Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e35322e302f32322d3234203d3e20383334.roa
File: 3134332e32302e35322e302f32322d3234203d3e20383334.roa (raw, json)
Hash identifier: 3GNdPWMgcCP90T/jmZFFNxze/iIMiyoK9wCtVM6H/uQ=
Subject key identifier: 17:C9:E3:32:E6:E8:30:C4:39:D9:F2:7B:2C:A8:9D:66:95:C6:4C:20
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 4C73AE988D26B8105865B575F8432B1FD1E9501B
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e35322e302f32322d3234203d3e20383334.roa
Signing time: Fri 30 May 2025 13:09:10 +0000
ROA not before: Fri 30 May 2025 13:04:10 +0000
ROA not after: Fri 29 May 2026 13:09:10 +0000
asID: 834
IP address blocks: 143.20.52.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 17:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:73:ae:98:8d:26:b8:10:58:65:b5:75:f8:43:2b:1f:d1:e9:50:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 30 13:04:10 2025 GMT
Not After : May 29 13:09:10 2026 GMT
Subject: CN=17C9E332E6E830C439D9F27B2CA89D6695C64C20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:38:30:62:ba:42:f8:09:8f:fb:81:fb:44:db:
62:6d:be:2d:1c:37:0e:e9:75:74:06:2f:7f:ea:e4:
f5:71:d3:bc:52:97:17:78:7b:1e:6b:f0:1e:81:c8:
32:3a:49:04:6a:53:ec:10:c8:44:c3:fc:84:d1:98:
d4:95:28:97:a0:7e:a3:54:75:91:d1:dd:c1:d6:be:
02:60:ec:4f:77:1c:c6:6c:f2:9e:94:fe:58:87:58:
8e:40:d1:9c:49:a3:43:1c:c7:b2:87:73:86:83:7c:
cc:ec:e1:1a:be:a8:3b:18:eb:c9:88:95:f5:08:6a:
96:bd:7e:5b:f4:67:4f:e8:a1:08:09:a4:ef:bd:f4:
0b:d8:f2:6c:a3:d3:fb:4e:94:87:1c:9d:83:94:9b:
a1:d5:31:fe:01:bf:5f:93:95:f2:7b:5f:90:4b:6e:
9f:5b:44:98:85:9c:f8:74:34:19:4e:e9:1a:75:e3:
fa:3a:ea:c5:43:39:78:c3:f6:6c:78:ee:21:84:0f:
40:af:68:b1:eb:d2:e5:1d:32:ec:b0:aa:4e:dc:77:
f4:34:19:85:fb:63:91:60:91:ab:a7:c9:06:01:15:
b3:65:7f:2d:d8:0f:6a:3a:e7:ae:59:81:f0:a3:40:
31:11:bc:fc:67:ce:ac:2a:d6:d3:4d:96:fe:0e:b7:
bd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C9:E3:32:E6:E8:30:C4:39:D9:F2:7B:2C:A8:9D:66:95:C6:4C:20
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e35322e302f32322d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.52.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:03:e7:5c:8c:0b:97:d9:3e:fd:33:ba:f2:ab:c1:9f:eb:a3:
c6:63:1f:51:bb:72:bd:37:04:68:78:97:e8:15:a6:2a:c7:db:
7c:81:b5:37:d0:75:4a:3f:fd:1a:c3:00:bf:0e:a0:2c:14:ab:
59:f1:2e:c4:cc:9b:a7:3e:60:8f:11:58:ab:e7:76:a1:3b:94:
28:95:46:73:43:02:bf:77:6f:21:11:8f:b9:76:71:90:3e:49:
ab:87:99:66:9a:17:65:d0:9e:d0:f7:7d:f3:db:58:a0:d6:bd:
ba:84:47:1a:51:41:a1:4e:7d:67:3a:48:74:7c:32:3c:f3:bd:
d7:f6:a9:08:2d:8e:38:92:97:a6:14:12:ee:1b:56:15:73:b2:
f1:5f:84:25:e2:3d:ad:05:61:a5:f5:84:65:b3:e4:fb:c8:a8:
a0:34:13:0e:3b:cb:c1:b8:a0:35:6e:12:21:f6:1b:8f:08:5d:
97:c2:8b:f2:21:6d:ee:45:ed:3c:e4:c8:f4:2b:78:46:f3:df:
ba:a6:ad:f2:a4:38:64:28:7f:54:14:f0:2b:49:dd:f3:bb:b0:
92:9b:6d:40:52:b4:46:c0:4b:6b:e2:ba:b2:62:22:01:04:d0:
d2:d5:2c:f8:19:b0:34:f3:0f:c3:ea:9a:53:2a:05:ba:e0:e6:
59:25:c8:3c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUTHOumI0muBBYZbV1+EMrH9HpUBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MzAxMzA0MTBaFw0yNjA1MjkxMzA5MTBaMDMxMTAvBgNV
BAMTKDE3QzlFMzMyRTZFODMwQzQzOUQ5RjI3QjJDQTg5RDY2OTVDNjRDMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWODBiukL4CY/7gftE22Jtvi0c
Nw7pdXQGL3/q5PVx07xSlxd4ex5r8B6ByDI6SQRqU+wQyETD/ITRmNSVKJegfqNU
dZHR3cHWvgJg7E93HMZs8p6U/liHWI5A0ZxJo0Mcx7KHc4aDfMzs4Rq+qDsY68mI
lfUIapa9flv0Z0/ooQgJpO+99AvY8myj0/tOlIccnYOUm6HVMf4Bv1+TlfJ7X5BL
bp9bRJiFnPh0NBlO6Rp14/o66sVDOXjD9mx47iGED0CvaLHr0uUdMuywqk7cd/Q0
GYX7Y5FgkaunyQYBFbNlfy3YD2o6565ZgfCjQDERvPxnzqwq1tNNlv4Ot70PAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUF8njMuboMMQ52fJ7LKidZpXGTCAwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzNTMy
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjxQ0MA0G
CSqGSIb3DQEBCwUAA4IBAQCKA+dcjAuX2T79M7ryq8Gf66PGYx9Ru3K9NwRoeJfo
FaYqx9t8gbU30HVKP/0awwC/DqAsFKtZ8S7EzJunPmCPEVir53ahO5QolUZzQwK/
d28hEY+5dnGQPkmrh5lmmhdl0J7Q933z21ig1r26hEcaUUGhTn1nOkh0fDI8873X
9qkILY44kpemFBLuG1YVc7LxX4Ql4j2tBWGl9YRls+T7yKigNBMOO8vBuKA1bhIh
9huPCF2XwovyIW3uRe085Mj0K3hG89+6pq3ypDhkKH9UFPArSd3zu7CSm21AUrRG
wEtr4rqyYiIBBNDS1Sz4GbA08w/D6ppTKgW64OZZJcg8
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:46:03 2025 by rpki-client