Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131332e302f32342d3234203d3e2037393739.roa
File: 3134332e32302e3131332e302f32342d3234203d3e2037393739.roa (raw, json)
Hash identifier: Ck3MLvwytzpnjP1uFRDzeWxfpG8yawmvHKVy9ck09HY=
Subject key identifier: CD:66:E7:F1:07:FE:73:50:9B:46:5C:3B:E1:72:48:D0:75:C9:8F:BD
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 2A3F68D670264CFDB0B5642E176A38E3BCA94F22
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131332e302f32342d3234203d3e2037393739.roa
Signing time: Thu 05 Jun 2025 14:19:37 +0000
ROA not before: Thu 05 Jun 2025 14:14:37 +0000
ROA not after: Thu 04 Jun 2026 14:19:37 +0000
asID: 7979
IP address blocks: 143.20.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:3f:68:d6:70:26:4c:fd:b0:b5:64:2e:17:6a:38:e3:bc:a9:4f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 5 14:14:37 2025 GMT
Not After : Jun 4 14:19:37 2026 GMT
Subject: CN=CD66E7F107FE73509B465C3BE17248D075C98FBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a8:6a:4c:a6:4a:f7:45:b0:f2:a1:ba:49:e1:
02:b8:02:6c:80:7e:82:7b:c5:38:0b:93:10:c5:0c:
55:9f:d9:35:d9:54:df:49:cb:3c:fd:10:1b:84:2d:
79:f4:32:71:93:74:84:c3:1e:87:8b:c7:7d:dc:dc:
92:70:d3:91:e6:f7:cb:74:6c:07:95:6d:c3:21:d8:
3f:cb:22:6f:73:cc:a4:98:e8:70:b9:62:31:dc:e3:
c4:c6:7f:40:e3:7d:a8:fd:e8:15:0f:fd:b8:08:96:
dd:dc:06:e7:a6:85:88:2c:1b:c2:02:2c:a7:a2:5d:
aa:99:5d:a6:c1:3e:57:59:fe:83:20:f9:ad:88:ec:
8c:b9:d3:e6:94:30:0d:42:80:84:34:d6:85:d6:73:
0d:05:e0:94:21:8a:f7:8d:b6:c9:70:c6:0e:f4:a2:
22:61:6d:e9:06:b2:17:5b:48:d5:78:fe:9f:15:bb:
83:95:1e:e5:52:15:83:9f:aa:09:6a:b6:34:6a:64:
0a:01:85:a7:3d:ad:14:9a:03:f8:01:fb:ab:32:3b:
80:25:aa:be:1d:3b:6f:e0:4c:4c:53:01:a6:3f:d1:
50:ad:0a:f0:ba:21:92:1f:97:41:47:ea:c3:da:08:
ff:e2:fb:18:92:e1:77:3a:7d:22:c3:ef:34:6f:b7:
90:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:66:E7:F1:07:FE:73:50:9B:46:5C:3B:E1:72:48:D0:75:C9:8F:BD
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131332e302f32342d3234203d3e2037393739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.113.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:1f:45:97:60:99:49:c9:8b:e0:91:2d:ba:09:f1:f0:ac:b0:
5c:18:26:e8:fd:14:99:60:f1:4c:cb:1a:11:40:d8:d6:b8:36:
89:3f:13:72:47:ec:3e:65:97:e0:80:6f:5f:9e:f8:d5:9e:1e:
d0:76:d5:a2:bd:97:ff:29:10:5a:93:0e:93:85:cb:a2:db:0c:
30:61:38:57:58:ca:6a:21:41:b3:4f:fb:24:b5:8e:9f:26:42:
26:1e:e4:de:ed:0e:c2:2e:1c:37:ca:76:22:c2:13:69:77:07:
89:4f:2c:a6:a3:01:c3:73:7b:f8:c4:fc:c0:9c:4e:b8:2a:68:
e3:d8:28:de:f2:89:e8:fa:58:27:39:1a:e5:ed:77:e7:93:08:
08:f9:cb:dd:e0:6e:e9:0d:9d:8a:ef:b6:a0:df:74:5c:36:20:
24:6b:cd:1b:c0:02:53:24:3a:21:af:6c:f0:34:e0:2f:9d:75:
47:d1:d0:c0:3d:5e:1d:61:44:42:f1:cb:71:ac:17:d6:26:16:
2d:9c:e2:96:99:42:9c:bd:7a:57:55:47:aa:13:20:cb:f8:d0:
32:a2:58:b9:ee:20:e4:b8:2b:7a:f6:03:93:02:bb:ba:a2:ec:
80:b6:1f:0e:24:89:4e:11:b4:21:f2:0f:d7:a6:60:34:8a:6e:
93:e5:c3:eb
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUKj9o1nAmTP2wtWQuF2o447ypTyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MDUxNDE0MzdaFw0yNjA2MDQxNDE5MzdaMDMxMTAvBgNV
BAMTKENENjZFN0YxMDdGRTczNTA5QjQ2NUMzQkUxNzI0OEQwNzVDOThGQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChqGpMpkr3RbDyobpJ4QK4AmyA
foJ7xTgLkxDFDFWf2TXZVN9Jyzz9EBuELXn0MnGTdITDHoeLx33c3JJw05Hm98t0
bAeVbcMh2D/LIm9zzKSY6HC5YjHc48TGf0Djfaj96BUP/bgIlt3cBuemhYgsG8IC
LKeiXaqZXabBPldZ/oMg+a2I7Iy50+aUMA1CgIQ01oXWcw0F4JQhiveNtslwxg70
oiJhbekGshdbSNV4/p8Vu4OVHuVSFYOfqglqtjRqZAoBhac9rRSaA/gB+6syO4Al
qr4dO2/gTExTAaY/0VCtCvC6IZIfl0FH6sPaCP/i+xiS4Xc6fSLD7zRvt5DxAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUzWbn8Qf+c1CbRlw74XJI0HXJj70wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNzM5MzczOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI8U
cTANBgkqhkiG9w0BAQsFAAOCAQEAtB9Fl2CZScmL4JEtugnx8KywXBgm6P0UmWDx
TMsaEUDY1rg2iT8TckfsPmWX4IBvX5741Z4e0HbVor2X/ykQWpMOk4XLotsMMGE4
V1jKaiFBs0/7JLWOnyZCJh7k3u0Owi4cN8p2IsITaXcHiU8spqMBw3N7+MT8wJxO
uCpo49go3vKJ6PpYJzka5e1355MICPnL3eBu6Q2diu+2oN90XDYgJGvNG8ACUyQ6
Ia9s8DTgL511R9HQwD1eHWFEQvHLcawX1iYWLZzilplCnL16V1VHqhMgy/jQMqJY
ue4g5LgrevYDkwK7uqLsgLYfDiSJThG0IfIP16ZgNIpuk+XD6w==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:45:28 2025 by rpki-client