Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e35302e302f32342d3234203d3e20323037373639.roa
File: 3134332e32302e35302e302f32342d3234203d3e20323037373639.roa (raw, json)
Hash identifier: tDt/JeheHxMNGMVpTNns3tghZXvLIcBJIwX1cLHOEIo=
Subject key identifier: 59:DD:0F:53:AD:21:89:2A:8A:D9:1E:AE:DA:A1:6C:28:7E:EC:74:3F
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 02C9328B468DD36C9D4D92CFF3CE2476B7A1826D
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e35302e302f32342d3234203d3e20323037373639.roa
Signing time: Fri 30 May 2025 13:08:35 +0000
ROA not before: Fri 30 May 2025 13:03:35 +0000
ROA not after: Fri 29 May 2026 13:08:35 +0000
asID: 207769
IP address blocks: 143.20.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:c9:32:8b:46:8d:d3:6c:9d:4d:92:cf:f3:ce:24:76:b7:a1:82:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 30 13:03:35 2025 GMT
Not After : May 29 13:08:35 2026 GMT
Subject: CN=59DD0F53AD21892A8AD91EAEDAA16C287EEC743F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:dc:cc:15:c0:50:1d:27:59:cd:1f:59:79:41:
02:38:f1:d0:11:df:3f:60:60:86:b1:2d:1b:2e:f2:
b3:ae:ab:3c:d1:a9:00:65:c8:93:87:1c:a2:ad:58:
70:69:68:5c:32:ae:e9:77:41:5f:21:94:c7:2a:c4:
73:ea:c7:d8:c0:51:5f:49:82:d8:63:0f:fb:5d:bd:
bb:08:07:32:54:6d:db:5a:96:3a:79:f3:d3:45:56:
1b:5d:79:63:ff:71:3b:5c:96:30:7f:c9:a4:f6:54:
cc:e1:c7:b2:e4:c0:71:17:5d:e1:73:79:4a:f6:9e:
89:7d:ad:3c:37:f3:6d:2e:70:f0:a9:a9:a5:72:b6:
33:d2:c6:54:30:8f:26:4c:3f:ad:7d:84:43:ae:8f:
a2:45:c6:01:2a:75:18:41:24:0e:44:a3:ec:c8:cf:
5c:f3:5b:19:f5:59:e3:88:a2:2d:78:11:42:66:73:
74:af:f6:7f:d9:07:a7:f8:f6:ad:b0:e2:75:f2:34:
a0:cb:e6:9e:d2:d4:a5:17:00:ab:2d:30:a9:75:8f:
d7:38:3a:81:2a:51:1a:d8:b6:2f:9b:a0:57:ab:0d:
e6:ed:f1:33:c5:bd:60:b8:1a:e8:16:dc:16:8d:aa:
05:d2:e0:01:87:95:52:1d:f3:cc:32:c2:55:6a:9f:
1e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:DD:0F:53:AD:21:89:2A:8A:D9:1E:AE:DA:A1:6C:28:7E:EC:74:3F
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e35302e302f32342d3234203d3e20323037373639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.50.0/24
Signature Algorithm: sha256WithRSAEncryption
43:91:54:eb:00:3b:64:e3:e5:c2:16:02:6f:bb:fd:38:7f:8f:
22:7d:41:d5:2e:d2:d1:ad:5b:79:86:b1:1d:ec:36:02:09:46:
7c:33:07:6e:12:e3:95:6d:2d:4a:b9:e9:9c:47:08:a8:ac:28:
e7:4c:13:e7:2d:e8:ef:c2:46:3c:a7:20:81:69:0d:cf:75:92:
51:ce:ce:b7:e4:4d:71:62:41:9e:24:cc:f0:b8:a0:6d:8b:a7:
18:87:0d:1f:22:43:46:93:2d:c2:59:57:73:d1:7b:c9:81:4f:
38:86:fe:85:ed:f7:d5:8a:43:af:21:b4:66:7d:de:e7:4e:81:
8e:21:b8:8b:67:2d:2b:7e:e8:22:14:33:c7:6a:6a:7d:e8:9a:
28:d5:77:65:5d:9e:b5:54:db:f3:d7:38:4f:fb:a2:2e:f5:ff:
8c:e7:79:3d:3c:38:ca:a1:2f:cd:a7:4e:70:59:72:50:aa:1a:
3d:a8:3b:0b:d2:4c:de:45:53:6d:aa:75:49:34:bb:d2:c8:f3:
e1:61:9c:e8:b2:36:6a:73:5a:5c:44:b9:71:14:62:35:06:78:
b2:9a:ce:e0:69:23:5e:77:8f:80:84:4b:a3:e3:7a:06:2e:4d:
64:34:a2:45:21:90:be:af:6c:62:fc:b2:8d:70:d7:8d:54:f8:
a1:93:e9:d9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAskyi0aN02ydTZLP884kdrehgm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MzAxMzAzMzVaFw0yNjA1MjkxMzA4MzVaMDMxMTAvBgNV
BAMTKDU5REQwRjUzQUQyMTg5MkE4QUQ5MUVBRURBQTE2QzI4N0VFQzc0M0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe3MwVwFAdJ1nNH1l5QQI48dAR
3z9gYIaxLRsu8rOuqzzRqQBlyJOHHKKtWHBpaFwyrul3QV8hlMcqxHPqx9jAUV9J
gthjD/tdvbsIBzJUbdtaljp589NFVhtdeWP/cTtcljB/yaT2VMzhx7LkwHEXXeFz
eUr2nol9rTw3820ucPCpqaVytjPSxlQwjyZMP619hEOuj6JFxgEqdRhBJA5Eo+zI
z1zzWxn1WeOIoi14EUJmc3Sv9n/ZB6f49q2w4nXyNKDL5p7S1KUXAKstMKl1j9c4
OoEqURrYti+boFerDebt8TPFvWC4GugW3BaNqgXS4AGHlVId88wywlVqnx4hAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUWd0PU60hiSqK2R6u2qFsKH7sdD8wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzNTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM3MzczNjM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
jxQyMA0GCSqGSIb3DQEBCwUAA4IBAQBDkVTrADtk4+XCFgJvu/04f48ifUHVLtLR
rVt5hrEd7DYCCUZ8MwduEuOVbS1KuemcRwiorCjnTBPnLejvwkY8pyCBaQ3PdZJR
zs635E1xYkGeJMzwuKBti6cYhw0fIkNGky3CWVdz0XvJgU84hv6F7ffVikOvIbRm
fd7nToGOIbiLZy0rfugiFDPHamp96Joo1XdlXZ61VNvz1zhP+6Iu9f+M53k9PDjK
oS/Np05wWXJQqho9qDsL0kzeRVNtqnVJNLvSyPPhYZzosjZqc1pcRLlxFGI1Bniy
ms7gaSNed4+AhEuj43oGLk1kNKJFIZC+r2xi/LKNcNeNVPihk+nZ
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:47:07 2025 by rpki-client