Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130342e302f32342d3234203d3e203339353231.roa
File: 3134332e32302e3130342e302f32342d3234203d3e203339353231.roa (raw, json)
Hash identifier: lpo6pdgwCTnOWKFsRug1788ZnUTFZl0U5nF0MItp4nU=
Subject key identifier: CF:46:D4:A0:F4:31:52:0D:44:3C:61:78:36:C3:AA:0F:BF:1F:68:52
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 2F658DB0884236CE0CBBB31E544AE00AB8170645
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130342e302f32342d3234203d3e203339353231.roa
Signing time: Wed 04 Jun 2025 15:10:56 +0000
ROA not before: Wed 04 Jun 2025 15:05:56 +0000
ROA not after: Wed 03 Jun 2026 15:10:56 +0000
asID: 39521
IP address blocks: 143.20.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:65:8d:b0:88:42:36:ce:0c:bb:b3:1e:54:4a:e0:0a:b8:17:06:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 4 15:05:56 2025 GMT
Not After : Jun 3 15:10:56 2026 GMT
Subject: CN=CF46D4A0F431520D443C617836C3AA0FBF1F6852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:21:32:3f:46:d9:b1:cc:38:16:87:cc:07:fa:
cb:2d:ba:37:30:e9:83:b7:ab:57:ea:7e:7d:76:35:
56:a0:26:c7:a3:df:f3:f0:84:9c:16:64:60:d1:6c:
bf:f6:dc:20:1c:8d:2c:36:51:a5:66:af:23:7d:39:
bb:87:28:ae:0e:42:22:83:53:11:3f:0a:29:bd:fa:
5d:b9:01:ee:db:af:8f:0f:7b:14:e3:a7:75:94:1d:
3d:08:9c:1c:dd:08:7c:f9:08:ad:8c:88:df:db:2f:
47:09:d8:18:fd:fc:5d:43:a5:2f:5f:b5:24:8f:f9:
87:b4:67:b3:95:1e:3d:6f:a1:a9:65:c7:f4:c1:00:
31:6a:76:19:af:4f:66:79:a8:e5:1a:b5:4d:63:16:
b9:45:da:9f:f3:05:10:39:30:1f:87:24:6e:dc:5e:
f8:62:1c:ef:2c:65:d8:29:0b:60:d7:9f:b6:83:91:
8d:04:02:5a:41:04:57:5d:88:94:f9:d4:02:5f:f3:
5e:c0:92:81:b8:ae:3c:22:0a:f7:52:ac:ff:57:44:
a2:b7:85:08:ce:55:e5:cd:ed:7b:18:aa:4b:14:7c:
42:9a:77:d6:6a:53:0a:90:8d:4a:ef:e0:f1:7f:cf:
e3:84:0c:df:51:51:23:2d:6f:5b:a7:77:ba:57:98:
43:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:46:D4:A0:F4:31:52:0D:44:3C:61:78:36:C3:AA:0F:BF:1F:68:52
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130342e302f32342d3234203d3e203339353231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.104.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:fd:92:87:77:f8:dd:59:63:57:6f:40:6a:5c:f9:bc:a1:3c:
ed:be:76:62:63:b0:8c:ca:98:bf:14:5e:28:2e:d8:be:63:94:
2b:4b:94:14:1c:6d:ac:93:9a:92:9c:c0:33:29:20:85:9d:d8:
56:29:0e:4e:5b:61:64:df:5a:97:39:2b:3d:55:04:23:d6:a1:
ce:af:12:50:9a:ce:d2:64:10:3b:d4:2e:2a:06:c0:4b:d0:fe:
68:a6:9e:e1:5c:4d:05:c4:c6:a3:cd:9b:85:cf:d5:05:60:2c:
65:71:a0:88:40:80:c8:44:02:f3:7a:32:6e:b4:1f:38:62:dd:
19:e0:71:c2:ae:b6:02:ac:5c:85:b0:3c:fb:58:91:4b:f3:28:
b3:89:fb:8c:c5:19:d3:b0:ed:3b:9f:cc:d2:2b:cc:7a:67:c6:
99:13:4e:bb:6f:6c:f4:27:d1:45:ff:e5:d5:a0:ae:5f:5d:31:
e4:b1:da:0d:a5:dc:5d:2b:b2:91:54:dc:7a:50:38:11:c9:f6:
94:bf:53:7d:21:c2:72:45:ac:e8:eb:a7:72:10:b3:b6:1c:87:
96:33:86:5d:05:1d:55:b1:b3:35:54:1a:10:b7:2f:94:a3:0e:
9e:ef:a9:ee:26:4f:88:08:1f:44:83:0d:be:68:b8:d3:9a:05:
2e:a4:18:1e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL2WNsIhCNs4Mu7MeVErgCrgXBkUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MDQxNTA1NTZaFw0yNjA2MDMxNTEwNTZaMDMxMTAvBgNV
BAMTKENGNDZENEEwRjQzMTUyMEQ0NDNDNjE3ODM2QzNBQTBGQkYxRjY4NTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/ITI/RtmxzDgWh8wH+sstujcw
6YO3q1fqfn12NVagJsej3/PwhJwWZGDRbL/23CAcjSw2UaVmryN9ObuHKK4OQiKD
UxE/Cim9+l25Ae7br48PexTjp3WUHT0InBzdCHz5CK2MiN/bL0cJ2Bj9/F1DpS9f
tSSP+Ye0Z7OVHj1voallx/TBADFqdhmvT2Z5qOUatU1jFrlF2p/zBRA5MB+HJG7c
XvhiHO8sZdgpC2DXn7aDkY0EAlpBBFddiJT51AJf817AkoG4rjwiCvdSrP9XRKK3
hQjOVeXN7XsYqksUfEKad9ZqUwqQjUrv4PF/z+OEDN9RUSMtb1und7pXmEMBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUz0bUoPQxUg1EPGF4NsOqD78faFIwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMw
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
jxRoMA0GCSqGSIb3DQEBCwUAA4IBAQCb/ZKHd/jdWWNXb0BqXPm8oTztvnZiY7CM
ypi/FF4oLti+Y5QrS5QUHG2sk5qSnMAzKSCFndhWKQ5OW2Fk31qXOSs9VQQj1qHO
rxJQms7SZBA71C4qBsBL0P5opp7hXE0FxMajzZuFz9UFYCxlcaCIQIDIRALzejJu
tB84Yt0Z4HHCrrYCrFyFsDz7WJFL8yizifuMxRnTsO07n8zSK8x6Z8aZE067b2z0
J9FF/+XVoK5fXTHksdoNpdxdK7KRVNx6UDgRyfaUv1N9IcJyRazo66dyELO2HIeW
M4ZdBR1VsbM1VBoQty+Uow6e76nuJk+ICB9Egw2+aLjTmgUupBge
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:41:37 2025 by rpki-client