Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e33322e302f32302d3234203d3e20383334.roa
File: 3134332e32302e33322e302f32302d3234203d3e20383334.roa (raw, json)
Hash identifier: zy0fTQ97wtbHiLUG8YOD2jok7ColIkrDYO4D5OjOZk0=
Subject key identifier: 97:65:DB:35:A3:8E:6E:AE:DB:8D:E0:A4:3D:70:20:4F:D0:13:58:AF
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 42DDF4ED7D5DD56E4ACC9615809F55C6DFE7A4A5
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e33322e302f32302d3234203d3e20383334.roa
Signing time: Fri 30 May 2025 13:09:10 +0000
ROA not before: Fri 30 May 2025 13:04:10 +0000
ROA not after: Fri 29 May 2026 13:09:10 +0000
asID: 834
IP address blocks: 143.20.32.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 09:33:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:dd:f4:ed:7d:5d:d5:6e:4a:cc:96:15:80:9f:55:c6:df:e7:a4:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 30 13:04:10 2025 GMT
Not After : May 29 13:09:10 2026 GMT
Subject: CN=9765DB35A38E6EAEDB8DE0A43D70204FD01358AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b5:60:f1:fb:f4:0c:6c:08:20:fc:09:f8:a3:
35:1b:ea:6e:0a:80:c5:76:7e:47:09:d6:9f:d2:49:
3b:61:8d:07:49:7a:77:df:4c:38:bd:2f:e8:b4:8f:
d8:55:f0:d9:0f:ef:a1:e6:a5:79:fc:5d:3a:2d:b1:
a9:df:c0:61:e4:ce:b0:c2:4b:8b:6b:5d:4e:21:9b:
df:e5:5f:31:19:37:cb:9a:0a:c7:28:ca:d1:e1:be:
cd:17:3c:68:4e:fd:99:21:85:e3:d4:0b:d5:68:a9:
d0:7b:72:3e:12:5a:fe:c4:ee:53:bc:6e:05:9a:aa:
40:38:c7:c5:c9:14:c8:56:44:74:f8:63:9b:13:f9:
3f:9c:1c:5a:48:c5:d9:07:42:37:8d:15:0c:86:61:
47:bb:3e:9e:60:7b:ee:51:54:de:5d:ea:63:47:21:
7a:b3:84:76:03:df:4c:36:b9:48:f7:d6:12:ef:a2:
ae:49:6e:e2:37:e1:a2:2d:32:4c:ab:3e:c3:0a:60:
88:14:cb:9a:a2:2d:f4:61:b1:76:29:73:f2:6c:c2:
db:a1:a7:dc:a4:48:d9:98:7d:1c:f8:97:92:43:48:
68:c0:a9:31:d9:47:3a:dc:22:f7:f6:c3:a8:a5:11:
b5:49:40:35:db:00:f7:e1:d0:96:93:38:99:15:c7:
18:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:65:DB:35:A3:8E:6E:AE:DB:8D:E0:A4:3D:70:20:4F:D0:13:58:AF
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e33322e302f32302d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.32.0/20
Signature Algorithm: sha256WithRSAEncryption
99:c2:5c:5f:8a:8f:d7:83:33:69:9a:fa:16:7f:02:56:bc:3a:
22:26:aa:b8:70:fe:bb:8a:8c:81:58:32:e1:02:4d:a5:7d:fa:
76:70:2b:13:b1:a3:ab:2a:34:7d:ab:cc:ea:ff:7b:cf:29:14:
67:1c:d8:00:fb:99:62:9f:36:98:53:4f:9c:1e:53:1c:79:47:
d5:d8:3a:91:14:16:5f:be:18:25:2b:1c:f9:39:ab:0a:fe:38:
53:da:05:02:71:98:ab:0f:46:75:1f:04:cd:64:2f:db:40:1d:
b2:63:6e:2a:26:92:0b:ea:dd:65:91:15:f1:61:fb:c9:75:0b:
9b:4f:52:c3:78:54:fc:fb:36:99:8b:36:a2:42:27:3a:47:22:
a2:01:e7:c7:29:58:82:a5:75:25:cd:3f:ef:9a:b8:30:98:80:
5e:67:f1:15:8a:cd:81:7b:2a:25:98:4b:4b:05:a3:b2:57:20:
eb:ca:fb:21:a9:1e:bc:b4:fb:f7:62:fd:b8:1d:c2:1a:3b:07:
b3:02:ac:47:0e:0b:84:38:4a:00:51:4d:8c:26:fd:f5:56:7e:
af:e6:2f:75:23:0c:9a:2d:87:a1:c3:0b:0d:97:94:1f:21:c5:
61:30:ee:a9:c6:c9:65:4b:f6:19:06:c8:82:fa:b1:2d:fc:19:
9d:ca:c9:73
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUQt307X1d1W5KzJYVgJ9Vxt/npKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MzAxMzA0MTBaFw0yNjA1MjkxMzA5MTBaMDMxMTAvBgNV
BAMTKDk3NjVEQjM1QTM4RTZFQUVEQjhERTBBNDNENzAyMDRGRDAxMzU4QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXtWDx+/QMbAgg/An4ozUb6m4K
gMV2fkcJ1p/SSTthjQdJenffTDi9L+i0j9hV8NkP76HmpXn8XTotsanfwGHkzrDC
S4trXU4hm9/lXzEZN8uaCscoytHhvs0XPGhO/ZkhhePUC9VoqdB7cj4SWv7E7lO8
bgWaqkA4x8XJFMhWRHT4Y5sT+T+cHFpIxdkHQjeNFQyGYUe7Pp5ge+5RVN5d6mNH
IXqzhHYD30w2uUj31hLvoq5JbuI34aItMkyrPsMKYIgUy5qiLfRhsXYpc/Jswtuh
p9ykSNmYfRz4l5JDSGjAqTHZRzrcIvf2w6ilEbVJQDXbAPfh0JaTOJkVxxhBAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUl2XbNaOObq7bjeCkPXAgT9ATWK8wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMzMy
MmUzMDJmMzIzMDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEjxQgMA0G
CSqGSIb3DQEBCwUAA4IBAQCZwlxfio/XgzNpmvoWfwJWvDoiJqq4cP67ioyBWDLh
Ak2lffp2cCsTsaOrKjR9q8zq/3vPKRRnHNgA+5linzaYU0+cHlMceUfV2DqRFBZf
vhglKxz5OasK/jhT2gUCcZirD0Z1HwTNZC/bQB2yY24qJpIL6t1lkRXxYfvJdQub
T1LDeFT8+zaZizaiQic6RyKiAefHKViCpXUlzT/vmrgwmIBeZ/EVis2BeyolmEtL
BaOyVyDryvshqR68tPv3Yv24HcIaOwezAqxHDguEOEoAUU2MJv31Vn6v5i91Iwya
LYehwwsNl5QfIcVhMO6pxsllS/YZBsiC+rEt/Bmdyslz
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:18:41 2025 by rpki-client