Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e34322e302f32342d3234203d3e20383334.roa
File: 3134332e32302e34322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 4U7EAhdhIdjD8d0S+D/5BlrN582uawiIjjGm0qOCAoc=
Subject key identifier: 53:DF:C4:E9:39:D7:81:1F:85:4E:19:8C:EE:D7:C1:71:C9:8D:45:BD
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 08E029702B38A2FD9BE10C4FCC454900A7FA0577
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e34322e302f32342d3234203d3e20383334.roa
Signing time: Wed 04 Jun 2025 09:33:10 +0000
ROA not before: Wed 04 Jun 2025 09:28:10 +0000
ROA not after: Wed 03 Jun 2026 09:33:10 +0000
asID: 834
IP address blocks: 143.20.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:e0:29:70:2b:38:a2:fd:9b:e1:0c:4f:cc:45:49:00:a7:fa:05:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 4 09:28:10 2025 GMT
Not After : Jun 3 09:33:10 2026 GMT
Subject: CN=53DFC4E939D7811F854E198CEED7C171C98D45BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:eb:92:8f:f8:bc:fc:41:10:ef:a3:90:e3:54:
a4:64:d7:53:ee:14:3e:3a:1d:0c:3d:9f:9b:55:78:
4c:44:ec:b1:e9:c6:f7:05:4f:e8:9d:27:76:eb:3f:
2a:87:4b:ec:27:cd:77:03:3e:9d:f6:2b:f5:8a:d8:
98:f7:56:fd:07:ea:ce:1b:81:73:ff:49:c7:1e:90:
0b:a9:df:16:41:de:c4:5d:23:87:b0:d7:47:9c:5a:
02:40:d6:ad:d2:f5:cf:43:33:c6:aa:5c:97:8d:f6:
be:6b:18:b1:9b:9d:3f:56:41:eb:4a:93:d6:88:09:
bf:c0:12:75:84:e3:88:5a:46:f9:09:47:46:b9:b4:
ab:8f:2d:f6:4f:78:bc:1f:3e:40:a6:24:76:5d:cb:
79:6a:0b:e7:5d:c1:fa:72:f4:0c:03:06:94:cf:0b:
af:55:e8:90:82:0c:98:40:85:e8:c8:54:47:04:53:
27:88:14:97:3c:0d:99:c1:15:ed:be:66:b5:22:22:
0c:96:04:92:16:30:5a:83:80:7a:61:c2:24:7e:c7:
14:c4:eb:c8:73:7b:d2:e4:90:08:2a:bb:dd:80:16:
97:9f:e2:76:d9:a3:49:bd:24:2c:d5:17:cc:45:7f:
0f:4d:12:d8:16:52:7f:0e:4b:b2:99:71:38:8f:be:
a2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DF:C4:E9:39:D7:81:1F:85:4E:19:8C:EE:D7:C1:71:C9:8D:45:BD
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e34322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.42.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:60:61:11:d7:cb:16:d1:c9:3f:8b:d2:3b:f6:14:e6:28:13:
15:e7:76:8d:97:d8:8d:b5:aa:26:53:21:ce:dc:0d:51:ae:a1:
77:ce:40:b1:1b:8a:69:f5:33:72:99:6d:20:88:71:54:39:fe:
fa:4f:b3:64:f2:43:e5:94:e9:11:98:93:82:96:ad:a8:9e:57:
08:8d:fa:e3:1d:6f:fb:6b:0e:07:6c:8a:3a:3c:63:b2:2d:db:
f8:c6:61:b5:55:e2:dc:c6:63:a8:80:7f:24:9e:7b:ff:ea:2c:
35:0d:bb:0b:99:57:fa:b3:60:42:23:89:aa:6b:1c:59:ae:32:
e7:87:e2:ec:2b:dd:89:86:3e:26:9c:33:1e:72:31:e0:1d:73:
40:7b:22:a4:c4:f0:48:d3:5c:9c:22:df:46:c8:0b:95:38:be:
98:83:3b:8d:09:fe:78:30:3d:96:29:46:6e:4a:98:74:ad:c1:
2f:3d:60:2c:ea:37:37:b2:8a:2b:c4:84:d8:32:d8:52:94:99:
39:52:31:15:7c:f7:e6:a0:0c:59:5a:23:16:b8:14:f5:35:c6:
44:47:1e:75:0f:bc:e9:03:39:fa:ef:19:bd:53:48:3a:14:d9:
d8:4c:68:6a:d1:ba:d2:99:cf:0a:cb:a9:97:e9:e0:97:8e:50:
a4:46:f3:b7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUCOApcCs4ov2b4QxPzEVJAKf6BXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MDQwOTI4MTBaFw0yNjA2MDMwOTMzMTBaMDMxMTAvBgNV
BAMTKDUzREZDNEU5MzlENzgxMUY4NTRFMTk4Q0VFRDdDMTcxQzk4RDQ1QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC765KP+Lz8QRDvo5DjVKRk11Pu
FD46HQw9n5tVeExE7LHpxvcFT+idJ3brPyqHS+wnzXcDPp32K/WK2Jj3Vv0H6s4b
gXP/SccekAup3xZB3sRdI4ew10ecWgJA1q3S9c9DM8aqXJeN9r5rGLGbnT9WQetK
k9aICb/AEnWE44haRvkJR0a5tKuPLfZPeLwfPkCmJHZdy3lqC+ddwfpy9AwDBpTP
C69V6JCCDJhAhejIVEcEUyeIFJc8DZnBFe2+ZrUiIgyWBJIWMFqDgHphwiR+xxTE
68hze9LkkAgqu92AFpef4nbZo0m9JCzVF8xFfw9NEtgWUn8OS7KZcTiPvqK7AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUU9/E6TnXgR+FThmM7tfBccmNRb0wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzNDMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjxQqMA0G
CSqGSIb3DQEBCwUAA4IBAQBrYGER18sW0ck/i9I79hTmKBMV53aNl9iNtaomUyHO
3A1RrqF3zkCxG4pp9TNymW0giHFUOf76T7Nk8kPllOkRmJOClq2onlcIjfrjHW/7
aw4HbIo6PGOyLdv4xmG1VeLcxmOogH8knnv/6iw1DbsLmVf6s2BCI4mqaxxZrjLn
h+LsK92Jhj4mnDMecjHgHXNAeyKkxPBI01ycIt9GyAuVOL6YgzuNCf54MD2WKUZu
Sph0rcEvPWAs6jc3soorxITYMthSlJk5UjEVfPfmoAxZWiMWuBT1NcZERx51D7zp
Azn67xm9U0g6FNnYTGhq0brSmc8Ky6mX6eCXjlCkRvO3
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:34:14 2025 by rpki-client