Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: LuV//YAm+Jaqlw6oEmRpowDJI4ezmIbqHnhZGrhsZbY=
Subject key identifier: 09:BA:4B:AF:9A:41:38:41:6C:14:24:50:91:AD:D4:44:0A:83:99:B5
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 0D3E95D49753541B54041AB1A1BD5C4A196183FE
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS212238.roa
Signing time: Fri 05 Sep 2025 20:05:55 +0000
ROA not before: Fri 05 Sep 2025 20:00:55 +0000
ROA not after: Fri 04 Sep 2026 20:05:55 +0000
asID: 212238
IP address blocks: 143.20.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Oct 2025 00:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:3e:95:d4:97:53:54:1b:54:04:1a:b1:a1:bd:5c:4a:19:61:83:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Sep 5 20:00:55 2025 GMT
Not After : Sep 4 20:05:55 2026 GMT
Subject: CN=09BA4BAF9A4138416C14245091ADD4440A8399B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:61:ae:10:7f:bf:79:56:c1:b3:ba:e1:2c:1a:
ce:0c:28:27:5a:bc:ec:54:89:39:6d:02:3c:88:8f:
77:33:f2:51:a6:94:fa:1f:6c:4a:35:fe:2b:73:3d:
2f:06:20:7a:8d:34:7d:7d:33:d4:2b:6b:fd:a1:7f:
0c:66:5a:3d:f1:4e:24:31:de:4b:99:8d:c4:21:86:
c9:09:d5:e8:df:b4:e6:91:44:e1:cb:79:4b:a0:8b:
7b:2d:f4:b9:0e:48:33:0c:ab:7c:72:5a:44:0d:35:
cb:25:5d:3f:49:d7:53:4b:c9:fd:05:1c:6b:c5:b3:
ac:72:d7:f2:a5:13:00:bd:71:33:52:b9:5b:f9:c7:
e2:16:25:d3:52:ac:38:65:e1:1b:ba:fa:11:43:9e:
38:d1:e4:0d:ab:ed:6d:e8:90:26:9a:70:18:06:a9:
84:02:24:3c:49:ef:f8:10:af:b6:aa:aa:d7:8f:4d:
c5:2f:da:75:87:4e:20:29:30:48:e9:b7:e3:37:56:
2b:92:e4:7d:51:a6:c3:e0:44:71:ed:92:aa:e6:10:
84:25:19:45:73:66:dd:f5:29:02:b8:36:18:aa:16:
16:8e:b3:73:45:6b:a0:3b:86:4d:e2:52:52:7f:32:
8f:c8:ec:2b:c1:dc:5e:02:74:e4:6e:77:c0:0f:42:
38:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BA:4B:AF:9A:41:38:41:6C:14:24:50:91:AD:D4:44:0A:83:99:B5
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.134.0/24
Signature Algorithm: sha256WithRSAEncryption
19:1f:11:a7:1f:96:15:3d:63:d0:8a:c2:8a:11:d7:62:77:b6:
3b:a3:56:d3:de:87:00:30:6c:97:9c:07:2b:35:77:5b:2c:d1:
7b:f6:a9:c4:f6:e3:e0:90:da:ba:a8:c5:3d:06:0e:9a:dd:2c:
be:f8:c9:51:a4:f8:a6:b9:f3:14:c4:80:0f:79:0c:32:32:31:
ae:e5:9c:34:22:39:1f:e8:05:d9:29:8d:56:a2:e3:f5:46:fc:
ff:ad:00:67:c7:27:22:c9:4d:00:52:81:6a:9b:c5:b9:8a:8c:
de:1f:ff:4b:04:36:5b:64:97:b2:c7:98:51:a1:76:54:84:08:
12:99:14:61:d5:03:0b:a4:d1:85:0d:f4:93:ad:6a:3e:50:d3:
74:ff:50:87:6d:5a:19:a3:3a:fa:fe:5e:75:4e:91:65:12:02:
b9:7d:ae:cc:2d:07:b6:75:a9:fc:56:62:ea:69:d7:cc:4b:39:
43:17:70:0a:35:98:f0:38:71:e3:c5:d3:19:57:af:2c:cb:0b:
da:6f:8b:33:43:ac:7f:a1:65:88:c6:b7:89:99:1e:38:4f:ea:
02:13:2e:e2:06:c4:45:76:0f:db:6d:20:b7:40:86:25:d2:64:
4e:92:17:77:dc:54:01:65:f7:f5:5d:ea:e4:12:b8:19:87:3c:
a6:85:58:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUDT6V1JdTVBtUBBqxob1cShlhg/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA5MDUyMDAwNTVaFw0yNjA5MDQyMDA1NTVaMDMxMTAvBgNV
BAMTKDA5QkE0QkFGOUE0MTM4NDE2QzE0MjQ1MDkxQURENDQ0MEE4Mzk5QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjYa4Qf795VsGzuuEsGs4MKCda
vOxUiTltAjyIj3cz8lGmlPofbEo1/itzPS8GIHqNNH19M9Qra/2hfwxmWj3xTiQx
3kuZjcQhhskJ1ejftOaRROHLeUugi3st9LkOSDMMq3xyWkQNNcslXT9J11NLyf0F
HGvFs6xy1/KlEwC9cTNSuVv5x+IWJdNSrDhl4Ru6+hFDnjjR5A2r7W3okCaacBgG
qYQCJDxJ7/gQr7aqqtePTcUv2nWHTiApMEjpt+M3ViuS5H1RpsPgRHHtkqrmEIQl
GUVzZt31KQK4NhiqFhaOs3NFa6A7hk3iUlJ/Mo/I7CvB3F4CdORud8APQjgDAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUCbpLr5pBOEFsFCRQka3URAqDmbUwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjxSG
MA0GCSqGSIb3DQEBCwUAA4IBAQAZHxGnH5YVPWPQisKKEddid7Y7o1bT3ocAMGyX
nAcrNXdbLNF79qnE9uPgkNq6qMU9Bg6a3Sy++MlRpPimufMUxIAPeQwyMjGu5Zw0
Ijkf6AXZKY1WouP1Rvz/rQBnxyciyU0AUoFqm8W5iozeH/9LBDZbZJeyx5hRoXZU
hAgSmRRh1QMLpNGFDfSTrWo+UNN0/1CHbVoZozr6/l51TpFlEgK5fa7MLQe2dan8
VmLqadfMSzlDF3AKNZjwOHHjxdMZV68sywvab4szQ6x/oWWIxreJmR44T+oCEy7i
BsRFdg/bbSC3QIYl0mROkhd33FQBZff1XerkErgZhzymhVjA
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:29:48 2025 by rpki-client