Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e33322e302f31392d3234203d3e20383334.roa
File: 3134332e32302e33322e302f31392d3234203d3e20383334.roa (raw, json)
Hash identifier: mGKuGh4FNkvBaeXbep0SqRhelhh62NeTuK5HDPgVeZ8=
Subject key identifier: CF:0D:16:FE:60:11:47:C0:31:F6:CF:5D:CD:2D:72:5E:91:4E:D4:E6
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 34DC49CA0769959DE135818C0B888EA2BA0F5C44
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e33322e302f31392d3234203d3e20383334.roa
Signing time: Tue 13 May 2025 06:01:39 +0000
ROA not before: Tue 13 May 2025 05:56:39 +0000
ROA not after: Tue 12 May 2026 06:01:39 +0000
asID: 834
IP address blocks: 143.20.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 May 2025 13:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:dc:49:ca:07:69:95:9d:e1:35:81:8c:0b:88:8e:a2:ba:0f:5c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 13 05:56:39 2025 GMT
Not After : May 12 06:01:39 2026 GMT
Subject: CN=CF0D16FE601147C031F6CF5DCD2D725E914ED4E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fd:95:30:56:22:75:92:43:ff:34:5b:7d:5e:
3c:66:7d:bb:e6:62:c2:d8:7c:40:da:f6:b6:0e:89:
a6:b5:d8:45:e3:aa:40:05:49:8b:b8:9d:80:3f:c1:
c9:86:00:77:85:7c:52:c4:d5:e7:5c:a8:86:70:43:
36:42:48:03:92:53:0a:69:09:d3:c1:e6:cf:92:97:
0f:42:d8:39:37:0a:8e:6a:85:30:0a:fc:13:6e:0e:
82:e9:c6:16:0d:74:35:94:71:b9:90:63:be:0c:83:
21:e7:2e:c1:03:35:8a:c0:76:98:27:5a:2b:93:1d:
ce:a5:09:ea:85:03:a7:77:7f:28:2b:2d:8f:aa:a5:
41:40:3f:b3:dd:33:f0:1c:d0:0d:93:8e:7a:20:29:
a6:c6:4b:ed:38:2b:1b:6d:fd:b7:4f:3c:b4:a8:29:
86:da:4a:49:4d:5a:25:4d:04:6d:1e:f6:62:ae:d2:
f9:b7:00:63:86:91:f9:1f:2e:eb:53:5a:99:de:78:
95:d7:57:95:45:ba:2b:69:57:06:f0:78:5d:24:f2:
63:f0:6d:2e:b0:a7:91:fb:67:f4:2d:d7:a5:1f:02:
c5:47:43:d6:0b:01:79:b6:47:74:bb:8b:0f:27:6f:
75:05:10:38:77:0b:0b:1f:26:3b:ac:25:93:de:3e:
5b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:0D:16:FE:60:11:47:C0:31:F6:CF:5D:CD:2D:72:5E:91:4E:D4:E6
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e33322e302f31392d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.32.0/19
Signature Algorithm: sha256WithRSAEncryption
d9:e9:e1:a7:6f:11:8a:72:51:c6:05:8d:6c:cd:d2:ba:d0:b0:
5a:e0:b5:ac:2a:f8:ad:fb:8d:89:95:ae:4e:53:0f:5f:80:a2:
54:57:e9:c1:cc:bd:ec:08:f2:2b:07:93:a1:76:f7:fe:82:aa:
bf:b7:90:12:f5:15:b5:68:12:f6:9d:42:94:01:2c:56:79:2d:
a0:1c:c8:2e:09:43:e4:14:2f:a7:90:f4:b4:c5:4f:5c:59:ad:
20:49:88:9b:1a:1c:26:c6:8d:f9:c5:90:56:06:72:b0:bb:b6:
b7:5b:44:6b:00:71:9d:aa:2e:71:cb:8c:31:5a:ca:26:7f:05:
14:46:d7:6b:3f:50:4f:06:7c:01:d7:3c:1a:13:c7:43:a6:0f:
4c:7d:e6:a1:1d:bf:3b:c8:65:05:25:d4:18:fe:60:7e:c6:82:
7f:bc:ce:9a:2d:50:12:d3:9a:94:40:82:b1:45:2e:2f:9a:78:
ad:17:47:c1:79:48:88:01:25:79:d0:c1:41:60:42:15:25:47:
cd:2e:36:44:c1:18:24:36:f8:ab:bb:7f:4d:6a:0d:df:47:7d:
51:e6:98:3d:11:f2:a3:5a:fd:d9:64:71:c4:a7:7e:dc:ba:09:
8d:68:c5:9c:70:8b:1f:58:a1:fe:53:ea:1b:f0:c3:3e:cd:6b:
d0:ff:8d:04
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUNNxJygdplZ3hNYGMC4iOoroPXEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MTMwNTU2MzlaFw0yNjA1MTIwNjAxMzlaMDMxMTAvBgNV
BAMTKENGMEQxNkZFNjAxMTQ3QzAzMUY2Q0Y1RENEMkQ3MjVFOTE0RUQ0RTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo/ZUwViJ1kkP/NFt9Xjxmfbvm
YsLYfEDa9rYOiaa12EXjqkAFSYu4nYA/wcmGAHeFfFLE1edcqIZwQzZCSAOSUwpp
CdPB5s+Slw9C2Dk3Co5qhTAK/BNuDoLpxhYNdDWUcbmQY74MgyHnLsEDNYrAdpgn
WiuTHc6lCeqFA6d3fygrLY+qpUFAP7PdM/Ac0A2TjnogKabGS+04Kxtt/bdPPLSo
KYbaSklNWiVNBG0e9mKu0vm3AGOGkfkfLutTWpneeJXXV5VFuitpVwbweF0k8mPw
bS6wp5H7Z/Qt16UfAsVHQ9YLAXm2R3S7iw8nb3UFEDh3CwsfJjusJZPePlsZAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUzw0W/mARR8Ax9s9dzS1yXpFO1OYwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMzMy
MmUzMDJmMzEzOTJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFjxQgMA0G
CSqGSIb3DQEBCwUAA4IBAQDZ6eGnbxGKclHGBY1szdK60LBa4LWsKvit+42Jla5O
Uw9fgKJUV+nBzL3sCPIrB5Ohdvf+gqq/t5AS9RW1aBL2nUKUASxWeS2gHMguCUPk
FC+nkPS0xU9cWa0gSYibGhwmxo35xZBWBnKwu7a3W0RrAHGdqi5xy4wxWsomfwUU
RtdrP1BPBnwB1zwaE8dDpg9MfeahHb87yGUFJdQY/mB+xoJ/vM6aLVAS05qUQIKx
RS4vmnitF0fBeUiIASV50MFBYEIVJUfNLjZEwRgkNviru39Nag3fR31R5pg9EfKj
Wv3ZZHHEp37cugmNaMWccIsfWKH+U+ob8MM+zWvQ/40E
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:24:02 2025 by rpki-client