Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131362e302f32332d3234203d3e20383334.roa
File: 3134332e32302e3131362e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: HKpsz2cMD8OlZ4egU+oe9H1RDpXXzyuQuLG80GgJCrI=
Subject key identifier: C6:24:33:BC:87:1C:46:FD:F3:EE:64:6B:70:0E:E9:B1:D2:00:F5:28
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 22CFD7B990A8B6DB3FC5FD21E01E7BD5E2FA981F
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131362e302f32332d3234203d3e20383334.roa
Signing time: Sat 17 May 2025 03:58:17 +0000
ROA not before: Sat 17 May 2025 03:53:17 +0000
ROA not after: Sat 16 May 2026 03:58:17 +0000
asID: 834
IP address blocks: 143.20.116.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Jun 2025 13:15:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:cf:d7:b9:90:a8:b6:db:3f:c5:fd:21:e0:1e:7b:d5:e2:fa:98:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 17 03:53:17 2025 GMT
Not After : May 16 03:58:17 2026 GMT
Subject: CN=C62433BC871C46FDF3EE646B700EE9B1D200F528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b1:74:5a:37:0b:70:98:ee:6b:40:86:a4:0d:
91:fd:d3:01:af:4f:58:2f:2b:5a:5e:e1:3d:63:53:
15:62:99:ce:aa:5e:2a:d0:16:e4:a4:ac:b0:ef:89:
fe:61:aa:2d:c2:50:28:81:e7:e8:19:89:d6:d9:4f:
88:e4:4f:a4:f3:78:a9:3e:35:6c:7f:7d:05:5c:dd:
b8:72:eb:0a:96:35:ff:82:7a:fc:02:a6:48:b1:2f:
7d:3e:5b:09:fc:b6:15:eb:fb:59:22:88:6f:97:14:
ae:5b:2b:df:9f:df:ca:09:7a:e2:ca:41:65:45:92:
b9:ec:12:d0:1e:3c:a7:a7:66:90:f1:18:73:1e:30:
98:e6:c3:59:bc:07:57:01:f9:b0:d4:69:15:4d:7b:
f6:c1:ac:6d:48:90:37:62:ed:d2:c0:39:69:a4:b2:
ea:dc:e5:0c:5b:13:7d:ad:da:9e:16:50:c2:5a:59:
34:35:ba:9e:ba:de:a5:67:04:fe:af:92:43:0d:dd:
20:38:a2:ff:5e:39:9b:44:be:df:0b:89:52:7b:a3:
85:29:7c:f4:17:47:b1:13:02:94:0f:c8:e1:ab:48:
b3:2a:f5:7a:a9:93:9f:dd:dc:8a:3c:cc:1a:b1:e4:
c5:af:98:da:9a:22:c8:d1:58:5f:01:eb:36:50:f1:
04:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:24:33:BC:87:1C:46:FD:F3:EE:64:6B:70:0E:E9:B1:D2:00:F5:28
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131362e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.116.0/23
Signature Algorithm: sha256WithRSAEncryption
42:dd:7b:b0:58:8d:28:2f:ec:56:b3:70:39:e5:30:6d:5b:28:
84:df:a8:34:5f:c5:6f:9d:ff:b5:ee:4f:1f:98:2b:2b:75:9b:
af:0e:ab:59:8f:18:6d:db:31:9e:41:f0:13:49:1e:20:bc:78:
1a:7e:51:da:fe:83:24:b3:de:15:65:19:89:de:7b:e3:14:e6:
0c:76:12:06:aa:e8:31:68:de:ce:1a:0b:4d:ea:d0:b0:c6:c2:
47:b6:9d:be:0d:bf:3f:16:bb:3c:f3:21:b4:33:2d:0c:e0:29:
90:e1:2a:93:23:ec:5a:3f:a5:dd:32:42:d2:be:0b:aa:a4:6e:
e5:d8:01:b9:9b:c8:8c:9a:84:7e:59:f3:68:36:71:51:02:e5:
a9:15:c5:06:5d:47:b5:3b:51:f1:b4:25:8a:9f:d8:ed:67:60:
38:00:c1:6e:c1:d0:69:f2:55:e5:67:8a:56:5b:99:b8:19:d6:
64:b2:66:9b:21:02:80:15:ab:c8:87:8c:ef:f8:9e:3a:01:c7:
b5:df:b7:80:d0:41:3a:04:10:bc:e7:ab:d9:02:bc:64:bf:67:
05:f4:dd:3d:23:27:51:e7:df:ae:2f:fb:00:76:04:38:c4:d9:
30:0e:98:e8:62:45:0f:c2:f0:9c:4e:1d:b4:b9:04:36:d9:ab:
46:e8:c0:1f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUIs/XuZCotts/xf0h4B571eL6mB8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MTcwMzUzMTdaFw0yNjA1MTYwMzU4MTdaMDMxMTAvBgNV
BAMTKEM2MjQzM0JDODcxQzQ2RkRGM0VFNjQ2QjcwMEVFOUIxRDIwMEY1MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvsXRaNwtwmO5rQIakDZH90wGv
T1gvK1pe4T1jUxVimc6qXirQFuSkrLDvif5hqi3CUCiB5+gZidbZT4jkT6TzeKk+
NWx/fQVc3bhy6wqWNf+CevwCpkixL30+Wwn8thXr+1kiiG+XFK5bK9+f38oJeuLK
QWVFkrnsEtAePKenZpDxGHMeMJjmw1m8B1cB+bDUaRVNe/bBrG1IkDdi7dLAOWmk
surc5QxbE32t2p4WUMJaWTQ1up663qVnBP6vkkMN3SA4ov9eOZtEvt8LiVJ7o4Up
fPQXR7ETApQPyOGrSLMq9Xqpk5/d3Io8zBqx5MWvmNqaIsjRWF8B6zZQ8QS1AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUxiQzvIccRv3z7mRrcA7psdIA9SgwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMx
MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGPFHQw
DQYJKoZIhvcNAQELBQADggEBAELde7BYjSgv7FazcDnlMG1bKITfqDRfxW+d/7Xu
Tx+YKyt1m68Oq1mPGG3bMZ5B8BNJHiC8eBp+Udr+gySz3hVlGYnee+MU5gx2Egaq
6DFo3s4aC03q0LDGwke2nb4Nvz8WuzzzIbQzLQzgKZDhKpMj7Fo/pd0yQtK+C6qk
buXYAbmbyIyahH5Z82g2cVEC5akVxQZdR7U7UfG0JYqf2O1nYDgAwW7B0GnyVeVn
ilZbmbgZ1mSyZpshAoAVq8iHjO/4njoBx7Xft4DQQToEELznq9kCvGS/ZwX03T0j
J1Hn364v+wB2BDjE2TAOmOhiRQ/C8JxOHbS5BDbZq0bowB8=
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:43:28 2025 by rpki-client