Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/326130623a346530373a6138303a3a2f34382d3438203d3e20323134333639.roa
File: 326130623a346530373a6138303a3a2f34382d3438203d3e20323134333639.roa (raw, json)
Hash identifier: EWGWi1yljQ96bjNOjVeynC4c/DgKrZuCKwxChfd0rvQ=
Subject key identifier: 8C:C6:98:D2:88:12:0C:04:B3:B3:15:46:FB:8A:CC:7F:1A:83:8E:CD
Certificate issuer: /CN=966427869FCAD15ECBE4F1C77A3FB3C68BD1F917
Certificate serial: 1B38C8A0AFC2465E50E9DC89017D3BD7011E4F81
Authority key identifier: 96:64:27:86:9F:CA:D1:5E:CB:E4:F1:C7:7A:3F:B3:C6:8B:D1:F9:17
Authority info access: rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/326130623a346530373a6138303a3a2f34382d3438203d3e20323134333639.roa
Signing time: Wed 16 Jul 2025 14:11:06 +0000
ROA not before: Wed 16 Jul 2025 14:06:06 +0000
ROA not after: Wed 15 Jul 2026 14:11:06 +0000
asID: 214369
IP address blocks: 2a0b:4e07:a80::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 18 Jul 2025 17:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:38:c8:a0:af:c2:46:5e:50:e9:dc:89:01:7d:3b:d7:01:1e:4f:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=966427869FCAD15ECBE4F1C77A3FB3C68BD1F917
Validity
Not Before: Jul 16 14:06:06 2025 GMT
Not After : Jul 15 14:11:06 2026 GMT
Subject: CN=8CC698D288120C04B3B31546FB8ACC7F1A838ECD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b2:d3:84:0c:b6:bb:3a:1d:55:27:0a:33:50:
94:f0:ab:46:e8:8d:11:85:5d:6b:28:d5:a7:82:01:
7b:e0:1e:ae:c1:9d:87:4c:66:86:6a:61:57:0f:95:
64:c8:07:e7:e2:53:74:77:66:4b:7b:c4:a4:42:9a:
2a:80:c2:d6:47:e2:c0:01:ed:39:19:09:c2:5d:c4:
9c:fc:61:b6:9d:05:0b:6c:c4:c2:75:39:36:06:12:
0b:7a:86:99:b7:ec:0a:3d:34:65:ed:80:c1:c7:b3:
bb:15:64:a8:67:5a:60:6a:e8:47:4a:92:42:92:01:
94:5f:a1:ed:bc:44:2a:05:f8:83:d0:e6:23:35:9f:
4b:15:88:39:43:d2:6f:05:6d:8a:ec:e2:4d:57:5b:
51:2e:a8:6d:d8:67:09:58:ce:39:6a:e4:76:af:d9:
8d:14:93:eb:3d:cd:d1:1f:7d:6b:73:73:14:72:a5:
a7:69:7a:61:f2:40:e4:da:c1:a3:2d:51:e7:5a:1d:
25:96:ae:4c:0b:4c:3a:7a:b3:ba:6b:a5:60:12:14:
0c:f1:35:fb:f3:8c:03:a9:63:65:37:ca:e1:1e:25:
87:1f:af:41:aa:63:7e:60:58:ae:14:43:4c:1b:0d:
7e:c5:42:f6:d3:fb:ae:72:36:16:b0:b0:a8:7f:49:
ac:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C6:98:D2:88:12:0C:04:B3:B3:15:46:FB:8A:CC:7F:1A:83:8E:CD
X509v3 Authority Key Identifier:
keyid:96:64:27:86:9F:CA:D1:5E:CB:E4:F1:C7:7A:3F:B3:C6:8B:D1:F9:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/326130623a346530373a6138303a3a2f34382d3438203d3e20323134333639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e07:a80::/48
Signature Algorithm: sha256WithRSAEncryption
24:0e:24:82:38:ed:b5:1a:d6:a0:99:e4:ec:6e:50:f5:bd:0a:
20:1a:ca:c7:9a:60:53:5f:60:dc:d9:1d:12:8e:ad:cd:19:d6:
a1:5f:06:59:13:86:ce:16:2f:a5:66:76:83:42:93:54:91:94:
05:70:71:a2:10:1b:7c:c3:45:a4:c2:54:2d:21:c6:8a:69:fb:
8b:30:96:59:ef:c7:3d:77:3e:de:fb:b4:4c:45:4c:10:f9:0b:
03:e4:4c:14:09:c6:3e:2e:a5:3e:3e:17:fc:90:a0:f3:d9:4c:
2a:1f:c3:30:0a:e5:f2:85:6f:4f:5f:c0:3e:a0:58:92:82:25:
60:14:18:9f:6b:e3:4d:6b:0c:88:fa:48:25:eb:6b:94:71:8d:
f1:f3:e6:ef:a0:0f:09:03:02:a3:bb:12:a2:48:25:da:fa:52:
7f:9d:c0:27:ee:87:b3:eb:b7:e9:94:23:15:7c:52:14:d7:e2:
21:69:10:bc:ba:82:c7:19:63:8e:04:e1:15:b2:a7:d2:55:6f:
97:a2:ca:25:43:fb:d1:0c:4f:6b:b3:d9:21:80:7b:0a:a6:f7:
c2:6d:c4:16:e3:78:69:68:94:62:63:c2:88:25:70:a7:38:2c:
aa:0a:f2:c5:02:2e:44:18:3e:ff:5f:e9:af:26:9d:8d:36:c0:
4b:f9:0e:01
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIUGzjIoK/CRl5Q6dyJAX071wEeT4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTY2NDI3ODY5RkNBRDE1RUNCRTRGMUM3N0EzRkIzQzY4
QkQxRjkxNzAeFw0yNTA3MTYxNDA2MDZaFw0yNjA3MTUxNDExMDZaMDMxMTAvBgNV
BAMTKDhDQzY5OEQyODgxMjBDMDRCM0IzMTU0NkZCOEFDQzdGMUE4MzhFQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVstOEDLa7Oh1VJwozUJTwq0bo
jRGFXWso1aeCAXvgHq7BnYdMZoZqYVcPlWTIB+fiU3R3Zkt7xKRCmiqAwtZH4sAB
7TkZCcJdxJz8YbadBQtsxMJ1OTYGEgt6hpm37Ao9NGXtgMHHs7sVZKhnWmBq6EdK
kkKSAZRfoe28RCoF+IPQ5iM1n0sViDlD0m8FbYrs4k1XW1EuqG3YZwlYzjlq5Hav
2Y0Uk+s9zdEffWtzcxRypadpemHyQOTawaMtUedaHSWWrkwLTDp6s7prpWASFAzx
NfvzjAOpY2U3yuEeJYcfr0GqY35gWK4UQ0wbDX7FQvbT+65yNhawsKh/SazNAgMB
AAGjggJ4MIICdDAdBgNVHQ4EFgQUjMaY0ogSDASzsxVG+4rMfxqDjs0wHwYDVR0j
BBgwFoAUlmQnhp/K0V7L5PHHej+zxovR+RcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM3ZDI1MTItZTRiZi00MTFiLWIwMGEtZTc5ZTNhMzc4
YjQ2LzEvOTY2NDI3ODY5RkNBRDE1RUNCRTRGMUM3N0EzRkIzQzY4QkQxRjkxNy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzgxYTQ0NTY2NDU4ZTQ1NzhiNjdlZWQz
MDUzZjgyMGY1LzEvOTY2NDI3ODY5RkNBRDE1RUNCRTRGMUM3N0EzRkIzQzY4QkQx
RjkxNy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWM3ZDI1MTIt
ZTRiZi00MTFiLWIwMGEtZTc5ZTNhMzc4YjQ2LzEvMzI2MTMwNjIzYTM0NjUzMDM3
M2E2MTM4MzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzQzMzM2Mzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqC04HCoAwDQYJKoZIhvcNAQELBQADggEBACQOJII47bUa1qCZ5Oxu
UPW9CiAayseaYFNfYNzZHRKOrc0Z1qFfBlkThs4WL6VmdoNCk1SRlAVwcaIQG3zD
RaTCVC0hxopp+4swllnvxz13Pt77tExFTBD5CwPkTBQJxj4upT4+F/yQoPPZTCof
wzAK5fKFb09fwD6gWJKCJWAUGJ9r401rDIj6SCXra5RxjfHz5u+gDwkDAqO7EqJI
Jdr6Un+dwCfuh7Prt+mUIxV8UhTX4iFpELy6gscZY44E4RWyp9JVb5eiyiVD+9EM
T2uz2SGAewqm98JtxBbjeGlolGJjwoglcKc4LKoK8sUCLkQYPv9f6a8mnY02wEv5
DgE=
-----END CERTIFICATE-----
Generated at Thu Jul 24 11:56:14 2025 by rpki-client