Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e39372e302f32342d3234203d3e2039333138.roa
File: 3134332e32302e39372e302f32342d3234203d3e2039333138.roa (raw, json)
Hash identifier: tbE5XXMZjIGqlyFsA5VCIBq+wHvH/64kVfS55apHsx8=
Subject key identifier: BF:99:AD:27:F1:6A:5C:95:3B:40:83:A7:80:E3:1A:19:AD:70:49:F3
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 39CC6C17BA61B87CC66A5B001DAF1C82B67B9E15
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e39372e302f32342d3234203d3e2039333138.roa
Signing time: Sun 18 May 2025 17:39:30 +0000
ROA not before: Sun 18 May 2025 17:34:30 +0000
ROA not after: Sun 17 May 2026 17:39:30 +0000
asID: 9318
IP address blocks: 143.20.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:cc:6c:17:ba:61:b8:7c:c6:6a:5b:00:1d:af:1c:82:b6:7b:9e:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 18 17:34:30 2025 GMT
Not After : May 17 17:39:30 2026 GMT
Subject: CN=BF99AD27F16A5C953B4083A780E31A19AD7049F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cb:7d:46:74:61:4e:e0:0f:0a:d7:b2:b6:3e:
97:19:4e:5a:05:6b:1c:6c:bb:97:ec:7b:b8:f5:d1:
66:a4:96:cb:8a:3c:ec:89:94:6f:96:cc:32:42:ec:
b8:18:74:24:b0:c0:56:58:c0:38:b6:b7:1b:02:9c:
61:53:2e:9c:35:9a:d3:95:2f:80:41:a5:7d:5e:42:
24:c0:98:66:f2:f2:09:7a:5c:48:3f:43:50:09:54:
0f:42:fe:32:f2:2c:eb:14:15:14:58:8e:dc:df:7f:
f1:74:ed:a8:21:df:26:e8:dd:d3:bc:c2:12:2e:f0:
f1:5d:12:ae:4e:ce:79:df:c4:9f:c8:75:c3:57:33:
a7:f8:bd:f8:8f:2e:64:88:20:a4:7a:df:49:7b:83:
85:41:7e:5a:5a:9c:3c:eb:2a:39:9f:7f:58:18:07:
1e:54:00:96:2f:21:f3:4d:03:e1:0c:90:69:0c:03:
32:8a:e9:75:5f:0a:e6:2e:ac:38:2c:35:19:fb:18:
f9:f2:db:40:5c:56:0a:4d:53:6f:57:9c:9e:e5:67:
f7:01:65:77:76:22:60:d9:79:35:9e:4e:95:61:12:
25:25:4d:ae:ec:ba:65:a8:2e:91:f2:57:86:79:dd:
b1:bc:03:fe:4c:3d:db:d4:fc:f9:8e:ec:30:8a:11:
c0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:99:AD:27:F1:6A:5C:95:3B:40:83:A7:80:E3:1A:19:AD:70:49:F3
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e39372e302f32342d3234203d3e2039333138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.97.0/24
Signature Algorithm: sha256WithRSAEncryption
60:af:b9:21:22:7c:ec:a7:90:5e:c2:01:23:7a:c4:a1:cd:d9:
83:c3:96:5c:c3:48:e3:7e:e2:af:d4:80:54:b4:91:63:ee:10:
08:c6:46:8f:a2:fb:75:3b:10:63:99:82:bf:e3:f5:5e:08:eb:
bc:ce:1c:36:cc:a5:26:c2:02:97:7a:ac:5a:76:24:f3:38:b8:
78:6f:66:b1:ee:92:48:a1:ce:f1:af:41:1f:67:c9:e3:fe:41:
b6:cb:93:5e:e0:e8:41:c9:f1:85:6f:f1:29:94:61:5c:c6:8b:
18:42:34:19:25:0f:cd:a3:47:e7:b6:e2:9c:bc:ff:73:40:89:
25:d8:1c:64:a8:8c:70:2f:f4:88:72:19:00:e0:dc:1d:1d:87:
8e:75:81:40:46:e4:66:4b:0e:96:28:f2:21:91:61:dd:2f:5e:
99:40:b6:d1:72:59:39:0d:76:98:b4:9d:f2:92:89:85:c9:ed:
7d:a3:dc:f1:a0:13:26:d2:b4:2e:97:2c:56:f1:12:fa:2c:c6:
b8:36:b3:b0:e5:82:49:c4:a4:3b:78:1e:9b:b1:ae:c4:2f:ac:
ad:5e:13:ae:eb:76:6a:f2:9a:d8:88:c7:31:75:ec:f1:82:6d:
be:f0:13:a1:90:8e:28:47:fa:e8:1a:e9:3a:0f:fd:e9:a7:ba:
90:80:69:ee
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUOcxsF7phuHzGalsAHa8cgrZ7nhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MTgxNzM0MzBaFw0yNjA1MTcxNzM5MzBaMDMxMTAvBgNV
BAMTKEJGOTlBRDI3RjE2QTVDOTUzQjQwODNBNzgwRTMxQTE5QUQ3MDQ5RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyy31GdGFO4A8K17K2PpcZTloF
axxsu5fse7j10WaklsuKPOyJlG+WzDJC7LgYdCSwwFZYwDi2txsCnGFTLpw1mtOV
L4BBpX1eQiTAmGby8gl6XEg/Q1AJVA9C/jLyLOsUFRRYjtzff/F07agh3ybo3dO8
whIu8PFdEq5OznnfxJ/IdcNXM6f4vfiPLmSIIKR630l7g4VBflpanDzrKjmff1gY
Bx5UAJYvIfNNA+EMkGkMAzKK6XVfCuYurDgsNRn7GPny20BcVgpNU29XnJ7lZ/cB
ZXd2ImDZeTWeTpVhEiUlTa7sumWoLpHyV4Z53bG8A/5MPdvU/PmO7DCKEcB5AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUv5mtJ/FqXJU7QIOngOMaGa1wSfMwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzOTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzkzMzMxMzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACPFGEw
DQYJKoZIhvcNAQELBQADggEBAGCvuSEifOynkF7CASN6xKHN2YPDllzDSON+4q/U
gFS0kWPuEAjGRo+i+3U7EGOZgr/j9V4I67zOHDbMpSbCApd6rFp2JPM4uHhvZrHu
kkihzvGvQR9nyeP+QbbLk17g6EHJ8YVv8SmUYVzGixhCNBklD82jR+e24py8/3NA
iSXYHGSojHAv9IhyGQDg3B0dh451gUBG5GZLDpYo8iGRYd0vXplAttFyWTkNdpi0
nfKSiYXJ7X2j3PGgEybStC6XLFbxEvosxrg2s7DlgknEpDt4HpuxrsQvrK1eE67r
dmrymtiIxzF17PGCbb7wE6GQjihH+uga6ToP/emnupCAae4=
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:31:57 2025 by rpki-client