Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132322e302f32342d3234203d3e20383334.roa
File: 3134332e32302e3132322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: sNEkm78RghmSdqeJcTfjTiyz8nw8APB2r//A9IaqP+M=
Subject key identifier: 74:97:4D:2A:97:86:A2:1D:8E:3A:96:67:E3:FB:22:2C:73:27:8D:8B
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 28086F177D71408EDA18458D943E57A66744F016
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132322e302f32342d3234203d3e20383334.roa
Signing time: Sun 18 May 2025 17:41:36 +0000
ROA not before: Sun 18 May 2025 17:36:36 +0000
ROA not after: Sun 17 May 2026 17:41:36 +0000
asID: 834
IP address blocks: 143.20.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 May 2025 10:06:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:08:6f:17:7d:71:40:8e:da:18:45:8d:94:3e:57:a6:67:44:f0:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 18 17:36:36 2025 GMT
Not After : May 17 17:41:36 2026 GMT
Subject: CN=74974D2A9786A21D8E3A9667E3FB222C73278D8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e2:2f:23:74:c0:97:c5:50:c2:f0:12:09:32:
ba:5a:b3:1c:cc:3b:46:fe:f3:88:cf:01:58:75:a9:
d1:5d:31:fb:66:dc:35:90:d1:fa:e8:ec:fb:43:2c:
a1:2c:29:29:71:1f:1d:95:6d:0d:ac:57:43:ab:3b:
6e:d7:02:95:e1:0e:48:ae:f8:0b:ed:c0:a3:6b:e3:
5a:0c:47:48:d1:36:7d:05:81:04:94:0c:85:9e:f3:
72:e5:0f:b1:f6:24:d8:b4:25:7d:9b:d9:2a:99:7b:
c9:14:99:94:e8:3e:93:61:58:9d:ff:d9:56:d9:4a:
2e:6e:50:70:0f:7e:60:13:6f:c4:dd:0d:b2:0b:d6:
aa:90:1d:d8:91:aa:af:b2:90:dd:57:e1:9b:f6:0f:
f6:a1:81:4e:5b:a9:6b:82:2f:a0:1f:34:75:b9:d9:
8e:02:a3:a6:02:99:51:8d:0d:49:b4:1a:e1:68:ea:
53:7f:1d:ab:28:e0:94:ef:b1:96:27:97:e5:8c:19:
25:c2:bd:6f:74:fb:e6:c4:be:11:b8:e8:73:a9:c3:
d5:33:ea:b4:b3:7d:d0:ca:9c:ad:a9:86:57:44:f3:
02:6f:7f:10:2d:32:37:32:38:8e:ec:07:ab:ce:2e:
6e:45:1e:90:81:bc:67:be:ce:e9:43:5c:0b:75:b6:
81:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:97:4D:2A:97:86:A2:1D:8E:3A:96:67:E3:FB:22:2C:73:27:8D:8B
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.122.0/24
Signature Algorithm: sha256WithRSAEncryption
41:f7:d9:26:a2:c3:a2:3c:4c:c6:98:1f:77:55:e9:e7:b9:26:
7a:69:86:1e:9c:dd:fc:ba:a0:89:57:1d:d0:ae:db:68:96:d7:
33:33:d6:a3:ea:31:d1:30:2f:b6:a3:fa:2e:93:82:84:1e:69:
dc:51:a6:14:89:1a:3f:a0:d3:c2:f7:81:81:7b:e7:99:68:cd:
57:9e:42:e7:dd:ca:2b:e4:d0:f5:8c:79:4a:02:04:94:fe:1b:
06:d1:8a:16:a3:ae:25:a4:79:a8:06:d3:db:ed:c5:f9:cb:c1:
2d:32:26:d4:0f:c1:44:38:07:c2:16:b1:28:94:98:94:50:91:
56:81:81:53:65:39:3d:93:0f:f5:56:8f:7b:a3:06:f2:bb:76:
c9:a7:7d:58:af:f6:ab:46:68:4c:ed:68:27:02:98:aa:63:60:
9f:31:b8:89:3e:87:19:cf:6b:0d:c1:b4:64:3e:23:3f:51:a0:
a2:97:40:7e:87:98:f9:75:8e:4b:fe:88:12:22:5a:82:a1:ce:
b9:57:c5:f8:21:65:47:ec:71:f4:4b:fe:1f:bd:8b:07:b9:a1:
be:64:7b:a1:4e:a4:30:41:31:c9:be:2d:11:d3:34:d4:0c:16:
7b:44:69:72:9a:16:5b:f3:47:93:be:cb:e3:e9:d2:3c:d8:d4:
c0:fd:b7:66
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUKAhvF31xQI7aGEWNlD5XpmdE8BYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MTgxNzM2MzZaFw0yNjA1MTcxNzQxMzZaMDMxMTAvBgNV
BAMTKDc0OTc0RDJBOTc4NkEyMUQ4RTNBOTY2N0UzRkIyMjJDNzMyNzhEOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa4i8jdMCXxVDC8BIJMrpasxzM
O0b+84jPAVh1qdFdMftm3DWQ0fro7PtDLKEsKSlxHx2VbQ2sV0OrO27XApXhDkiu
+AvtwKNr41oMR0jRNn0FgQSUDIWe83LlD7H2JNi0JX2b2SqZe8kUmZToPpNhWJ3/
2VbZSi5uUHAPfmATb8TdDbIL1qqQHdiRqq+ykN1X4Zv2D/ahgU5bqWuCL6AfNHW5
2Y4Co6YCmVGNDUm0GuFo6lN/Haso4JTvsZYnl+WMGSXCvW90++bEvhG46HOpw9Uz
6rSzfdDKnK2phldE8wJvfxAtMjcyOI7sB6vOLm5FHpCBvGe+zulDXAt1toGJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUdJdNKpeGoh2OOpZn4/siLHMnjYswHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACPFHow
DQYJKoZIhvcNAQELBQADggEBAEH32Saiw6I8TMaYH3dV6ee5Jnpphh6c3fy6oIlX
HdCu22iW1zMz1qPqMdEwL7aj+i6TgoQeadxRphSJGj+g08L3gYF755lozVeeQufd
yivk0PWMeUoCBJT+GwbRihajriWkeagG09vtxfnLwS0yJtQPwUQ4B8IWsSiUmJRQ
kVaBgVNlOT2TD/VWj3ujBvK7dsmnfViv9qtGaEztaCcCmKpjYJ8xuIk+hxnPaw3B
tGQ+Iz9RoKKXQH6HmPl1jkv+iBIiWoKhzrlXxfghZUfscfRL/h+9iwe5ob5ke6FO
pDBBMcm+LRHTNNQMFntEaXKaFlvzR5O+y+Pp0jzY1MD9t2Y=
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:29:21 2025 by rpki-client