Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: MwvvUdJDqWfxEzwlKZ+9Lk4MVNA8JnrehAqkZ3wpnro=
Subject key identifier: 0B:D0:A3:E9:89:27:A2:02:C5:0C:A2:7B:54:5E:F3:BF:3F:09:12:FC
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 59F7788C559B4EB9DE37665A3E8E9D6EFE82494D
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS14618.roa
Signing time: Thu 05 Jun 2025 17:39:51 +0000
ROA not before: Thu 05 Jun 2025 17:34:51 +0000
ROA not after: Thu 04 Jun 2026 17:39:51 +0000
asID: 14618
IP address blocks: 143.20.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 18:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:f7:78:8c:55:9b:4e:b9:de:37:66:5a:3e:8e:9d:6e:fe:82:49:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jun 5 17:34:51 2025 GMT
Not After : Jun 4 17:39:51 2026 GMT
Subject: CN=0BD0A3E98927A202C50CA27B545EF3BF3F0912FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fd:f5:14:ac:76:9f:3e:a1:c2:90:93:45:f3:
81:95:9d:8c:6c:46:3c:81:70:00:b1:f8:2c:d4:23:
98:e6:7c:db:ee:31:1a:84:c7:bc:b2:32:71:bc:2a:
fb:45:93:75:a6:a3:1c:51:fc:88:6e:de:cd:73:cd:
f8:8d:26:b6:62:45:b0:e9:2f:60:96:a7:8b:25:22:
b5:3f:57:ca:82:0d:4f:01:b2:d3:2e:68:3e:c9:97:
a1:c2:67:4c:78:16:d6:e8:2e:ad:c7:b0:be:e3:ac:
70:db:9a:3f:8f:a7:fd:45:04:0b:5b:22:0c:47:30:
03:81:7b:10:75:15:7e:49:15:b0:60:ff:ce:5a:aa:
e4:10:e7:d5:ea:bd:f8:f6:70:67:99:cc:a2:f0:41:
c9:a6:4c:3f:d6:fa:78:3b:da:7f:40:83:47:62:d4:
12:08:b9:8b:da:c0:3c:32:52:23:f3:51:d3:bf:aa:
82:ad:28:bd:81:bd:53:56:94:29:ac:61:a3:83:a5:
cf:cb:e3:d6:bf:a4:74:53:bd:0a:2f:d8:85:c5:8c:
a1:ed:5f:42:4b:da:57:c7:dd:8f:ca:80:44:9c:54:
ee:f5:46:16:83:9d:5d:52:a1:60:48:96:88:ca:07:
14:6e:c4:26:61:f3:e1:a0:80:0e:80:97:c8:48:51:
eb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D0:A3:E9:89:27:A2:02:C5:0C:A2:7B:54:5E:F3:BF:3F:09:12:FC
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.60.0/24
Signature Algorithm: sha256WithRSAEncryption
88:18:5e:e3:4a:8f:1a:06:a8:6a:db:78:d8:14:f1:eb:95:35:
d2:57:4d:7f:e3:88:a3:a4:72:38:82:bb:73:85:e2:fe:71:4e:
f9:05:09:3b:f0:fb:41:26:03:a8:76:de:0a:f0:09:e2:7b:e8:
c5:48:85:6b:8b:76:6b:53:0a:0f:d4:ae:3a:f6:23:c5:85:aa:
10:74:e2:29:9c:f3:cd:af:f0:25:14:ea:f4:03:b7:47:2d:1f:
ce:37:5f:9a:b2:90:31:e9:b9:14:f5:8f:24:97:a1:35:13:71:
1b:3d:7e:d3:a4:73:8c:22:5b:c3:e8:66:42:c7:07:07:4c:aa:
b5:97:ea:1d:48:2c:70:b1:26:a2:45:e8:5c:ed:b8:bc:de:f1:
26:c6:fb:d0:41:b3:5e:d7:1d:77:d1:3f:f9:90:26:ae:83:c3:
e7:5a:44:44:03:54:2f:63:e6:d2:37:20:cb:29:8a:75:69:e3:
94:b4:84:7c:b3:b0:95:25:d1:dc:c1:cf:b7:45:65:ef:42:52:
4f:8c:2b:c3:d1:96:5c:f0:f3:f0:0e:21:c4:27:07:3e:2e:5f:
ff:ab:db:71:4a:3e:ac:9f:bc:65:95:2e:27:99:8d:df:ea:e8:
fe:fd:9d:3e:7a:df:aa:9c:d4:c0:f0:18:69:9a:9c:89:81:63:
9b:3e:5f:ef
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUWfd4jFWbTrneN2ZaPo6dbv6CSU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA2MDUxNzM0NTFaFw0yNjA2MDQxNzM5NTFaMDMxMTAvBgNV
BAMTKDBCRDBBM0U5ODkyN0EyMDJDNTBDQTI3QjU0NUVGM0JGM0YwOTEyRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI/fUUrHafPqHCkJNF84GVnYxs
RjyBcACx+CzUI5jmfNvuMRqEx7yyMnG8KvtFk3WmoxxR/Ihu3s1zzfiNJrZiRbDp
L2CWp4slIrU/V8qCDU8BstMuaD7Jl6HCZ0x4FtboLq3HsL7jrHDbmj+Pp/1FBAtb
IgxHMAOBexB1FX5JFbBg/85aquQQ59Xqvfj2cGeZzKLwQcmmTD/W+ng72n9Ag0di
1BIIuYvawDwyUiPzUdO/qoKtKL2BvVNWlCmsYaODpc/L49a/pHRTvQov2IXFjKHt
X0JL2lfH3Y/KgEScVO71RhaDnV1SoWBIlojKBxRuxCZh8+GggA6Al8hIUetDAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUC9Cj6YknogLFDKJ7VF7zvz8JEvwwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACPFDww
DQYJKoZIhvcNAQELBQADggEBAIgYXuNKjxoGqGrbeNgU8euVNdJXTX/jiKOkcjiC
u3OF4v5xTvkFCTvw+0EmA6h23grwCeJ76MVIhWuLdmtTCg/Urjr2I8WFqhB04imc
882v8CUU6vQDt0ctH843X5qykDHpuRT1jySXoTUTcRs9ftOkc4wiW8PoZkLHBwdM
qrWX6h1ILHCxJqJF6FztuLze8SbG+9BBs17XHXfRP/mQJq6Dw+daREQDVC9j5tI3
IMspinVp45S0hHyzsJUl0dzBz7dFZe9CUk+MK8PRllzw8/AOIcQnBz4uX/+r23FK
PqyfvGWVLieZjd/q6P79nT5636qc1MDwGGmanImBY5s+X+8=
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:21:16 2025 by rpki-client