Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e322e302f32332d3233203d3e20323134343830.roa
File: 3134332e32302e322e302f32332d3233203d3e20323134343830.roa (raw, json)
Hash identifier: oTtIsuJTtm8pw9B/ADPSiPWg4M7wKjpiapGwep6NXMM=
Subject key identifier: 2A:FE:E5:01:94:90:2F:34:7C:52:B3:EB:A4:5C:9F:48:2B:E9:1E:A2
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 26CA005051BB0AADAD226672B93A21084B761667
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e322e302f32332d3233203d3e20323134343830.roa
Signing time: Mon 26 May 2025 15:08:31 +0000
ROA not before: Mon 26 May 2025 15:03:31 +0000
ROA not after: Mon 25 May 2026 15:08:31 +0000
asID: 214480
IP address blocks: 143.20.2.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:ca:00:50:51:bb:0a:ad:ad:22:66:72:b9:3a:21:08:4b:76:16:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 26 15:03:31 2025 GMT
Not After : May 25 15:08:31 2026 GMT
Subject: CN=2AFEE50194902F347C52B3EBA45C9F482BE91EA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:01:a3:65:ff:52:42:4c:d1:d7:d7:aa:20:b1:
3e:0d:c9:d2:2a:a7:5a:b6:17:5d:21:07:ec:5d:c6:
fd:0b:77:44:87:68:db:bf:68:85:10:19:6f:34:9d:
a2:d9:8d:37:d8:1f:f5:0f:03:c7:5e:c1:08:e1:2f:
bc:17:d6:5e:1a:5e:d1:db:9b:9e:c8:86:7b:24:78:
92:48:f5:41:35:c8:7c:70:71:b8:56:ad:e6:00:bd:
11:0a:16:c1:01:b6:f8:5d:32:f4:27:d7:e1:72:ee:
8e:fd:e0:5c:66:c8:86:47:41:85:e1:5a:c0:13:3b:
05:e2:cf:4a:bc:f9:eb:c8:f2:23:a1:cc:e7:81:7c:
f7:00:6c:4d:1f:9b:00:b0:d5:5b:c0:33:f4:03:23:
d0:4b:98:e3:15:5f:48:d5:01:cc:ae:25:d9:0e:db:
c4:c2:45:55:ef:3f:56:ed:d7:44:e9:94:91:fb:4e:
5a:fc:eb:19:20:a3:be:41:a2:93:8b:85:0d:30:24:
8f:6b:8e:51:db:83:80:51:db:a0:d9:79:19:95:00:
bf:7b:64:65:06:17:b7:62:5c:c6:24:92:ea:fb:21:
a4:c3:fd:ed:c9:a4:da:e0:30:f8:2c:4d:86:4d:b4:
1e:af:ca:57:56:e1:4c:7a:23:ad:d5:be:b5:84:1a:
95:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FE:E5:01:94:90:2F:34:7C:52:B3:EB:A4:5C:9F:48:2B:E9:1E:A2
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e322e302f32332d3233203d3e20323134343830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.2.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:8c:4e:29:25:d7:04:c4:56:21:df:90:ef:91:69:d1:43:d8:
cf:c4:b6:4d:8a:35:c2:07:03:4c:c3:48:92:27:26:61:5f:69:
2b:0c:05:9e:89:c4:2d:00:d2:63:ba:d3:20:d6:bd:78:ac:8c:
d7:83:7e:85:cc:f3:92:8e:7f:1d:2f:6d:0b:1a:c2:61:9d:f7:
b8:5e:56:1f:72:1f:44:24:ea:19:ca:4c:17:f8:18:57:0d:0e:
25:9d:cf:81:0a:ba:69:9b:45:01:3b:86:79:f1:72:75:44:05:
14:bc:32:de:e0:02:c4:11:0a:8b:6e:23:6f:fc:4a:e1:8d:fa:
37:e2:df:07:5c:46:fb:5d:0a:99:52:fb:1d:b6:02:b0:fc:d0:
c4:10:bd:89:a3:24:4f:05:46:10:ff:72:f8:01:0b:7b:47:52:
ec:a0:c3:09:84:bc:9d:66:21:6f:79:5c:66:82:47:bf:96:06:
97:0f:1a:8b:00:39:3b:73:cb:26:33:40:3a:6a:9a:06:6d:f7:
7e:3d:f5:d6:6f:0f:3d:84:c9:34:c5:9c:da:71:12:00:1a:50:
69:eb:83:ea:64:8c:b4:5e:03:a6:31:7a:ea:f3:68:47:66:97:
3e:1a:d2:1c:55:88:64:92:ba:fa:4e:c7:0b:e1:f8:e0:78:f7:
f9:c0:ba:a4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUJsoAUFG7Cq2tImZyuTohCEt2FmcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MjYxNTAzMzFaFw0yNjA1MjUxNTA4MzFaMDMxMTAvBgNV
BAMTKDJBRkVFNTAxOTQ5MDJGMzQ3QzUyQjNFQkE0NUM5RjQ4MkJFOTFFQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbAaNl/1JCTNHX16ogsT4NydIq
p1q2F10hB+xdxv0Ld0SHaNu/aIUQGW80naLZjTfYH/UPA8dewQjhL7wX1l4aXtHb
m57IhnskeJJI9UE1yHxwcbhWreYAvREKFsEBtvhdMvQn1+Fy7o794FxmyIZHQYXh
WsATOwXiz0q8+evI8iOhzOeBfPcAbE0fmwCw1VvAM/QDI9BLmOMVX0jVAcyuJdkO
28TCRVXvP1bt10TplJH7Tlr86xkgo75BopOLhQ0wJI9rjlHbg4BR26DZeRmVAL97
ZGUGF7diXMYkkur7IaTD/e3JpNrgMPgsTYZNtB6vyldW4Ux6I63VvrWEGpU1AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUKv7lAZSQLzR8UrPrpFyfSCvpHqIwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjJl
MzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzEzNDM0MzgzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAY8U
AjANBgkqhkiG9w0BAQsFAAOCAQEAj4xOKSXXBMRWId+Q75Fp0UPYz8S2TYo1wgcD
TMNIkicmYV9pKwwFnonELQDSY7rTINa9eKyM14N+hczzko5/HS9tCxrCYZ33uF5W
H3IfRCTqGcpMF/gYVw0OJZ3PgQq6aZtFATuGefFydUQFFLwy3uACxBEKi24jb/xK
4Y36N+LfB1xG+10KmVL7HbYCsPzQxBC9iaMkTwVGEP9y+AELe0dS7KDDCYS8nWYh
b3lcZoJHv5YGlw8aiwA5O3PLJjNAOmqaBm33fj311m8PPYTJNMWc2nESABpQaeuD
6mSMtF4DpjF66vNoR2aXPhrSHFWIZJK6+k7HC+H44Hj3+cC6pA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:47:19 2025 by rpki-client