Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3232342e302f32322d3232203d3e2037303239.roa
File: 3134332e32302e3232342e302f32322d3232203d3e2037303239.roa (raw, json)
Hash identifier: UphssTM8212jSSBFFLrjy6jATZahppyzAxjPqbc05PQ=
Subject key identifier: A8:AE:3F:39:84:49:E0:57:1D:3B:8C:31:5D:BA:91:C9:27:47:EE:F1
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 6225075B5C75EC0185F168CCB2AC5DF217372BFD
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3232342e302f32322d3232203d3e2037303239.roa
Signing time: Tue 06 May 2025 06:36:14 +0000
ROA not before: Tue 06 May 2025 06:31:14 +0000
ROA not after: Tue 05 May 2026 06:36:14 +0000
asID: 7029
IP address blocks: 143.20.224.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 02 Jun 2025 16:35:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:25:07:5b:5c:75:ec:01:85:f1:68:cc:b2:ac:5d:f2:17:37:2b:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:31:14 2025 GMT
Not After : May 5 06:36:14 2026 GMT
Subject: CN=A8AE3F398449E0571D3B8C315DBA91C92747EEF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:84:b2:a5:51:f9:b8:11:ef:91:bc:f1:b8:dc:
ab:fd:23:07:96:51:33:66:67:b3:86:99:a0:ad:5d:
6b:f0:21:87:19:0c:4a:ce:ec:d4:40:27:c7:69:74:
e5:9c:47:26:81:dc:b1:d7:d6:4a:71:52:d6:df:5d:
b0:8e:0d:65:5b:b2:26:65:db:c7:0c:db:10:43:d2:
29:99:b6:b9:fb:b6:26:d2:96:63:96:f2:cf:39:9c:
91:85:91:74:e6:4c:3b:12:77:c7:f6:e1:d7:22:fb:
62:35:d5:cd:82:f6:cd:f8:fd:43:65:28:89:24:d2:
a9:da:30:56:63:c4:64:88:04:14:98:08:7d:af:95:
e0:a6:3b:c1:21:4b:b9:38:06:2e:35:97:58:7b:8a:
20:07:ef:5d:2f:c0:f7:85:2b:a9:d5:f5:8d:45:6b:
9a:a8:d5:83:7a:9f:f8:5f:95:dd:9b:99:c7:e1:26:
50:63:15:96:c4:9b:f4:af:ea:42:44:24:4e:a4:b2:
06:ea:41:8d:bf:43:e0:96:89:bc:92:2c:ca:45:cd:
e9:5b:ad:74:c3:35:1b:1f:b6:67:a2:a6:d9:40:e7:
2e:c2:c7:4b:07:b4:6f:bc:42:c8:8a:ca:de:d7:9e:
1c:10:38:0f:9e:e2:f5:64:85:e0:f8:91:44:d8:1f:
b6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AE:3F:39:84:49:E0:57:1D:3B:8C:31:5D:BA:91:C9:27:47:EE:F1
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3232342e302f32322d3232203d3e2037303239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.224.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:62:d6:4d:df:00:8b:eb:a0:02:4c:e2:bb:8b:88:a1:59:85:
c3:2a:57:4c:f9:e7:fb:94:65:e7:dc:bc:f8:af:66:f8:b1:30:
63:76:18:db:07:ba:93:d0:9f:96:d9:c0:ab:30:18:96:c8:c6:
a4:16:0e:48:60:4b:f9:f4:a2:e3:1a:7b:94:17:92:0b:b4:4c:
13:2c:7a:f8:a3:40:6a:57:95:fd:94:b7:ed:5c:85:e8:53:30:
04:3a:70:a9:db:4a:c1:48:91:30:ba:ca:e0:01:22:0c:bd:60:
9c:8b:bb:37:8a:a1:d5:70:a0:95:6f:dc:5f:8b:fe:4e:79:86:
57:ed:42:e9:cf:2d:75:47:a4:26:1c:d7:c6:d9:97:6b:a1:66:
cb:24:1d:a2:de:09:b4:d0:27:32:9d:9a:44:79:f9:73:9f:b5:
92:28:b1:16:c6:f8:5c:47:4c:7e:f9:4c:ac:5b:de:42:fe:8f:
be:ac:5a:81:22:cb:35:98:ba:d1:64:24:4b:d8:b8:b4:bf:0f:
a3:36:6d:53:da:eb:1d:19:db:54:44:5e:c6:41:bb:dd:21:73:
fc:03:a7:e2:9e:cd:74:78:45:75:11:67:76:1e:3c:f2:e2:66:
21:2b:64:fb:1b:70:c7:fe:81:5f:1e:0b:9b:d2:42:ae:69:75:
f7:c1:ec:f5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUYiUHW1x17AGF8WjMsqxd8hc3K/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMxMTRaFw0yNjA1MDUwNjM2MTRaMDMxMTAvBgNV
BAMTKEE4QUUzRjM5ODQ0OUUwNTcxRDNCOEMzMTVEQkE5MUM5Mjc0N0VFRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCphLKlUfm4Ee+RvPG43Kv9IweW
UTNmZ7OGmaCtXWvwIYcZDErO7NRAJ8dpdOWcRyaB3LHX1kpxUtbfXbCODWVbsiZl
28cM2xBD0imZtrn7tibSlmOW8s85nJGFkXTmTDsSd8f24dci+2I11c2C9s34/UNl
KIkk0qnaMFZjxGSIBBSYCH2vleCmO8EhS7k4Bi41l1h7iiAH710vwPeFK6nV9Y1F
a5qo1YN6n/hfld2bmcfhJlBjFZbEm/Sv6kJEJE6ksgbqQY2/Q+CWibySLMpFzelb
rXTDNRsftmeiptlA5y7Cx0sHtG+8QsiKyt7XnhwQOA+e4vVkheD4kUTYH7YjAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUqK4/OYRJ4FcdO4wxXbqRySdH7vEwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjMy
MzQyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNzMwMzIzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAo8U
4DANBgkqhkiG9w0BAQsFAAOCAQEAx2LWTd8Ai+ugAkziu4uIoVmFwypXTPnn+5Rl
59y8+K9m+LEwY3YY2we6k9CfltnAqzAYlsjGpBYOSGBL+fSi4xp7lBeSC7RMEyx6
+KNAaleV/ZS37VyF6FMwBDpwqdtKwUiRMLrK4AEiDL1gnIu7N4qh1XCglW/cX4v+
TnmGV+1C6c8tdUekJhzXxtmXa6FmyyQdot4JtNAnMp2aRHn5c5+1kiixFsb4XEdM
fvlMrFveQv6PvqxagSLLNZi60WQkS9i4tL8PozZtU9rrHRnbVERexkG73SFz/AOn
4p7NdHhFdRFndh488uJmIStk+xtwx/6BXx4Lm9JCrml198Hs9Q==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:37:15 2025 by rpki-client