Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130362e302f32332d3234203d3e20383334.roa
File: 3134332e32302e3130362e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: +Ya5vb7y81z6ENsowADem40lqK5K85RuTxeinw76arU=
Subject key identifier: 91:40:67:64:7F:A8:91:FB:D7:1A:1B:5E:82:9B:6B:E1:92:4C:EB:20
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 17A3A08E65F33D8DF8D666AE0F0EACE114FA1688
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130362e302f32332d3234203d3e20383334.roa
Signing time: Wed 04 Jun 2025 15:11:04 +0000
ROA not before: Wed 04 Jun 2025 15:06:04 +0000
ROA not after: Wed 03 Jun 2026 15:11:04 +0000
asID: 834
IP address blocks: 143.20.106.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:a3:a0:8e:65:f3:3d:8d:f8:d6:66:ae:0f:0e:ac:e1:14:fa:16:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 4 15:06:04 2025 GMT
Not After : Jun 3 15:11:04 2026 GMT
Subject: CN=914067647FA891FBD71A1B5E829B6BE1924CEB20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5a:84:a0:f5:47:71:56:b4:fd:6b:cf:a4:ff:
9d:7f:42:73:00:09:86:ab:99:d5:17:4c:55:50:e5:
c5:4f:72:a6:2c:b3:91:50:7c:d0:74:e0:d9:e8:66:
c2:25:15:ca:97:d2:ea:41:7f:09:67:43:c5:aa:4f:
49:a8:53:3b:98:b7:e4:8e:b2:25:55:14:81:13:7d:
fb:e8:34:e9:d1:b4:9a:b2:11:2b:a8:44:39:75:3d:
c8:94:f7:7a:69:01:db:2b:b0:87:35:05:6d:56:10:
06:5b:e0:51:09:c7:09:a6:2f:31:6d:e4:a1:a5:46:
e3:b3:ef:46:17:0e:9b:c5:0e:af:21:6c:7f:8a:42:
e3:cc:61:bd:08:c0:2c:c5:79:9f:b1:c1:2c:48:d5:
9a:9b:c7:af:d9:2f:e7:40:1f:22:c6:4f:dc:7c:cc:
d1:fb:4c:2a:0e:69:f8:ca:21:3a:f4:50:a3:0e:36:
90:4b:6e:ea:a6:52:1a:ce:26:ac:13:0a:66:30:f5:
56:46:4f:db:86:6d:a4:37:96:b8:e2:2b:2f:0b:03:
40:98:aa:07:f3:1d:dc:29:fc:7f:a5:0e:60:db:d5:
73:d4:8f:61:29:45:54:72:4d:47:88:34:03:3c:95:
4f:4a:21:d0:78:07:2e:d8:01:10:e8:5d:50:75:89:
a6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:40:67:64:7F:A8:91:FB:D7:1A:1B:5E:82:9B:6B:E1:92:4C:EB:20
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130362e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.106.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:e9:32:8c:f7:1a:15:0a:93:c7:cf:ad:5a:85:f9:9f:6d:61:
f1:bf:52:a3:e0:a5:ea:b5:1a:dc:8e:b7:8e:67:23:f9:ff:df:
20:4c:b1:70:eb:c1:10:40:1c:fd:09:df:86:a5:02:25:b8:48:
89:cc:4e:7b:cc:75:46:0f:a3:3d:b0:e5:e9:a1:f5:a1:54:42:
14:81:94:0a:ca:6a:a7:4b:54:74:74:71:d9:43:b0:e7:5b:fc:
2e:00:94:15:56:56:5f:c9:a8:f6:a6:d6:a2:f4:ed:fc:17:66:
5d:52:9a:b7:bd:37:4f:15:4a:11:3d:fd:49:44:dd:7c:b4:0b:
72:0f:d7:99:16:1d:63:6d:73:7b:1e:87:e5:cc:00:06:f1:85:
50:b7:a2:58:4d:6c:d0:94:70:7e:bf:db:1f:24:65:f6:22:1c:
49:4d:68:83:22:cd:6b:9b:98:9c:08:3f:21:40:d5:80:79:38:
ae:bd:db:ad:70:51:65:10:e8:e4:db:67:f8:23:e1:75:a7:1f:
5d:91:b4:f9:53:a7:79:d9:85:69:8a:b4:9c:f9:df:13:3c:33:
20:1d:03:2f:91:a3:d2:3c:bd:d9:62:23:f6:b2:43:63:56:3a:
d1:c1:d8:00:6c:06:cf:cb:8a:7d:be:b2:b0:ed:78:f6:86:8f:
df:21:d6:ac
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUF6OgjmXzPY341mauDw6s4RT6FogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MDQxNTA2MDRaFw0yNjA2MDMxNTExMDRaMDMxMTAvBgNV
BAMTKDkxNDA2NzY0N0ZBODkxRkJENzFBMUI1RTgyOUI2QkUxOTI0Q0VCMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSWoSg9UdxVrT9a8+k/51/QnMA
CYarmdUXTFVQ5cVPcqYss5FQfNB04NnoZsIlFcqX0upBfwlnQ8WqT0moUzuYt+SO
siVVFIETffvoNOnRtJqyESuoRDl1PciU93ppAdsrsIc1BW1WEAZb4FEJxwmmLzFt
5KGlRuOz70YXDpvFDq8hbH+KQuPMYb0IwCzFeZ+xwSxI1Zqbx6/ZL+dAHyLGT9x8
zNH7TCoOafjKITr0UKMONpBLbuqmUhrOJqwTCmYw9VZGT9uGbaQ3lrjiKy8LA0CY
qgfzHdwp/H+lDmDb1XPUj2EpRVRyTUeINAM8lU9KIdB4By7YARDoXVB1iabfAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUkUBnZH+okfvXGhtegptr4ZJM6yAwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMw
MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGPFGow
DQYJKoZIhvcNAQELBQADggEBAMDpMoz3GhUKk8fPrVqF+Z9tYfG/UqPgpeq1GtyO
t45nI/n/3yBMsXDrwRBAHP0J34alAiW4SInMTnvMdUYPoz2w5emh9aFUQhSBlArK
aqdLVHR0cdlDsOdb/C4AlBVWVl/JqPam1qL07fwXZl1Smre9N08VShE9/UlE3Xy0
C3IP15kWHWNtc3seh+XMAAbxhVC3olhNbNCUcH6/2x8kZfYiHElNaIMizWubmJwI
PyFA1YB5OK69261wUWUQ6OTbZ/gj4XWnH12RtPlTp3nZhWmKtJz53xM8MyAdAy+R
o9I8vdliI/ayQ2NWOtHB2ABsBs/Lin2+srDtePaGj98h1qw=
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:41:35 2025 by rpki-client