Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132322e302f32342d3234203d3e20343030353536.roa
File: 3134332e32302e3132322e302f32342d3234203d3e20343030353536.roa (raw, json)
Hash identifier: GcagmI0SIwVVOi2glcj94g1r7gZalbxXcGp2Y23qWV4=
Subject key identifier: C3:43:03:54:30:11:E2:FF:4E:16:40:AF:25:FB:9F:28:E3:DA:22:30
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 30DC19DB81CC776D0A20126CCC8EBB4C9C5BFE15
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132322e302f32342d3234203d3e20343030353536.roa
Signing time: Sat 31 May 2025 10:06:44 +0000
ROA not before: Sat 31 May 2025 10:01:44 +0000
ROA not after: Sat 30 May 2026 10:06:44 +0000
asID: 400556
IP address blocks: 143.20.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:dc:19:db:81:cc:77:6d:0a:20:12:6c:cc:8e:bb:4c:9c:5b:fe:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 31 10:01:44 2025 GMT
Not After : May 30 10:06:44 2026 GMT
Subject: CN=C34303543011E2FF4E1640AF25FB9F28E3DA2230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:80:8c:c1:6d:5b:e2:8d:ca:ef:42:e3:1a:46:
4c:70:5f:ef:68:e6:0f:7b:ed:fa:d8:4a:d3:af:ea:
0e:85:72:0a:81:6f:6d:f5:59:cf:55:f0:01:8a:d7:
d9:23:5a:6b:29:00:ac:de:f8:e4:f0:bb:75:bc:b4:
57:9a:42:88:81:ad:53:77:99:63:69:7b:a0:fd:fd:
a6:fa:e5:0a:40:2c:41:a7:7f:b3:07:3e:27:a9:75:
6a:a6:cd:a9:54:f1:9c:6e:c0:e1:79:75:84:9e:e9:
55:9b:a9:cd:7a:8d:cc:09:f8:92:1a:df:11:43:ba:
48:aa:16:6a:c5:a6:4f:86:0b:4f:95:7b:c7:7a:2a:
f5:f8:19:48:e6:c4:64:a4:f4:fd:d5:12:10:ca:92:
8e:ac:76:98:4b:96:e6:19:b9:b7:46:bc:91:aa:83:
09:ce:ab:35:7f:b8:2f:1f:9e:10:5b:97:63:f8:97:
d5:b7:81:32:46:17:70:f9:3e:cd:01:38:37:e5:eb:
d9:ea:86:ae:9a:a1:32:78:a7:9b:ae:16:c4:05:b4:
41:72:74:a9:a8:53:93:5b:d2:f4:52:27:cc:fa:f3:
5e:a1:c4:a6:b2:0a:f3:4d:da:9c:dd:cf:2b:81:5c:
e4:7e:c2:ec:07:ed:53:69:b2:c7:b2:e5:64:49:bb:
18:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:43:03:54:30:11:E2:FF:4E:16:40:AF:25:FB:9F:28:E3:DA:22:30
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132322e302f32342d3234203d3e20343030353536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.122.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:c7:c4:64:21:fb:fc:3e:5f:a6:90:b1:75:a6:85:3f:59:6c:
92:19:11:f1:fa:b3:b9:37:cc:94:6c:aa:09:c1:04:cd:66:54:
00:ce:61:7f:45:ce:1d:41:66:ee:4f:a1:85:bf:48:20:a9:82:
c5:25:77:7f:bf:d1:61:68:85:15:85:8f:8c:5a:44:b4:3f:08:
42:55:42:a5:8f:1d:6e:12:6c:f5:d8:38:e9:6f:3e:65:98:75:
a6:bf:b1:38:ac:43:d6:6a:42:88:a9:d1:03:28:53:a7:af:e4:
aa:53:e3:e0:96:a0:ad:7e:ca:02:d3:5b:92:f9:4b:32:3b:88:
4a:c7:3a:dd:86:10:28:92:13:6a:18:7a:9e:dc:ad:70:a5:fc:
6d:9a:07:a7:91:e6:c6:2a:5c:04:51:0a:8e:41:75:e5:97:77:
de:e4:7a:d3:90:6b:8a:0d:d5:ab:47:92:f4:77:41:ce:c4:c0:
57:4b:f3:aa:da:36:c4:fd:a0:6c:2c:06:aa:0e:a3:f8:98:9b:
1e:fe:18:4c:3d:ef:15:86:68:26:12:17:4e:56:3c:79:e5:61:
bd:81:67:1b:10:4e:c9:e1:fb:d1:34:ed:9e:1e:7e:34:c0:41:
7a:a2:95:d8:64:93:70:0c:09:63:72:a9:c9:d2:0d:f1:52:90:
e9:a9:65:e9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMNwZ24HMd20KIBJszI67TJxb/hUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MzExMDAxNDRaFw0yNjA1MzAxMDA2NDRaMDMxMTAvBgNV
BAMTKEMzNDMwMzU0MzAxMUUyRkY0RTE2NDBBRjI1RkI5RjI4RTNEQTIyMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9gIzBbVvijcrvQuMaRkxwX+9o
5g977frYStOv6g6FcgqBb231Wc9V8AGK19kjWmspAKze+OTwu3W8tFeaQoiBrVN3
mWNpe6D9/ab65QpALEGnf7MHPiepdWqmzalU8ZxuwOF5dYSe6VWbqc16jcwJ+JIa
3xFDukiqFmrFpk+GC0+Ve8d6KvX4GUjmxGSk9P3VEhDKko6sdphLluYZubdGvJGq
gwnOqzV/uC8fnhBbl2P4l9W3gTJGF3D5Ps0BODfl69nqhq6aoTJ4p5uuFsQFtEFy
dKmoU5Nb0vRSJ8z6816hxKayCvNN2pzdzyuBXOR+wuwH7VNpssey5WRJuxjbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUw0MDVDAR4v9OFkCvJfufKOPaIjAwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzNTM1MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACPFHowDQYJKoZIhvcNAQELBQADggEBALHHxGQh+/w+X6aQsXWmhT9ZbJIZEfH6
s7k3zJRsqgnBBM1mVADOYX9Fzh1BZu5PoYW/SCCpgsUld3+/0WFohRWFj4xaRLQ/
CEJVQqWPHW4SbPXYOOlvPmWYdaa/sTisQ9ZqQoip0QMoU6ev5KpT4+CWoK1+ygLT
W5L5SzI7iErHOt2GECiSE2oYep7crXCl/G2aB6eR5sYqXARRCo5BdeWXd97ketOQ
a4oN1atHkvR3Qc7EwFdL86raNsT9oGwsBqoOo/iYmx7+GEw97xWGaCYSF05WPHnl
Yb2BZxsQTsnh+9E07Z4efjTAQXqildhkk3AMCWNyqcnSDfFSkOmpZek=
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:24:01 2025 by rpki-client