Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130382e302f32322d3234203d3e20383334.roa
File: 3134332e32302e3130382e302f32322d3234203d3e20383334.roa (raw, json)
Hash identifier: LqBsqUjpMeZjrtpvCHLkDt/7Un624V/biP/dPRnR4FE=
Subject key identifier: D4:99:F9:FC:FE:6D:FC:DF:3D:A1:77:BC:67:73:B8:61:41:ED:7A:68
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 031A5DDAE3C279F2C5874F619CEF2A3F8E61F364
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130382e302f32322d3234203d3e20383334.roa
Signing time: Wed 04 Jun 2025 15:11:05 +0000
ROA not before: Wed 04 Jun 2025 15:06:05 +0000
ROA not after: Wed 03 Jun 2026 15:11:05 +0000
asID: 834
IP address blocks: 143.20.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:1a:5d:da:e3:c2:79:f2:c5:87:4f:61:9c:ef:2a:3f:8e:61:f3:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 4 15:06:05 2025 GMT
Not After : Jun 3 15:11:05 2026 GMT
Subject: CN=D499F9FCFE6DFCDF3DA177BC6773B86141ED7A68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e1:9c:dc:43:42:2d:99:bd:da:58:bb:3c:e0:
db:46:36:3e:aa:23:85:fe:64:70:2a:9f:a8:b0:70:
d6:ae:0c:d5:db:22:63:48:dc:b9:9a:c8:6f:44:89:
0c:4b:6e:c5:6b:7e:70:65:9e:2b:95:04:96:12:8e:
6c:84:a3:1d:c2:a1:20:f2:10:dd:48:af:9a:56:97:
72:82:57:86:ef:aa:a5:fd:05:32:43:d8:df:93:28:
3f:f7:a4:10:11:67:f3:ca:05:e3:3f:cc:8b:65:0e:
fe:9e:22:a4:cd:21:ed:1b:f2:5a:ce:c4:c7:23:d3:
ff:92:b8:1a:d3:68:e4:20:e6:49:ea:cd:52:4c:ef:
f1:25:66:5d:48:85:de:4d:3e:cf:e3:98:51:4c:80:
20:22:0e:90:c2:9e:82:a9:13:88:c2:48:c5:3d:90:
e3:70:dd:35:a0:86:33:0e:27:7b:7b:a8:05:f3:e1:
03:b0:c9:1f:d5:75:c0:af:95:c2:4d:05:22:8e:8f:
df:77:d2:12:fb:6b:f7:7b:7b:99:ed:27:d7:7c:ce:
eb:9e:35:36:a6:12:1b:4e:db:7c:e2:e8:38:f8:69:
22:bc:23:43:35:45:60:31:5b:fc:9a:70:40:b1:86:
05:0f:18:4e:69:50:54:19:2f:fc:86:3a:52:be:56:
ce:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:99:F9:FC:FE:6D:FC:DF:3D:A1:77:BC:67:73:B8:61:41:ED:7A:68
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3130382e302f32322d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.108.0/22
Signature Algorithm: sha256WithRSAEncryption
d0:4f:06:d5:b5:ce:3d:8e:73:f9:4d:09:c8:99:58:c5:25:f3:
8e:29:c4:dc:15:aa:73:6c:52:e2:ce:a9:3e:69:94:5c:01:c6:
9c:03:8b:81:50:da:e4:ee:57:75:64:b9:c7:15:e0:b5:53:93:
5e:40:01:9a:5d:93:7c:89:e2:7b:d6:a1:5d:bd:33:3d:d3:b9:
bf:1c:03:d9:47:13:a6:af:27:2e:fa:d5:c9:5d:87:e0:fe:cb:
41:78:ec:f2:30:4d:43:5a:c9:0d:9a:80:75:71:6c:20:ae:9b:
31:62:14:bf:c7:cd:d2:a2:6a:2a:39:5b:d5:53:d8:d1:b0:b9:
ee:10:59:04:a3:a3:f1:bc:73:d1:f4:d7:06:e8:d2:36:1a:af:
76:e8:3c:88:8c:bd:c5:4c:b6:37:dd:2a:ba:99:e9:80:ac:16:
d6:57:74:52:b1:dd:38:e8:10:68:88:57:7d:bf:79:5f:72:e2:
c3:b1:4c:28:2b:1a:5d:94:10:6e:61:d6:07:73:a5:ed:fa:30:
f6:7e:0b:2d:b3:24:e8:3f:c2:35:98:56:aa:ee:35:09:9c:d3:
e0:19:b1:19:98:af:03:ed:55:d1:d8:44:ba:eb:38:7d:e2:cd:
d5:cf:9c:a4:e6:34:6b:73:1f:23:98:be:0b:e0:c8:fc:0c:a2:
fb:6e:c1:b5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUAxpd2uPCefLFh09hnO8qP45h82QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MDQxNTA2MDVaFw0yNjA2MDMxNTExMDVaMDMxMTAvBgNV
BAMTKEQ0OTlGOUZDRkU2REZDREYzREExNzdCQzY3NzNCODYxNDFFRDdBNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl4ZzcQ0Itmb3aWLs84NtGNj6q
I4X+ZHAqn6iwcNauDNXbImNI3LmayG9EiQxLbsVrfnBlniuVBJYSjmyEox3CoSDy
EN1Ir5pWl3KCV4bvqqX9BTJD2N+TKD/3pBARZ/PKBeM/zItlDv6eIqTNIe0b8lrO
xMcj0/+SuBrTaOQg5knqzVJM7/ElZl1Ihd5NPs/jmFFMgCAiDpDCnoKpE4jCSMU9
kONw3TWghjMOJ3t7qAXz4QOwyR/VdcCvlcJNBSKOj9930hL7a/d7e5ntJ9d8zuue
NTamEhtO23zi6Dj4aSK8I0M1RWAxW/yacECxhgUPGE5pUFQZL/yGOlK+Vs7bAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU1Jn5/P5t/N89oXe8Z3O4YUHtemgwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMw
MzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKPFGww
DQYJKoZIhvcNAQELBQADggEBANBPBtW1zj2Oc/lNCciZWMUl844pxNwVqnNsUuLO
qT5plFwBxpwDi4FQ2uTuV3VkuccV4LVTk15AAZpdk3yJ4nvWoV29Mz3Tub8cA9lH
E6avJy761cldh+D+y0F47PIwTUNayQ2agHVxbCCumzFiFL/HzdKiaio5W9VT2NGw
ue4QWQSjo/G8c9H01wbo0jYar3boPIiMvcVMtjfdKrqZ6YCsFtZXdFKx3TjoEGiI
V32/eV9y4sOxTCgrGl2UEG5h1gdzpe36MPZ+Cy2zJOg/wjWYVqruNQmc0+AZsRmY
rwPtVdHYRLrrOH3izdXPnKTmNGtzHyOYvgvgyPwMovtuwbU=
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:47:13 2025 by rpki-client