Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131322e302f32332d3234203d3e20383334.roa
File: 3134332e32302e3131322e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: 6AUcdtwCM9giI31EDDx6xrTl0r9XIu4ad+7u34Yu52k=
Subject key identifier: 5A:3B:34:EC:22:C4:8A:65:60:31:A1:56:6B:0F:52:DC:ED:93:BD:1C
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 533CBAA8F82C3A190752068A9D477694449B4F6B
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131322e302f32332d3234203d3e20383334.roa
Signing time: Tue 03 Jun 2025 18:43:16 +0000
ROA not before: Tue 03 Jun 2025 18:38:16 +0000
ROA not after: Tue 02 Jun 2026 18:43:16 +0000
asID: 834
IP address blocks: 143.20.112.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 14:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:3c:ba:a8:f8:2c:3a:19:07:52:06:8a:9d:47:76:94:44:9b:4f:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 3 18:38:16 2025 GMT
Not After : Jun 2 18:43:16 2026 GMT
Subject: CN=5A3B34EC22C48A656031A1566B0F52DCED93BD1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:19:84:0b:d9:6b:c3:06:23:52:18:4f:19:5f:
75:5d:03:ce:19:da:64:fb:2a:cf:73:21:97:1d:0c:
6f:6d:6d:c5:77:02:ec:5a:1f:50:ba:f5:d6:e2:1f:
48:a5:96:60:b4:7a:19:58:15:73:80:4c:64:90:20:
f1:d0:3d:a4:b5:65:de:5b:37:32:c7:14:12:db:c7:
c5:a7:f9:01:09:33:b4:56:e1:4a:49:46:20:c6:b3:
a6:f6:f4:ec:d9:a1:7c:35:b0:1b:22:83:f9:4d:f3:
91:b7:8e:35:9a:0c:e3:73:cf:ac:0a:a7:de:12:8c:
90:48:60:42:64:da:14:1f:31:09:57:7e:1f:20:3d:
e1:0d:bb:be:bc:27:c7:62:6c:d6:2d:91:29:fb:b0:
d0:49:8a:40:c3:09:6f:ed:ad:33:fb:ef:24:c2:5e:
77:ef:81:69:df:99:d4:74:f0:2a:eb:1f:a5:7b:29:
fb:72:cb:54:2f:d3:46:d6:20:f7:61:be:5d:56:8a:
98:dd:f6:e1:25:b7:40:32:cb:20:bf:49:c9:39:7a:
10:45:6a:5f:b9:c8:d1:40:32:ed:54:64:78:12:bf:
19:4b:6c:b9:c6:6e:28:26:60:56:4b:60:a7:db:72:
d8:c3:04:cf:50:6c:a2:8c:f8:75:04:80:ea:ea:c7:
25:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3B:34:EC:22:C4:8A:65:60:31:A1:56:6B:0F:52:DC:ED:93:BD:1C
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131322e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.112.0/23
Signature Algorithm: sha256WithRSAEncryption
39:f4:9d:25:b2:67:45:49:62:40:86:6a:7b:2f:d2:3b:66:dd:
ff:0f:62:c4:de:1f:f9:83:35:37:0e:d0:fb:a6:9c:80:9a:0c:
e3:6d:7b:1b:c2:50:68:52:29:2e:71:16:9c:cf:f7:03:f4:a6:
01:b5:72:c7:84:d7:a2:86:4d:cf:71:2b:4a:71:0e:f0:e7:1e:
e2:9b:b0:98:a6:75:11:e5:87:23:d2:85:22:ff:e9:6f:4c:de:
86:a2:d0:61:8d:f8:1b:ff:ef:ec:fd:a3:76:8c:1a:91:60:60:
27:dc:7b:75:25:3b:14:e8:42:ca:67:e9:12:75:c0:ec:26:05:
e7:5a:a6:14:89:0c:1e:22:8e:eb:ee:0d:59:68:d4:e6:75:e7:
2c:d6:18:c6:84:00:d0:d8:a7:3e:7d:bd:b4:7e:57:23:f9:56:
e7:17:96:0d:ef:7e:34:c3:a1:59:00:41:7d:ba:93:cc:8a:28:
45:b9:63:a1:b1:d0:ce:6f:fd:a6:e6:e6:87:5d:b8:59:f5:4a:
b3:2e:2a:5c:d8:3c:0d:56:ee:ef:99:ab:30:a5:0c:c4:96:11:
06:b7:28:3f:8c:20:71:68:cf:6e:e7:e6:db:ec:3b:c8:a6:5f:
3d:8b:60:d7:45:0d:7c:de:04:50:0f:1b:6e:b4:36:de:ea:22:
dd:4e:c8:0b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUUzy6qPgsOhkHUgaKnUd2lESbT2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MDMxODM4MTZaFw0yNjA2MDIxODQzMTZaMDMxMTAvBgNV
BAMTKDVBM0IzNEVDMjJDNDhBNjU2MDMxQTE1NjZCMEY1MkRDRUQ5M0JEMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0GYQL2WvDBiNSGE8ZX3VdA84Z
2mT7Ks9zIZcdDG9tbcV3AuxaH1C69dbiH0illmC0ehlYFXOATGSQIPHQPaS1Zd5b
NzLHFBLbx8Wn+QEJM7RW4UpJRiDGs6b29OzZoXw1sBsig/lN85G3jjWaDONzz6wK
p94SjJBIYEJk2hQfMQlXfh8gPeENu768J8dibNYtkSn7sNBJikDDCW/trTP77yTC
XnfvgWnfmdR08CrrH6V7Kftyy1Qv00bWIPdhvl1Wipjd9uElt0AyyyC/Sck5ehBF
al+5yNFAMu1UZHgSvxlLbLnGbigmYFZLYKfbctjDBM9QbKKM+HUEgOrqxyXJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUWjs07CLEimVgMaFWaw9S3O2TvRwwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMx
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGPFHAw
DQYJKoZIhvcNAQELBQADggEBADn0nSWyZ0VJYkCGansv0jtm3f8PYsTeH/mDNTcO
0PumnICaDONtexvCUGhSKS5xFpzP9wP0pgG1cseE16KGTc9xK0pxDvDnHuKbsJim
dRHlhyPShSL/6W9M3oai0GGN+Bv/7+z9o3aMGpFgYCfce3UlOxToQspn6RJ1wOwm
BedaphSJDB4ijuvuDVlo1OZ15yzWGMaEANDYpz59vbR+VyP5VucXlg3vfjTDoVkA
QX26k8yKKEW5Y6Gx0M5v/abm5odduFn1SrMuKlzYPA1W7u+ZqzClDMSWEQa3KD+M
IHFoz27n5tvsO8imXz2LYNdFDXzeBFAPG260Nt7qIt1OyAs=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:22:42 2025 by rpki-client