Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e322e302f32332d3234203d3e20383334.roa
File: 3134332e32302e322e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: zND5sDOYM6BneoOvjqXCM4x/y3cZicw6gg8CuJv8KeI=
Subject key identifier: 9E:67:69:52:A7:76:37:59:36:3E:DD:32:C7:F0:8A:31:C8:F8:F0:67
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 449F7B50C8BD11C0DE1B8FA458BA3EB8045A2B04
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e322e302f32332d3234203d3e20383334.roa
Signing time: Wed 21 May 2025 12:53:22 +0000
ROA not before: Wed 21 May 2025 12:48:22 +0000
ROA not after: Wed 20 May 2026 12:53:22 +0000
asID: 834
IP address blocks: 143.20.2.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 May 2025 15:08:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:9f:7b:50:c8:bd:11:c0:de:1b:8f:a4:58:ba:3e:b8:04:5a:2b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 21 12:48:22 2025 GMT
Not After : May 20 12:53:22 2026 GMT
Subject: CN=9E676952A7763759363EDD32C7F08A31C8F8F067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e9:c2:d6:ca:2f:43:75:c5:4f:40:bc:28:1b:
c6:b3:d6:a8:c3:fe:24:b3:c0:ac:06:b9:66:1b:51:
dc:ec:08:d7:63:fe:1b:f0:c2:9c:e4:8f:3a:b7:e0:
63:54:85:2c:a5:f8:c8:ec:49:09:a3:b4:20:f1:35:
a9:e4:05:0f:bf:9b:2d:6c:b7:3b:69:29:52:44:23:
d6:26:c3:9f:d1:46:de:ee:af:da:67:e2:94:6f:51:
78:78:a9:ea:27:01:07:e8:b4:b9:fa:79:7a:4c:2d:
aa:57:fb:ce:19:4b:ba:c8:94:e3:ff:13:a6:fe:0b:
35:ac:68:07:b9:44:61:73:bd:93:63:5c:e9:15:f7:
b6:66:ac:57:e5:2f:e3:28:74:c6:de:94:5d:ab:86:
38:68:1d:b2:fd:cd:e4:5c:0a:95:51:af:13:2c:32:
7a:24:ee:57:30:d7:92:9b:2b:1c:fc:61:26:49:08:
e0:b9:23:1e:0f:5a:94:8f:aa:7f:03:c9:e3:77:d0:
cb:ed:9d:f9:a2:7f:2d:89:71:b6:52:0f:de:32:09:
0d:7d:6e:de:12:9f:eb:fc:c9:c5:3e:8b:13:54:cf:
1b:cf:fa:99:e7:e7:3c:2a:66:4c:fa:b2:83:8d:6b:
c7:ec:db:e5:66:db:63:36:a1:6f:fd:70:35:a0:0d:
ed:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:67:69:52:A7:76:37:59:36:3E:DD:32:C7:F0:8A:31:C8:F8:F0:67
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e322e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.2.0/23
Signature Algorithm: sha256WithRSAEncryption
36:95:9b:a5:0f:d9:0a:f4:f6:27:cc:4d:00:b4:5c:03:44:46:
86:3d:fb:58:76:7b:c9:c8:97:a0:1e:f6:4a:b1:8d:2f:7d:cb:
68:26:cf:9c:ff:7b:1e:cf:02:38:e7:e6:08:f9:da:10:c5:44:
31:ca:e1:64:63:61:ad:07:b7:cf:b4:0c:2d:62:ec:d8:16:27:
bf:34:7b:bf:7b:2b:10:da:97:e9:fe:7c:ae:3e:12:aa:8b:c6:
d5:22:f4:be:05:22:34:08:00:9c:28:4c:6e:9d:44:03:46:b8:
2d:fe:df:e6:56:9e:1e:c2:fd:8e:3f:5d:ee:07:a3:f7:a1:cd:
8f:95:49:fc:6b:d6:c5:f7:e3:af:cf:db:94:32:87:5d:86:95:
3c:95:91:7d:45:e7:06:79:6d:9d:0e:93:1a:ac:56:fe:b3:35:
14:68:60:f2:89:65:2c:81:81:63:6c:bb:c8:a4:55:cf:60:d2:
00:81:03:0f:7d:74:48:97:43:de:f0:fe:47:07:4e:93:b3:39:
2b:57:7a:40:27:26:03:31:bd:78:28:52:dc:b7:80:f6:38:a2:
ba:a0:55:d1:bd:63:08:b2:82:eb:fa:41:4f:f9:10:49:b7:41:
c6:3d:85:76:55:69:02:e0:39:e9:b7:e9:bd:37:c9:af:d5:b6:
05:b3:2f:cd
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIURJ97UMi9EcDeG4+kWLo+uARaKwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MjExMjQ4MjJaFw0yNjA1MjAxMjUzMjJaMDMxMTAvBgNV
BAMTKDlFNjc2OTUyQTc3NjM3NTkzNjNFREQzMkM3RjA4QTMxQzhGOEYwNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR6cLWyi9DdcVPQLwoG8az1qjD
/iSzwKwGuWYbUdzsCNdj/hvwwpzkjzq34GNUhSyl+MjsSQmjtCDxNankBQ+/my1s
tztpKVJEI9Ymw5/RRt7ur9pn4pRvUXh4qeonAQfotLn6eXpMLapX+84ZS7rIlOP/
E6b+CzWsaAe5RGFzvZNjXOkV97ZmrFflL+ModMbelF2rhjhoHbL9zeRcCpVRrxMs
Mnok7lcw15KbKxz8YSZJCOC5Ix4PWpSPqn8DyeN30Mvtnfmify2JcbZSD94yCQ19
bt4Sn+v8ycU+ixNUzxvP+pnn5zwqZkz6soONa8fs2+Vm22M2oW/9cDWgDe35AgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUnmdpUqd2N1k2Pt0yx/CKMcj48GcwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjJl
MzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAY8UAjANBgkq
hkiG9w0BAQsFAAOCAQEANpWbpQ/ZCvT2J8xNALRcA0RGhj37WHZ7yciXoB72SrGN
L33LaCbPnP97Hs8COOfmCPnaEMVEMcrhZGNhrQe3z7QMLWLs2BYnvzR7v3srENqX
6f58rj4SqovG1SL0vgUiNAgAnChMbp1EA0a4Lf7f5laeHsL9jj9d7gej96HNj5VJ
/GvWxffjr8/blDKHXYaVPJWRfUXnBnltnQ6TGqxW/rM1FGhg8ollLIGBY2y7yKRV
z2DSAIEDD310SJdD3vD+RwdOk7M5K1d6QCcmAzG9eChS3LeA9jiiuqBV0b1jCLKC
6/pBT/kQSbdBxj2FdlVpAuA56bfpvTfJr9W2BbMvzQ==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:25:45 2025 by rpki-client