:fe:ee:0b:07:83:2a:76:
7a:46:1c:f5:9b:75:fc:8a:5b:2a:3e:76:c6:63:5d:12:7c:38:
a4:51:40:0f:6c:05:63:cd:7e:26:0d:2b:a3:b8:26:09:d9:fb:
b2:df:64:38:f3:c0:fb:fb:ed:a4:9d:ec:c4:e2:80:33:e0:81:
6c:e2:a0:9c:4f:f2:1e:46:ff:1a:74:53:8d:88:2c:cf:a9:3f:
4b:f3:d2:23:b2:03:80:55:3c:ed:7d:a3:8a:0e:61:df:11:78:
b7:51:53:82:df:cc:d9:4e:c2:86:7c:8f:36:bd:2b:d5:b2:d1:
40:46:07:f6:5f:d5:61:4a:4b:f9:95:0e:cd:e9:ba:91:e1:47:
f1:41:1b:9b:4b:15:92:e2:1b:4e:a3:e8:fa:dc:c2:06:4a:80:
06:89:84:5c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUUcDv7tlkKPWm+ieKflDs16RgfqowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MTgxNzM2MzZaFw0yNjA1MTcxNzQxMzZaMDMxMTAvBgNV
BAMTKEJDREJGRkFDMTNGOERDMjIxRjgzMkEzNDA3QTcxRDgyQzVGNTUxNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChw3PMngwzVFFkV0tXZf7m4UjR
UFhKsuWqrS3ozUTQzDWXK6AiL8R4iMDosWk0cRLSxbnPrvRUGVNqg1lxxZgbJ5eY
n4dZvmu0CtsI1a6y4/fI5GrvC1M1zDAT9Ik2Q8t9mrZNSbC1udEKN5nBKRgBpNn7
p6gwYe2tBqyKVkgCTlV72oefPGVcRm5mtaxSuFbAQdEhkCg21ZW7pw0q31WlVtKq
rbHJdZsmC/mZb+06sHqqoXm245+22gHLN2mi1umtfj10THc/VdIdbz3rYqxLTfVx
RCpBD4AiFw6iZ6KtKEJVc2hMPVCLDhLCzeQqIvqD5e2brsKtFXO1xtlyelwFAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUvNv/rBP43CIfgyo0B6cdgsX1UUMwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMw
MzQyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOPFGgw
DQYJKoZIhvcNAQELBQADggEBAIu1NiKL8Z2kyD79+RqvEdOVZBYShanw2zYqCMWT
pbxU9Yla7j4n9pO0ZMgUo/+auwbtF+lQF9jrjzWBCwuocSL/SUtj/4cvFUzE5VCC
B49S4Hns6QuAtR5vaermxtUa6/hys/vF/u4LB4MqdnpGHPWbdfyKWyo+dsZjXRJ8
OKRRQA9sBWPNfiYNK6O4JgnZ+7LfZDjzwPv77aSd7MTigDPggWzioJxP8h5G/xp0
U42ILM+pP0vz0iOyA4BVPO19o4oOYd8ReLdRU4LfzNlOwoZ8jza9K9Wy0UBGB/Zf
1WFKS/mVDs3pupHhR/FBG5tLFZLiG06j6PrcwgZKgAaJhFw=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:14:56 2025 by rpki-client