Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e32302e302f32342d3234203d3e20323038343833.roa
File: 3134332e32302e32302e302f32342d3234203d3e20323038343833.roa (raw, json)
Hash identifier: /vpUiSKK4CE18dSvBN10zc/P1PIswj5jLFAwu1B4AGQ=
Subject key identifier: 93:41:46:27:EE:CB:85:87:12:88:6C:3A:0F:69:8A:44:0D:CD:CE:0C
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 4C41CB6237A35BFCF60D752EA50CA37E92EEA839
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e32302e302f32342d3234203d3e20323038343833.roa
Signing time: Tue 03 Jun 2025 23:40:59 +0000
ROA not before: Tue 03 Jun 2025 23:35:59 +0000
ROA not after: Tue 02 Jun 2026 23:40:59 +0000
asID: 208483
IP address blocks: 143.20.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:41:cb:62:37:a3:5b:fc:f6:0d:75:2e:a5:0c:a3:7e:92:ee:a8:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 3 23:35:59 2025 GMT
Not After : Jun 2 23:40:59 2026 GMT
Subject: CN=93414627EECB858712886C3A0F698A440DCDCE0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bc:9b:05:c8:d5:32:44:71:70:88:06:2a:42:
72:0c:54:11:ea:96:c1:36:ed:ab:8b:ea:b6:5f:83:
bf:0a:71:5d:c6:4b:93:a2:70:f4:0b:a7:88:f9:dd:
c8:21:d5:5d:ce:7a:77:cb:a4:13:2a:e4:2d:7e:8f:
19:7b:df:50:05:09:4a:20:e4:91:62:7d:f5:dd:4e:
fe:cd:62:81:9b:50:53:e1:c5:4a:4d:12:87:3b:cb:
bb:c1:70:23:99:ba:12:01:b4:58:51:6a:cd:50:ab:
e7:b0:44:7b:63:3e:be:45:e9:23:ae:0b:e0:af:88:
4c:40:bd:3c:96:71:ec:5c:74:05:b3:17:61:64:21:
c3:5f:f4:8b:bc:0a:ea:9f:3b:45:fd:0c:a0:1f:87:
a0:67:e1:d2:3e:e5:37:53:f4:18:51:8a:f1:23:9d:
36:2c:da:60:ef:71:ed:42:75:fd:27:d0:de:79:11:
72:2f:a5:ab:6e:da:cb:05:41:a3:4b:c8:6f:f1:86:
2e:cf:38:c0:a5:75:58:b7:b2:d7:f5:07:a0:f5:92:
90:b7:e8:80:be:46:ef:04:cb:19:03:37:ca:da:0c:
0d:5b:c9:79:9b:07:65:49:d0:49:b5:1f:98:c8:85:
65:6b:83:d0:33:f8:e4:13:0f:16:1d:b7:4f:86:6e:
e9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:41:46:27:EE:CB:85:87:12:88:6C:3A:0F:69:8A:44:0D:CD:CE:0C
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e32302e302f32342d3234203d3e20323038343833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.20.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:88:c8:27:ce:09:aa:3a:e5:ba:a4:cd:6c:d4:c9:7f:f8:02:
96:54:bf:56:4b:ea:cc:c3:ab:01:56:e9:8f:6b:f4:0c:dd:9c:
75:42:ea:4c:f1:a1:4e:6c:ec:26:59:62:56:75:1d:16:f1:4e:
05:15:f5:18:d2:b0:2e:39:e6:80:09:43:77:ab:19:dc:37:6b:
08:7b:c9:ec:a4:a4:4b:ee:a1:2d:d6:5d:ca:66:20:45:dd:30:
91:4e:34:b6:04:7f:e1:eb:5b:0c:64:6f:30:21:fd:0e:85:63:
65:65:b4:a0:18:f5:c0:08:13:a5:4b:14:8e:30:b8:e3:d7:1f:
c0:70:3e:f5:7f:94:de:dd:38:9c:41:4a:d3:df:cd:90:b0:9e:
a1:b0:5f:3a:96:a6:52:28:5d:74:97:1d:fc:6c:92:9e:61:b9:
5d:aa:18:29:98:fd:5b:6f:66:39:be:2c:19:fb:fe:82:d1:94:
b5:f7:d6:db:25:73:f9:ff:f5:dd:16:cd:d7:7c:1d:b4:37:9a:
f0:0d:82:43:7b:0f:35:1e:fc:19:57:c6:90:b9:31:49:fc:1c:
32:34:88:e6:80:60:ed:44:2c:ed:0d:5a:ff:4a:e3:6d:23:6e:
03:36:d1:0e:6e:d1:30:9b:13:1b:85:80:f7:24:dd:12:12:ac:
46:e7:f2:e4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTEHLYjejW/z2DXUupQyjfpLuqDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MDMyMzM1NTlaFw0yNjA2MDIyMzQwNTlaMDMxMTAvBgNV
BAMTKDkzNDE0NjI3RUVDQjg1ODcxMjg4NkMzQTBGNjk4QTQ0MERDRENFMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6vJsFyNUyRHFwiAYqQnIMVBHq
lsE27auL6rZfg78KcV3GS5OicPQLp4j53cgh1V3OenfLpBMq5C1+jxl731AFCUog
5JFiffXdTv7NYoGbUFPhxUpNEoc7y7vBcCOZuhIBtFhRas1Qq+ewRHtjPr5F6SOu
C+CviExAvTyWcexcdAWzF2FkIcNf9Iu8CuqfO0X9DKAfh6Bn4dI+5TdT9BhRivEj
nTYs2mDvce1Cdf0n0N55EXIvpatu2ssFQaNLyG/xhi7POMCldVi3stf1B6D1kpC3
6IC+Ru8EyxkDN8raDA1byXmbB2VJ0Em1H5jIhWVrg9Az+OQTDxYdt0+GbulVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUk0FGJ+7LhYcSiGw6D2mKRA3NzgwwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM4MzQzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
jxQUMA0GCSqGSIb3DQEBCwUAA4IBAQBdiMgnzgmqOuW6pM1s1Ml/+AKWVL9WS+rM
w6sBVumPa/QM3Zx1QupM8aFObOwmWWJWdR0W8U4FFfUY0rAuOeaACUN3qxncN2sI
e8nspKRL7qEt1l3KZiBF3TCRTjS2BH/h61sMZG8wIf0OhWNlZbSgGPXACBOlSxSO
MLjj1x/AcD71f5Te3TicQUrT382QsJ6hsF86lqZSKF10lx38bJKeYbldqhgpmP1b
b2Y5viwZ+/6C0ZS199bbJXP5//XdFs3XfB20N5rwDYJDew81HvwZV8aQuTFJ/Bwy
NIjmgGDtRCztDVr/SuNtI24DNtEObtEwmxMbhYD3JN0SEqxG5/Lk
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:57:16 2025 by rpki-client