Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3134302e302f32332d3233203d3e2037303239.roa
File: 3134332e32302e3134302e302f32332d3233203d3e2037303239.roa (raw, json)
Hash identifier: LHl/xYD2lxp5Dr6h/WAdVmBu2Cz5wWsIV7PZDDyyjzw=
Subject key identifier: 97:85:54:D7:C4:15:C8:75:41:D2:FB:BD:7B:74:6D:AA:F3:DD:1D:DF
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 0CC465CEDC1895889D9B7E0631F6663C4DB5D9E2
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3134302e302f32332d3233203d3e2037303239.roa
Signing time: Tue 06 May 2025 06:36:35 +0000
ROA not before: Tue 06 May 2025 06:31:35 +0000
ROA not after: Tue 05 May 2026 06:36:35 +0000
asID: 7029
IP address blocks: 143.20.140.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 02 Jun 2025 16:40:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:c4:65:ce:dc:18:95:88:9d:9b:7e:06:31:f6:66:3c:4d:b5:d9:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:31:35 2025 GMT
Not After : May 5 06:36:35 2026 GMT
Subject: CN=978554D7C415C87541D2FBBD7B746DAAF3DD1DDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:13:2f:44:34:70:a9:f8:cd:53:f4:3e:9e:c9:
6d:11:70:6b:ed:6a:f3:ef:50:bf:fd:ba:2c:7e:4d:
37:62:7d:ed:26:74:6f:bf:38:a7:70:be:e8:c8:0d:
eb:31:cc:b1:99:0e:1c:a4:a9:6c:d9:59:c7:8b:3f:
dc:44:6e:cc:6f:8c:d0:1d:6b:76:da:86:e5:89:53:
ca:25:b5:24:04:5f:5f:45:79:5b:ae:97:1e:83:f1:
35:ad:6a:21:8c:4d:bc:9b:fd:ae:6a:f5:fb:79:b2:
d1:be:c3:81:75:d6:f7:69:c9:64:36:aa:f0:b7:04:
1c:f8:53:81:50:33:87:80:cb:82:d3:a5:e7:90:8d:
ad:75:bf:8c:67:27:31:e0:71:f0:bd:29:07:72:70:
5f:28:e7:09:f7:11:1c:fa:a6:3b:55:1e:14:95:89:
a3:2b:16:f7:8a:7e:c6:7f:07:b8:b4:7c:97:03:22:
dc:67:b1:4e:d3:ef:af:d6:e1:df:7f:ef:8e:e9:a2:
43:e6:54:cb:f1:dc:b5:a1:3e:a9:e4:cc:d5:dd:43:
94:0f:b0:25:1e:b1:00:34:39:fd:89:36:c6:14:43:
c3:50:5c:93:3f:56:56:88:26:8f:4b:04:f5:59:fa:
b8:af:70:ba:35:ee:8b:8b:8e:3b:56:ba:70:8b:3a:
fd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:85:54:D7:C4:15:C8:75:41:D2:FB:BD:7B:74:6D:AA:F3:DD:1D:DF
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3134302e302f32332d3233203d3e2037303239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.140.0/23
Signature Algorithm: sha256WithRSAEncryption
81:69:f5:03:d5:83:7c:46:9e:ed:68:bb:5f:ea:68:42:83:2f:
c0:44:25:ad:2e:7e:21:c5:af:a9:52:33:cd:0c:eb:49:87:54:
70:a1:da:2a:47:3e:ef:33:50:ac:4a:ad:6e:18:d2:16:d7:c8:
61:a8:90:a8:ba:e4:09:c5:a3:80:0e:5b:57:99:73:29:02:6b:
c4:14:f4:d2:58:8c:3c:b5:02:7d:40:3a:e8:64:06:ee:22:12:
80:81:8a:7f:95:a2:49:f8:99:03:a4:b6:56:a3:17:41:c3:8f:
18:f5:f5:ab:41:25:1e:50:84:9c:64:8e:e3:14:a4:cf:c0:09:
16:55:82:97:9b:a2:40:39:4a:3e:57:34:e9:ef:2f:6a:37:21:
67:d4:80:7a:1d:70:2d:da:bf:58:b0:68:98:35:07:24:da:43:
e0:a8:3d:cd:93:0d:12:1f:65:a3:72:ba:01:8d:80:88:ef:c5:
17:8c:fe:8e:94:b7:7b:cc:56:e1:43:e6:bc:f5:dc:7c:11:d7:
80:1d:2c:f6:20:e8:6f:ec:3a:f3:c3:a3:2e:45:4e:16:d3:a3:
0e:87:5a:90:74:76:f3:90:e7:5e:e2:43:4f:09:d8:61:99:ef:
a2:ea:56:87:94:88:85:1d:79:56:e0:6b:42:66:92:84:c9:30:
de:90:5d:df
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUDMRlztwYlYidm34GMfZmPE212eIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMxMzVaFw0yNjA1MDUwNjM2MzVaMDMxMTAvBgNV
BAMTKDk3ODU1NEQ3QzQxNUM4NzU0MUQyRkJCRDdCNzQ2REFBRjNERDFEREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSEy9ENHCp+M1T9D6eyW0RcGvt
avPvUL/9uix+TTdife0mdG+/OKdwvujIDesxzLGZDhykqWzZWceLP9xEbsxvjNAd
a3bahuWJU8oltSQEX19FeVuulx6D8TWtaiGMTbyb/a5q9ft5stG+w4F11vdpyWQ2
qvC3BBz4U4FQM4eAy4LTpeeQja11v4xnJzHgcfC9KQdycF8o5wn3ERz6pjtVHhSV
iaMrFveKfsZ/B7i0fJcDItxnsU7T76/W4d9/747pokPmVMvx3LWhPqnkzNXdQ5QP
sCUesQA0Of2JNsYUQ8NQXJM/VlaIJo9LBPVZ+rivcLo17ouLjjtWunCLOv2HAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUl4VU18QVyHVB0vu9e3RtqvPdHd8wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTM0
MzAyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNzMwMzIzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAY8U
jDANBgkqhkiG9w0BAQsFAAOCAQEAgWn1A9WDfEae7Wi7X+poQoMvwEQlrS5+IcWv
qVIzzQzrSYdUcKHaKkc+7zNQrEqtbhjSFtfIYaiQqLrkCcWjgA5bV5lzKQJrxBT0
0liMPLUCfUA66GQG7iISgIGKf5WiSfiZA6S2VqMXQcOPGPX1q0ElHlCEnGSO4xSk
z8AJFlWCl5uiQDlKPlc06e8vajchZ9SAeh1wLdq/WLBomDUHJNpD4Kg9zZMNEh9l
o3K6AY2AiO/FF4z+jpS3e8xW4UPmvPXcfBHXgB0s9iDob+w688OjLkVOFtOjDoda
kHR285DnXuJDTwnYYZnvoupWh5SIhR15VuBrQmaShMkw3pBd3w==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:41:33 2025 by rpki-client