Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131392e302f32342d3234203d3e20323134343332.roa
File: 3134332e32302e3131392e302f32342d3234203d3e20323134343332.roa (raw, json)
Hash identifier: T+xg8Spr90lVkOD9Z/6gsSLO2lnHQH4G7Fe+0IMErPg=
Subject key identifier: 97:30:94:95:07:79:DD:8F:5A:BE:B5:E5:45:F0:35:08:F4:93:3F:F0
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 3AA1CE87044400ED50BB1476502EDB7EB723B0B0
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131392e302f32342d3234203d3e20323134343332.roa
Signing time: Sat 17 May 2025 03:56:20 +0000
ROA not before: Sat 17 May 2025 03:51:20 +0000
ROA not after: Sat 16 May 2026 03:56:20 +0000
asID: 214432
IP address blocks: 143.20.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:a1:ce:87:04:44:00:ed:50:bb:14:76:50:2e:db:7e:b7:23:b0:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 17 03:51:20 2025 GMT
Not After : May 16 03:56:20 2026 GMT
Subject: CN=973094950779DD8F5ABEB5E545F03508F4933FF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d1:fe:72:14:09:05:67:2f:c3:d9:6f:75:21:
b9:6f:14:db:7b:23:a1:b0:5e:ea:46:14:cf:55:73:
70:8b:46:07:90:55:60:d5:c4:08:f8:65:36:9b:e0:
f0:51:a6:47:0c:e3:a3:33:31:e3:89:7c:42:05:a8:
79:e1:28:3a:fc:f7:eb:96:27:59:de:f2:46:ef:4c:
e3:da:2c:9a:2d:7e:24:e6:9b:5e:88:3c:8c:61:49:
d2:f8:8f:5f:46:41:8c:17:65:c2:29:b4:fa:d4:7c:
c4:97:31:23:f6:a7:4b:5c:4c:c4:a9:b9:45:da:70:
73:c7:43:0f:e6:58:02:b8:d5:9d:cc:8f:06:81:73:
b3:8d:ba:5f:78:2f:b2:5a:ba:60:12:36:8e:b0:6d:
de:34:38:f5:c2:5e:2b:16:93:89:5c:81:8a:51:a2:
1b:3e:38:ac:9c:02:cc:c2:34:9f:58:07:76:f8:80:
51:18:6d:7a:ec:b7:ab:e7:61:12:07:81:b5:4b:59:
f1:fd:99:40:e9:43:a1:da:4b:5a:15:14:30:47:63:
82:83:b4:08:bf:fd:d7:0b:67:3f:2f:57:9f:e2:a6:
c1:d6:68:33:43:11:9c:b3:5b:66:93:1d:1a:39:48:
12:fc:87:74:4b:0d:95:46:8a:52:dd:3f:3a:ce:4e:
40:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:30:94:95:07:79:DD:8F:5A:BE:B5:E5:45:F0:35:08:F4:93:3F:F0
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3131392e302f32342d3234203d3e20323134343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.119.0/24
Signature Algorithm: sha256WithRSAEncryption
37:a6:6d:e9:22:e2:1c:a6:cf:6d:83:61:2c:a6:65:6f:03:e2:
fb:41:88:e8:82:43:60:a1:73:fa:ce:61:c1:81:3a:dc:1b:7e:
1d:a9:a6:bc:7d:21:2a:59:d6:bc:9a:d8:31:4e:04:73:0f:d1:
a6:b3:9a:39:cd:10:ab:89:93:b2:38:f0:40:1e:80:02:7b:7b:
22:43:aa:da:c5:1c:e4:1d:e8:62:0c:4b:7f:04:3d:fb:93:61:
a6:78:19:aa:11:f8:f8:7a:ae:79:dd:b5:f9:30:dc:2b:da:53:
12:bb:e4:59:b1:25:0c:e9:4e:f2:2d:d7:1c:7e:20:b4:b2:67:
d5:70:b2:4e:ac:da:a4:94:de:92:a2:bc:ca:37:13:11:38:b6:
7e:de:85:4f:d7:17:3d:e5:42:26:fc:79:df:4b:23:d1:05:38:
f8:19:7a:1c:aa:16:85:82:11:89:57:ee:73:3a:dd:6b:05:c2:
0f:02:19:fa:fe:73:54:41:91:30:b8:58:6b:b7:9d:04:29:91:
2f:31:a6:ea:18:32:f1:30:e8:0c:c2:8c:cf:f7:b0:78:5c:c3:
1f:55:ef:e8:f0:d2:e5:71:92:81:b7:f0:54:eb:16:4b:33:b4:
a6:c4:a8:96:b3:be:8b:2d:ff:4d:d0:38:cb:a5:c6:6d:4d:61:
9b:6f:10:24
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOqHOhwREAO1QuxR2UC7bfrcjsLAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MTcwMzUxMjBaFw0yNjA1MTYwMzU2MjBaMDMxMTAvBgNV
BAMTKDk3MzA5NDk1MDc3OUREOEY1QUJFQjVFNTQ1RjAzNTA4RjQ5MzNGRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp0f5yFAkFZy/D2W91IblvFNt7
I6GwXupGFM9Vc3CLRgeQVWDVxAj4ZTab4PBRpkcM46MzMeOJfEIFqHnhKDr89+uW
J1ne8kbvTOPaLJotfiTmm16IPIxhSdL4j19GQYwXZcIptPrUfMSXMSP2p0tcTMSp
uUXacHPHQw/mWAK41Z3MjwaBc7ONul94L7JaumASNo6wbd40OPXCXisWk4lcgYpR
ohs+OKycAszCNJ9YB3b4gFEYbXrst6vnYRIHgbVLWfH9mUDpQ6HaS1oVFDBHY4KD
tAi//dcLZz8vV5/ipsHWaDNDEZyzW2aTHRo5SBL8h3RLDZVGilLdPzrOTkC7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlzCUlQd53Y9avrXlRfA1CPSTP/AwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNDMzMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACPFHcwDQYJKoZIhvcNAQELBQADggEBADembeki4hymz22DYSymZW8D4vtBiOiC
Q2Chc/rOYcGBOtwbfh2pprx9ISpZ1rya2DFOBHMP0aazmjnNEKuJk7I48EAegAJ7
eyJDqtrFHOQd6GIMS38EPfuTYaZ4GaoR+Ph6rnndtfkw3CvaUxK75FmxJQzpTvIt
1xx+ILSyZ9Vwsk6s2qSU3pKivMo3ExE4tn7ehU/XFz3lQib8ed9LI9EFOPgZehyq
FoWCEYlX7nM63WsFwg8CGfr+c1RBkTC4WGu3nQQpkS8xpuoYMvEw6AzCjM/3sHhc
wx9V7+jw0uVxkoG38FTrFksztKbEqJazvost/03QOMulxm1NYZtvECQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:54:34 2025 by rpki-client