Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e39362e302f32302d3234203d3e20383334.roa
File: 3134332e32302e39362e302f32302d3234203d3e20383334.roa (raw, json)
Hash identifier: 4uUajQijhKdZaSREAipz3jT6d1UKSfmnYQCD9cfJjok=
Subject key identifier: 48:99:2B:6B:0D:82:DE:64:FE:27:A4:CA:60:F4:F7:73:7E:D5:C5:F2
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 3310F0710E277FB264463088E196853ECAD5737A
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e39362e302f32302d3234203d3e20383334.roa
Signing time: Wed 07 May 2025 15:09:09 +0000
ROA not before: Wed 07 May 2025 15:04:09 +0000
ROA not after: Wed 06 May 2026 15:09:09 +0000
asID: 834
IP address blocks: 143.20.96.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 May 2025 17:39:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:10:f0:71:0e:27:7f:b2:64:46:30:88:e1:96:85:3e:ca:d5:73:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 7 15:04:09 2025 GMT
Not After : May 6 15:09:09 2026 GMT
Subject: CN=48992B6B0D82DE64FE27A4CA60F4F7737ED5C5F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c2:67:6e:39:ec:18:6f:e9:01:ae:7a:3d:2b:
88:67:e6:c0:14:78:77:9a:7d:e1:7e:02:ed:34:ac:
1c:a5:41:8d:7e:ab:55:9f:da:5d:9d:01:26:51:cc:
58:3b:1c:c8:d0:59:3d:98:6f:69:95:8f:5a:f4:db:
e2:3e:72:66:56:07:1a:fb:48:10:1f:9f:41:6f:7d:
46:c7:4e:35:18:01:6b:16:49:a1:70:eb:4d:2e:09:
66:5e:36:90:c3:03:8c:e5:75:8f:c3:62:f5:63:63:
46:7b:11:30:1f:7d:4f:86:91:f9:49:9b:3a:4b:9d:
28:35:2a:65:c5:d1:1c:8c:42:a9:4d:2c:19:5c:41:
ba:46:fb:b3:49:8b:72:c1:4b:7e:ae:16:43:46:7f:
d8:6d:9e:dd:20:1a:43:80:79:fe:d0:a6:b9:9f:91:
a6:8d:38:f1:11:f5:c7:18:5c:fb:c1:a7:2f:be:63:
61:22:3a:27:fc:ca:dd:35:ac:2c:5f:ab:fb:32:e6:
2b:40:8a:0b:70:24:0a:a1:8f:dc:83:4b:13:07:b3:
ee:26:e7:6e:30:5b:c5:5e:57:9f:c9:09:be:2e:be:
1f:0c:7f:f7:3d:87:83:95:96:1a:17:d4:6f:6f:39:
be:4d:54:3f:ca:49:a0:d6:24:60:62:87:04:4d:0f:
df:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:99:2B:6B:0D:82:DE:64:FE:27:A4:CA:60:F4:F7:73:7E:D5:C5:F2
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e39362e302f32302d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.96.0/20
Signature Algorithm: sha256WithRSAEncryption
0d:13:01:ae:f5:1d:ad:c7:0a:9d:25:6f:78:fb:09:a8:1f:b4:
a3:2b:e6:0a:a4:5e:36:84:81:25:d2:b5:b4:e4:bb:fa:b1:55:
1a:30:7c:17:b2:67:9b:bf:a4:ad:d3:3a:99:e1:27:30:e0:02:
19:55:cb:02:e4:b0:7e:ad:12:33:61:bc:1b:ac:7d:62:db:91:
84:5f:7b:af:8a:da:dc:48:2f:0c:5f:f5:a7:59:1e:33:bc:7f:
70:cf:e0:c6:e7:18:37:1c:2a:03:ca:93:78:19:8c:b2:40:d6:
f4:84:1b:7c:cb:28:27:aa:ae:2b:85:da:4f:8e:65:8d:2a:71:
78:6a:f9:8f:97:47:b9:b5:9b:b3:a3:c2:70:e2:6f:52:d5:9a:
16:6a:29:14:66:fa:4a:5b:9c:f7:1a:fa:6a:fa:63:93:ab:0e:
1d:1e:e3:13:29:f6:01:5a:23:ae:7c:77:2d:e0:2e:b2:84:e8:
b9:a2:07:ff:93:81:47:9c:18:06:25:21:f9:f3:5e:81:c6:1b:
69:5c:e7:49:12:b0:11:2f:b1:93:96:26:47:72:f5:35:e3:50:
9d:20:93:32:dc:9a:18:c7:8b:3b:16:9c:bb:bc:a6:28:ca:15:
ae:55:68:e3:7a:4f:fb:2f:7b:98:e7:cf:20:ee:1c:e3:d8:71:
e2:73:04:dc
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUMxDwcQ4nf7JkRjCI4ZaFPsrVc3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDcxNTA0MDlaFw0yNjA1MDYxNTA5MDlaMDMxMTAvBgNV
BAMTKDQ4OTkyQjZCMEQ4MkRFNjRGRTI3QTRDQTYwRjRGNzczN0VENUM1RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChwmduOewYb+kBrno9K4hn5sAU
eHeafeF+Au00rBylQY1+q1Wf2l2dASZRzFg7HMjQWT2Yb2mVj1r02+I+cmZWBxr7
SBAfn0FvfUbHTjUYAWsWSaFw600uCWZeNpDDA4zldY/DYvVjY0Z7ETAffU+GkflJ
mzpLnSg1KmXF0RyMQqlNLBlcQbpG+7NJi3LBS36uFkNGf9htnt0gGkOAef7Qprmf
kaaNOPER9ccYXPvBpy++Y2EiOif8yt01rCxfq/sy5itAigtwJAqhj9yDSxMHs+4m
524wW8VeV5/JCb4uvh8Mf/c9h4OVlhoX1G9vOb5NVD/KSaDWJGBihwRND997AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUSJkraw2C3mT+J6TKYPT3c37VxfIwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzOTM2
MmUzMDJmMzIzMDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEjxRgMA0G
CSqGSIb3DQEBCwUAA4IBAQANEwGu9R2txwqdJW94+wmoH7SjK+YKpF42hIEl0rW0
5Lv6sVUaMHwXsmebv6St0zqZ4Scw4AIZVcsC5LB+rRIzYbwbrH1i25GEX3uvitrc
SC8MX/WnWR4zvH9wz+DG5xg3HCoDypN4GYyyQNb0hBt8yygnqq4rhdpPjmWNKnF4
avmPl0e5tZuzo8Jw4m9S1ZoWaikUZvpKW5z3Gvpq+mOTqw4dHuMTKfYBWiOufHct
4C6yhOi5ogf/k4FHnBgGJSH5816BxhtpXOdJErARL7GTliZHcvU141CdIJMy3JoY
x4s7Fpy7vKYoyhWuVWjjek/7L3uY588g7hzj2HHicwTc
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:27:40 2025 by rpki-client