Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211443.roa
File: AS211443.roa (raw, json)
Hash identifier: Qs2SjawTbbRHBLq3mvSGMZTzTIEETP7oq89HQmHkp20=
Subject key identifier: A9:48:3A:89:9E:49:39:83:4B:5B:72:4D:F2:77:08:1E:20:C6:86:72
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 26334A2B6BCB99F8E83E375130AC0F75D24F02A8
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211443.roa
Signing time: Mon 11 Nov 2024 01:40:12 +0000
ROA not before: Mon 11 Nov 2024 01:35:12 +0000
ROA not after: Mon 10 Nov 2025 01:40:12 +0000
asID: 211443
IP address blocks: 2a06:a005:ed0::/44 maxlen: 48
2a06:a005:2a60::/44 maxlen: 48
2a06:a005:2a70::/44 maxlen: 48
2a06:a005:2a80::/44 maxlen: 48
2a06:a005:2a90::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 13 Dec 2024 02:56:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:33:4a:2b:6b:cb:99:f8:e8:3e:37:51:30:ac:0f:75:d2:4f:02:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 11 01:35:12 2024 GMT
Not After : Nov 10 01:40:12 2025 GMT
Subject: CN=A9483A899E4939834B5B724DF277081E20C68672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:67:7a:2c:40:f2:6b:01:55:49:9b:25:2c:f0:
d2:9f:75:b4:70:61:cd:45:d4:58:da:d5:6e:8d:86:
9c:c0:2b:39:83:0b:b7:6c:b1:f2:fc:1b:15:53:4b:
ae:fd:3d:83:11:1b:b6:53:40:f6:03:de:f6:35:0e:
3e:14:3b:6d:39:b3:9f:73:27:de:2d:a8:a0:61:ed:
1a:21:c2:bf:f2:a6:5c:b4:ee:b6:9e:d0:2b:b9:48:
ac:bd:f6:cd:ad:05:98:e2:32:77:48:55:0d:fa:44:
3c:56:b3:2a:68:55:fd:56:81:be:7d:89:76:36:18:
96:2b:ac:ff:8a:29:f3:88:2e:85:5b:88:cf:71:49:
fb:70:52:64:9d:39:39:ea:77:49:dd:68:ea:02:02:
56:5c:2a:ea:21:79:42:90:7c:0f:74:02:67:6b:06:
bd:3a:c9:a6:b6:ac:25:07:5d:f7:52:0f:b0:4a:45:
f0:c5:85:e6:3a:ae:1d:50:7d:fc:cf:65:91:4c:3b:
1c:a3:12:fe:94:40:b2:13:ec:87:58:2a:d2:49:be:
58:bb:90:f1:7a:4c:ee:b1:da:c4:9c:58:15:9c:3d:
8c:47:cc:5e:d7:e8:5a:5e:8e:68:16:b8:eb:ff:e9:
4a:fb:59:42:18:10:33:d5:1d:ed:2a:5f:a8:88:61:
60:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:48:3A:89:9E:49:39:83:4B:5B:72:4D:F2:77:08:1E:20:C6:86:72
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211443.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:ed0::/44
2a06:a005:2a60::-2a06:a005:2a9f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c0:91:cd:87:46:df:3e:50:fc:02:e0:36:89:7f:29:c3:ff:1f:
f2:02:ba:cf:a4:34:00:1b:1c:4f:a9:10:d3:85:aa:5e:c2:f8:
19:fa:67:d3:9d:18:f2:e7:a5:b4:4d:bc:59:31:4a:46:68:e6:
99:58:0a:c4:94:88:e6:46:af:4c:d0:ae:3b:05:b8:28:62:f2:
3f:20:7f:1c:e6:37:44:a3:7c:bc:90:b4:93:f2:7c:3f:d1:c4:
79:d3:f1:bc:53:b5:92:3a:0e:88:80:6e:cb:c9:87:35:93:3a:
99:fd:af:9b:63:5a:c1:5c:49:e2:68:68:26:67:e3:60:d7:3a:
5f:f8:66:bc:1c:61:52:3e:cd:3a:9d:3f:94:cb:e5:0d:e0:c3:
89:5b:98:2f:7f:86:5b:98:13:42:8f:80:f8:37:b0:f2:6b:f9:
16:dc:55:74:da:92:e0:88:37:10:27:41:c2:f3:a9:f1:4d:27:
a2:c6:c4:0a:a6:c7:c0:ef:41:63:7e:42:66:a0:92:0c:18:02:
74:97:a5:9f:56:a1:81:60:58:73:3f:04:aa:db:99:2c:de:da:
41:0b:53:94:b8:fe:46:7c:2c:42:d6:2b:0a:2b:e7:d6:c4:9c:
a1:da:72:f7:c0:6e:0d:d0:9e:df:55:e4:ed:7b:ad:ea:4d:43:
49:99:14:57
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUJjNKK2vLmfjoPjdRMKwPddJPAqgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMTEwMTM1MTJaFw0yNTExMTAwMTQwMTJaMDMxMTAvBgNV
BAMTKEE5NDgzQTg5OUU0OTM5ODM0QjVCNzI0REYyNzcwODFFMjBDNjg2NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsZ3osQPJrAVVJmyUs8NKfdbRw
Yc1F1Fja1W6NhpzAKzmDC7dssfL8GxVTS679PYMRG7ZTQPYD3vY1Dj4UO205s59z
J94tqKBh7Rohwr/yply07rae0Cu5SKy99s2tBZjiMndIVQ36RDxWsypoVf1Wgb59
iXY2GJYrrP+KKfOILoVbiM9xSftwUmSdOTnqd0ndaOoCAlZcKuoheUKQfA90Amdr
Br06yaa2rCUHXfdSD7BKRfDFheY6rh1QffzPZZFMOxyjEv6UQLIT7IdYKtJJvli7
kPF6TO6x2sScWBWcPYxHzF7X6FpejmgWuOv/6Ur7WUIYEDPVHe0qX6iIYWCpAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUqUg6iZ5JOYNLW3JN8ncIHiDGhnIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjExNDQzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcEKgagBQ7QMBIDBwUqBqAFKmADBwUqBqAFKoAwDQYJ
KoZIhvcNAQELBQADggEBAMCRzYdG3z5Q/ALgNol/KcP/H/ICus+kNAAbHE+pENOF
ql7C+Bn6Z9OdGPLnpbRNvFkxSkZo5plYCsSUiOZGr0zQrjsFuChi8j8gfxzmN0Sj
fLyQtJPyfD/RxHnT8bxTtZI6DoiAbsvJhzWTOpn9r5tjWsFcSeJoaCZn42DXOl/4
ZrwcYVI+zTqdP5TL5Q3gw4lbmC9/hluYE0KPgPg3sPJr+RbcVXTakuCINxAnQcLz
qfFNJ6LGxAqmx8DvQWN+QmagkgwYAnSXpZ9WoYFgWHM/BKrbmSze2kELU5S4/kZ8
LELWKwor59bEnKHacvfAbg3Qnt9V5O17repNQ0mZFFc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 01:42:16 2025 by rpki-client