Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e34382e302f32332d3234203d3e20383334.roa
File: 3134332e32302e34382e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: k+p3x+YZjPNp4Tx9V/TSlJoAAmZugFocYcgBybNm9gk=
Subject key identifier: 31:36:DD:E3:66:DC:23:3D:9E:B5:A9:B5:C0:99:7E:B9:D1:B6:60:DC
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 64E8BF456CA48F14259BF8A6F08C636C75C62B6E
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e34382e302f32332d3234203d3e20383334.roa
Signing time: Fri 30 May 2025 13:09:10 +0000
ROA not before: Fri 30 May 2025 13:04:10 +0000
ROA not after: Fri 29 May 2026 13:09:10 +0000
asID: 834
IP address blocks: 143.20.48.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:e8:bf:45:6c:a4:8f:14:25:9b:f8:a6:f0:8c:63:6c:75:c6:2b:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 30 13:04:10 2025 GMT
Not After : May 29 13:09:10 2026 GMT
Subject: CN=3136DDE366DC233D9EB5A9B5C0997EB9D1B660DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8f:3b:49:d5:19:d5:a9:b5:c6:ec:cf:c6:b0:
e7:70:1a:32:b6:4a:b3:cc:53:48:52:3d:2a:72:98:
94:19:cd:65:70:af:7b:34:d2:20:5e:60:86:41:3a:
59:76:66:b4:da:f8:33:b2:ee:ee:6b:45:48:bc:b6:
4a:f3:a0:22:1a:68:c0:04:7f:80:12:22:b5:41:52:
64:62:50:0d:06:09:99:b6:1e:50:dc:64:3f:69:92:
7e:28:0f:99:8d:14:74:16:d3:a7:d0:9a:bb:b9:2b:
b2:5e:5f:b6:4f:db:1a:a5:85:11:f6:88:4c:3b:2d:
84:50:c5:bf:43:3a:60:6b:00:e6:af:59:f2:b7:22:
82:df:f1:5d:66:5e:cf:f0:32:9b:52:2f:3a:87:a8:
08:f0:41:52:5f:cd:fe:53:22:a3:19:b4:cb:8e:5b:
6e:2e:28:c5:b5:b3:b5:51:40:7d:a9:a1:85:db:b7:
b9:cd:39:ed:73:46:44:9d:da:f7:56:03:44:0e:f0:
39:03:b3:68:e3:6f:ba:eb:64:fd:54:7d:fe:63:ef:
86:30:63:36:56:4f:b8:4a:3e:df:2c:b5:70:bf:58:
69:20:22:f2:90:0e:57:ae:27:3c:eb:35:9a:7a:32:
dd:fd:bc:be:55:39:de:db:1c:ee:f6:f0:40:b0:c7:
7a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:36:DD:E3:66:DC:23:3D:9E:B5:A9:B5:C0:99:7E:B9:D1:B6:60:DC
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e34382e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.48.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:da:8a:ec:e1:f2:ce:25:ed:1e:a4:d2:91:73:c2:6e:1c:9d:
25:1f:ab:63:dd:6a:dd:ab:37:65:1e:49:c9:ce:50:05:3f:61:
5c:93:61:e4:2f:dc:16:4b:0e:5d:a0:87:4c:c3:45:c1:62:22:
c3:e9:6b:da:8e:70:61:a2:a1:db:53:e6:dd:c9:da:1a:6d:37:
76:68:7a:6b:b2:6e:ab:c0:58:0f:4f:fb:9c:f4:17:c8:64:3c:
8b:d9:5e:3c:e1:22:f9:fc:99:78:1d:ff:5f:87:af:ee:74:85:
59:ca:12:cb:f0:4f:a1:7d:7b:70:50:4a:74:42:40:59:c8:49:
53:09:7c:20:3f:cd:d8:f6:be:71:a1:8f:47:2c:df:f6:21:e3:
7a:8c:5f:92:22:d1:da:c5:31:8a:48:f9:4e:26:e9:08:95:e4:
90:12:f0:01:39:96:6e:56:b6:9a:c6:9d:67:a0:a4:b6:5c:a8:
8a:c7:98:c9:1b:aa:73:37:46:e2:f5:36:cd:df:e7:ae:c3:32:
ce:f0:17:c0:ee:b4:d1:0c:8a:37:cf:ec:28:6f:40:ae:06:26:
e2:df:44:ae:ed:ee:78:dd:fe:be:74:97:22:ae:05:72:64:35:
69:42:1a:22:a9:a2:a6:4c:d9:04:a2:95:b8:15:84:36:f4:40:
2a:5b:d6:f6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUZOi/RWykjxQlm/im8IxjbHXGK24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MzAxMzA0MTBaFw0yNjA1MjkxMzA5MTBaMDMxMTAvBgNV
BAMTKDMxMzZEREUzNjZEQzIzM0Q5RUI1QTlCNUMwOTk3RUI5RDFCNjYwREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBjztJ1RnVqbXG7M/GsOdwGjK2
SrPMU0hSPSpymJQZzWVwr3s00iBeYIZBOll2ZrTa+DOy7u5rRUi8tkrzoCIaaMAE
f4ASIrVBUmRiUA0GCZm2HlDcZD9pkn4oD5mNFHQW06fQmru5K7JeX7ZP2xqlhRH2
iEw7LYRQxb9DOmBrAOavWfK3IoLf8V1mXs/wMptSLzqHqAjwQVJfzf5TIqMZtMuO
W24uKMW1s7VRQH2poYXbt7nNOe1zRkSd2vdWA0QO8DkDs2jjb7rrZP1Uff5j74Yw
YzZWT7hKPt8stXC/WGkgIvKQDleuJzzrNZp6Mt39vL5VOd7bHO728ECwx3ovAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUMTbd42bcIz2etam1wJl+udG2YNwwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzNDM4
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjxQwMA0G
CSqGSIb3DQEBCwUAA4IBAQA92ors4fLOJe0epNKRc8JuHJ0lH6tj3WrdqzdlHknJ
zlAFP2Fck2HkL9wWSw5doIdMw0XBYiLD6WvajnBhoqHbU+bdydoabTd2aHprsm6r
wFgPT/uc9BfIZDyL2V484SL5/Jl4Hf9fh6/udIVZyhLL8E+hfXtwUEp0QkBZyElT
CXwgP83Y9r5xoY9HLN/2IeN6jF+SItHaxTGKSPlOJukIleSQEvABOZZuVraaxp1n
oKS2XKiKx5jJG6pzN0bi9TbN3+euwzLO8BfA7rTRDIo3z+wob0CuBibi30Su7e54
3f6+dJcirgVyZDVpQhoiqaKmTNkEopW4FYQ29EAqW9b2
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:50:58 2025 by rpki-client