Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132302e302f32342d3234203d3e203539343332.roa
File: 3134332e32302e3132302e302f32342d3234203d3e203539343332.roa (raw, json)
Hash identifier: TFHdBjbpHUou1L+qeedXFEeHr1rysPjTg4T764kwu1c=
Subject key identifier: E3:70:91:53:73:03:44:BE:E9:63:B3:0F:A7:C7:B8:2B:29:D7:E2:E8
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 68B34D9A382B4CC39F84F69AD1AEEEF8F9DDAEF6
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132302e302f32342d3234203d3e203539343332.roa
Signing time: Tue 03 Jun 2025 07:31:24 +0000
ROA not before: Tue 03 Jun 2025 07:26:24 +0000
ROA not after: Tue 02 Jun 2026 07:31:24 +0000
asID: 59432
IP address blocks: 143.20.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:b3:4d:9a:38:2b:4c:c3:9f:84:f6:9a:d1:ae:ee:f8:f9:dd:ae:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 3 07:26:24 2025 GMT
Not After : Jun 2 07:31:24 2026 GMT
Subject: CN=E3709153730344BEE963B30FA7C7B82B29D7E2E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3c:f4:b7:b3:50:63:59:95:54:33:ff:f0:78:
42:d9:35:59:e8:b6:f6:a7:6d:69:95:12:48:81:a5:
9f:d4:a0:ec:fb:58:06:1c:fe:f1:e7:ed:30:48:b0:
25:c4:de:a1:f0:ab:8d:ff:23:37:b3:f7:4f:f9:93:
94:ac:3c:b6:04:b2:94:bf:75:e9:25:b7:43:64:16:
c4:b2:ab:b4:d3:8d:af:46:c0:ed:0c:07:66:f2:83:
1b:46:f6:4a:88:8f:a1:e1:6e:0b:d7:9b:76:78:00:
33:5b:aa:83:f9:db:07:0b:b3:87:02:b1:f4:c0:c4:
06:91:bd:15:12:2d:22:f1:35:5a:66:f6:94:97:23:
1e:20:ff:8c:c1:cb:77:a1:a6:66:50:83:28:7e:e8:
07:7c:9b:31:4b:04:6f:9d:44:b0:3a:b4:cb:f3:ac:
ab:01:98:f1:44:b1:93:5f:ad:5c:6c:bd:c2:c4:9a:
55:da:c8:41:e2:fc:44:a3:e1:57:da:b9:41:0c:87:
73:25:a0:cf:21:e1:d7:90:74:c2:64:1f:bc:1e:54:
a5:b2:87:e5:a4:16:11:f1:0f:2b:c5:44:28:67:16:
82:4f:a7:54:8e:c9:6e:3d:58:e3:8f:b0:f2:ec:db:
32:ae:53:89:c2:5e:5d:25:5b:25:af:a8:10:fd:56:
1a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:70:91:53:73:03:44:BE:E9:63:B3:0F:A7:C7:B8:2B:29:D7:E2:E8
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132302e302f32342d3234203d3e203539343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.120.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:3a:79:88:40:c3:6e:9e:5e:c1:c2:39:90:7a:87:fd:11:b3:
c5:43:05:b4:1e:4d:35:da:fd:e1:88:7f:74:8e:72:2b:72:4b:
58:cc:1c:39:95:58:c0:eb:5a:00:fb:fd:3a:9b:1c:29:ad:82:
fa:dd:f6:c7:db:28:6f:ed:43:f3:b9:2d:93:8e:3a:bd:d5:84:
83:15:06:21:cf:20:c0:16:f1:95:d8:46:e0:96:35:b0:7d:48:
3f:62:1b:b4:0b:60:a1:bc:ef:59:61:83:ea:85:47:b5:6b:77:
bd:e4:ae:ce:60:a5:a5:a6:1c:dd:5e:75:67:ae:8f:c4:ca:e2:
5c:7d:20:c7:ea:bb:0e:7e:db:c4:50:ba:a2:82:7d:de:4d:ee:
94:79:c8:3a:72:90:9a:c2:93:1a:20:03:03:8f:da:ca:6f:a4:
59:85:f9:09:97:3a:96:c0:bd:85:09:0d:43:ea:5a:ce:a1:2f:
da:4e:0a:e0:82:51:3f:18:9d:2a:3d:9a:43:c6:58:f4:4d:15:
db:ff:5a:db:5b:d3:9c:4e:22:ae:d1:5a:d3:16:c9:96:a5:65:
46:34:6f:66:21:2a:85:1e:95:9f:e7:84:30:24:f0:88:b3:4d:
72:d9:f7:69:62:16:2a:a5:e9:33:a1:18:51:04:3d:a7:c4:6f:
84:cc:f9:79
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUaLNNmjgrTMOfhPaa0a7u+PndrvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MDMwNzI2MjRaFw0yNjA2MDIwNzMxMjRaMDMxMTAvBgNV
BAMTKEUzNzA5MTUzNzMwMzQ0QkVFOTYzQjMwRkE3QzdCODJCMjlEN0UyRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjPPS3s1BjWZVUM//weELZNVno
tvanbWmVEkiBpZ/UoOz7WAYc/vHn7TBIsCXE3qHwq43/Izez90/5k5SsPLYEspS/
deklt0NkFsSyq7TTja9GwO0MB2bygxtG9kqIj6HhbgvXm3Z4ADNbqoP52wcLs4cC
sfTAxAaRvRUSLSLxNVpm9pSXIx4g/4zBy3ehpmZQgyh+6Ad8mzFLBG+dRLA6tMvz
rKsBmPFEsZNfrVxsvcLEmlXayEHi/ESj4VfauUEMh3MloM8h4deQdMJkH7weVKWy
h+WkFhHxDyvFRChnFoJPp1SOyW49WOOPsPLs2zKuU4nCXl0lWyWvqBD9VhrHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU43CRU3MDRL7pY7MPp8e4KynX4ugwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM5MzQzMzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
jxR4MA0GCSqGSIb3DQEBCwUAA4IBAQDNOnmIQMNunl7BwjmQeof9EbPFQwW0Hk01
2v3hiH90jnIrcktYzBw5lVjA61oA+/06mxwprYL63fbH2yhv7UPzuS2Tjjq91YSD
FQYhzyDAFvGV2EbgljWwfUg/Yhu0C2ChvO9ZYYPqhUe1a3e95K7OYKWlphzdXnVn
ro/EyuJcfSDH6rsOftvEULqign3eTe6Uecg6cpCawpMaIAMDj9rKb6RZhfkJlzqW
wL2FCQ1D6lrOoS/aTgrgglE/GJ0qPZpDxlj0TRXb/1rbW9OcTiKu0VrTFsmWpWVG
NG9mISqFHpWf54QwJPCIs01y2fdpYhYqpekzoRhRBD2nxG+EzPl5
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:37:25 2025 by rpki-client