Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3230362e302f32342d3234203d3e20383334.roa
File: 3134332e32302e3230362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: E7VGZ5/99MjBlFaqCZpib/Sd8/vI1AO6ZKbHmDgN2s8=
Subject key identifier: D2:29:1F:E3:AC:09:E5:14:1E:2E:60:E4:91:AB:69:D7:AA:BD:C1:87
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 6E9683964013D6C558CC48228B2E8F80ABF05348
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3230362e302f32342d3234203d3e20383334.roa
Signing time: Tue 06 May 2025 06:35:00 +0000
ROA not before: Tue 06 May 2025 06:30:00 +0000
ROA not after: Tue 05 May 2026 06:35:00 +0000
asID: 834
IP address blocks: 143.20.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 May 2025 09:19:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:96:83:96:40:13:d6:c5:58:cc:48:22:8b:2e:8f:80:ab:f0:53:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:30:00 2025 GMT
Not After : May 5 06:35:00 2026 GMT
Subject: CN=D2291FE3AC09E5141E2E60E491AB69D7AABDC187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f1:66:d5:62:83:11:3b:59:83:2d:f7:b1:73:
f9:07:90:fc:2c:e8:36:07:71:0b:dc:7d:96:28:c0:
0a:23:87:59:fb:cb:ea:22:20:14:94:c7:21:d3:cb:
ee:6b:5d:8f:67:e0:f3:19:d0:cb:3e:32:35:78:14:
36:46:f4:98:e5:ff:a4:c2:2a:dc:14:cb:6a:7f:13:
ac:60:9b:8d:ab:a7:74:34:5e:ae:20:bd:61:79:bc:
13:10:08:af:38:0c:6d:37:49:a5:27:c2:69:d5:ce:
1d:5b:9a:3d:33:44:5c:a9:79:ad:2d:9c:af:4f:cd:
84:94:90:a0:3d:b6:a9:da:2d:a1:51:f1:02:51:24:
ed:40:fa:5e:88:ad:93:bb:62:c3:66:11:b1:c1:a8:
3d:ee:d1:b1:98:50:2c:86:53:55:2e:f2:08:be:4b:
3f:98:71:8c:93:ef:64:e6:0f:a3:8e:00:2a:74:59:
2b:2c:5d:fe:ac:70:0e:54:d6:f5:37:4c:64:e5:d1:
cc:e1:a6:ce:80:a8:eb:f1:12:a8:d4:a3:11:37:7b:
b6:18:59:a3:a8:aa:f7:f3:3a:c3:5c:75:95:e1:10:
85:e5:44:e0:fd:54:ea:3b:0a:cb:39:97:a1:bf:6d:
d0:09:47:66:d7:bb:d8:24:84:5f:16:8f:26:cc:dc:
d9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:29:1F:E3:AC:09:E5:14:1E:2E:60:E4:91:AB:69:D7:AA:BD:C1:87
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3230362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.206.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:d3:ed:4f:f1:57:09:39:fa:e4:4f:9c:44:f5:58:97:a2:69:
77:84:64:c6:fe:4c:25:43:d7:b0:0a:00:d1:e5:9d:9c:a6:ff:
1c:e6:f9:8f:db:29:73:65:02:73:e8:60:47:3a:c8:5a:2b:1d:
41:01:ab:81:fe:7c:78:09:55:4b:4f:6c:f8:b0:ab:f6:27:08:
f1:2c:72:68:be:1d:06:05:f8:e3:65:82:2f:76:30:98:01:b4:
95:58:0a:7d:fb:a6:3e:dc:9d:6f:b6:d1:b4:69:46:a3:02:7a:
7f:bb:e5:0a:21:3d:f1:ad:93:1e:b3:15:65:15:64:4e:66:06:
2c:6c:39:83:11:2d:ed:b6:bf:fb:31:9a:05:a9:bc:7e:f8:97:
30:74:41:67:7f:a6:1b:9c:3d:e1:0c:c9:1b:c4:29:fb:f5:cb:
24:20:b1:d3:4a:b8:98:eb:b4:82:6e:c1:e3:31:65:df:b2:3c:
a5:aa:6a:97:0b:c1:ee:fa:3a:a1:e2:cd:f7:58:d1:4e:7e:55:
32:f2:60:88:c8:02:78:97:9c:35:11:cd:32:47:6c:16:28:5d:
87:43:0e:9c:54:7a:7b:06:af:b6:d4:cf:61:4c:d9:b6:02:41:
21:08:8d:2d:dc:61:42:c2:d4:fd:d6:56:44:75:ee:c9:85:df:
a3:54:09:ff
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUbpaDlkAT1sVYzEgiiy6PgKvwU0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMwMDBaFw0yNjA1MDUwNjM1MDBaMDMxMTAvBgNV
BAMTKEQyMjkxRkUzQUMwOUU1MTQxRTJFNjBFNDkxQUI2OUQ3QUFCREMxODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv8WbVYoMRO1mDLfexc/kHkPws
6DYHcQvcfZYowAojh1n7y+oiIBSUxyHTy+5rXY9n4PMZ0Ms+MjV4FDZG9Jjl/6TC
KtwUy2p/E6xgm42rp3Q0Xq4gvWF5vBMQCK84DG03SaUnwmnVzh1bmj0zRFypea0t
nK9PzYSUkKA9tqnaLaFR8QJRJO1A+l6IrZO7YsNmEbHBqD3u0bGYUCyGU1Uu8gi+
Sz+YcYyT72TmD6OOACp0WSssXf6scA5U1vU3TGTl0czhps6AqOvxEqjUoxE3e7YY
WaOoqvfzOsNcdZXhEIXlROD9VOo7Css5l6G/bdAJR2bXu9gkhF8WjybM3NlVAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU0ikf46wJ5RQeLmDkkatp16q9wYcwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACPFM4w
DQYJKoZIhvcNAQELBQADggEBALDT7U/xVwk5+uRPnET1WJeiaXeEZMb+TCVD17AK
ANHlnZym/xzm+Y/bKXNlAnPoYEc6yForHUEBq4H+fHgJVUtPbPiwq/YnCPEscmi+
HQYF+ONlgi92MJgBtJVYCn37pj7cnW+20bRpRqMCen+75QohPfGtkx6zFWUVZE5m
BixsOYMRLe22v/sxmgWpvH74lzB0QWd/phucPeEMyRvEKfv1yyQgsdNKuJjrtIJu
weMxZd+yPKWqapcLwe76OqHizfdY0U5+VTLyYIjIAniXnDURzTJHbBYoXYdDDpxU
ensGr7bUz2FM2bYCQSEIjS3cYULC1P3WVkR17smF36NUCf8=
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:48:55 2025 by rpki-client