Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366264303a3a2f34382d3438203d3e203136393039.roa
File: 326131343a373538343a366264303a3a2f34382d3438203d3e203136393039.roa (raw, json)
Hash identifier: ZstsJEzgWfXbMLQX/H7GmZTRZ+5JsNtLnBMYW4Tjpgg=
Subject key identifier: 4F:84:00:CE:AA:B8:05:BA:9A:E5:F4:35:C8:32:70:44:07:24:2A:18
Certificate issuer: /CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Certificate serial: 1EA030260B3473F1E63D187455A825E841FD586A
Authority key identifier: 7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366264303a3a2f34382d3438203d3e203136393039.roa
Signing time: Sat 01 Feb 2025 19:33:11 +0000
ROA not before: Sat 01 Feb 2025 19:28:11 +0000
ROA not after: Sat 31 Jan 2026 19:33:11 +0000
asID: 16909
IP address blocks: 2a14:7584:6bd0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Feb 2025 15:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:a0:30:26:0b:34:73:f1:e6:3d:18:74:55:a8:25:e8:41:fd:58:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Validity
Not Before: Feb 1 19:28:11 2025 GMT
Not After : Jan 31 19:33:11 2026 GMT
Subject: CN=4F8400CEAAB805BA9AE5F435C832704407242A18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3c:fa:1c:fe:03:a4:d4:6a:8b:80:33:cc:1c:
ce:a7:29:4e:23:4a:c7:92:98:9b:9c:43:ba:98:53:
30:76:e8:ed:40:f5:2f:b2:04:e9:54:1d:fd:02:85:
8c:e7:cb:be:e9:e0:66:6c:b4:84:da:f5:78:20:db:
06:28:ec:db:07:01:37:db:81:50:78:2f:00:16:dd:
75:b9:06:d5:3b:32:fc:33:97:75:a5:20:a3:12:3e:
5f:41:96:ca:02:a6:69:b3:e5:41:a2:75:ea:eb:80:
c6:0b:74:e9:57:d1:bb:48:bb:e8:ae:6a:94:99:64:
54:82:3d:2f:15:3c:ce:a8:17:04:e1:3f:2a:47:69:
2c:cb:54:b1:d5:d4:ef:8e:01:7c:24:eb:da:34:c1:
03:ac:ec:66:8f:c0:06:bc:f7:e9:ad:fc:a2:39:95:
d0:67:3e:14:27:21:49:c1:87:e5:0b:b7:85:29:4b:
8d:86:d9:40:95:62:54:92:ab:8f:72:8a:01:f6:e3:
61:35:83:bb:fa:e5:e0:d9:93:0e:f5:5e:21:a3:f4:
f7:64:1c:ef:5e:3e:b6:cd:cf:0a:6d:d7:ab:eb:57:
ae:ec:68:8d:b7:3a:4b:5d:49:fa:f1:98:d9:1d:5d:
aa:d9:74:d7:6e:86:c7:cd:26:20:ea:e8:9e:c7:00:
61:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:84:00:CE:AA:B8:05:BA:9A:E5:F4:35:C8:32:70:44:07:24:2A:18
X509v3 Authority Key Identifier:
keyid:7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366264303a3a2f34382d3438203d3e203136393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7584:6bd0::/48
Signature Algorithm: sha256WithRSAEncryption
63:19:87:f3:7d:0d:b9:ca:51:d6:a2:10:ad:91:dc:c9:0b:0e:
80:90:2f:52:5e:49:93:c1:97:aa:b8:23:d8:74:ba:74:98:94:
9f:92:a0:15:0a:a5:ab:74:c8:2a:03:80:26:2c:80:ec:94:b4:
e3:ab:30:39:55:0f:ab:79:3c:fa:08:f6:c8:fd:0a:74:61:75:
e4:f4:d9:fb:61:d4:50:b2:be:10:aa:81:ff:bd:c3:3e:6b:af:
34:26:9d:ad:b8:9d:39:98:31:0b:c4:ab:85:66:a0:b6:32:9d:
1a:67:19:ad:74:10:44:dd:6b:2c:ff:da:80:7e:a9:62:eb:22:
c8:0e:3e:95:b1:18:81:88:a6:de:89:35:23:fa:72:5e:e8:76:
bf:10:a1:1b:92:1f:1b:40:d2:59:40:69:55:51:f5:60:06:dc:
28:13:46:d4:9e:cc:cc:91:c4:cd:9c:e6:f0:5d:3c:86:9a:f9:
44:38:8e:d3:64:2d:44:1a:d5:2b:64:6a:5d:6f:e8:00:48:5a:
f0:90:67:c1:c8:95:97:ad:08:75:66:2d:38:a0:c1:dc:5b:83:
47:98:bc:ff:58:bb:59:fd:43:89:8f:31:fc:83:53:43:48:42:
ae:a0:08:a0:28:65:89:73:d3:1e:5a:01:b9:67:e2:b0:39:af:
06:7f:3e:43
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHqAwJgs0c/HmPRh0Vagl6EH9WGowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0NCMjZGNzY0MkZENkI0Q0JGMzVGQkVFNDU1RjFFRkIw
QzlGMEE0NTAeFw0yNTAyMDExOTI4MTFaFw0yNjAxMzExOTMzMTFaMDMxMTAvBgNV
BAMTKDRGODQwMENFQUFCODA1QkE5QUU1RjQzNUM4MzI3MDQ0MDcyNDJBMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/PPoc/gOk1GqLgDPMHM6nKU4j
SseSmJucQ7qYUzB26O1A9S+yBOlUHf0ChYzny77p4GZstITa9Xgg2wYo7NsHATfb
gVB4LwAW3XW5BtU7Mvwzl3WlIKMSPl9BlsoCpmmz5UGiderrgMYLdOlX0btIu+iu
apSZZFSCPS8VPM6oFwThPypHaSzLVLHV1O+OAXwk69o0wQOs7GaPwAa89+mt/KI5
ldBnPhQnIUnBh+ULt4UpS42G2UCVYlSSq49yigH242E1g7v65eDZkw71XiGj9Pdk
HO9ePrbNzwpt16vrV67saI23OktdSfrxmNkdXarZdNduhsfNJiDq6J7HAGEPAgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUT4QAzqq4Bbqa5fQ1yDJwRAckKhgwHwYDVR0j
BBgwFoAUfLJvdkL9a0y/NfvuRV8e+wyfCkUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNkZjQ1YTBlYTY2ODcvMS83Q0IyNkY3NjQy
RkQ2QjRDQkYzNUZCRUU0NTVGMUVGQjBDOUYwQTQ1LmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUtNDI5OS1iMDc5LTMwOWVkOTdm
MzgyNC8wLzdDQjI2Rjc2NDJGRDZCNENCRjM1RkJFRTQ1NUYxRUZCMEM5RjBBNDUu
Y2VyMIGqBggrBgEFBQcBCwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNk
ZjQ1YTBlYTY2ODcvMS8zMjYxMzEzNDNhMzczNTM4MzQzYTM2NjI2NDMwM2EzYTJm
MzQzODJkMzQzODIwM2QzZTIwMzEzNjM5MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoUdYRr0DAN
BgkqhkiG9w0BAQsFAAOCAQEAYxmH830NucpR1qIQrZHcyQsOgJAvUl5Jk8GXqrgj
2HS6dJiUn5KgFQqlq3TIKgOAJiyA7JS046swOVUPq3k8+gj2yP0KdGF15PTZ+2HU
ULK+EKqB/73DPmuvNCadrbidOZgxC8SrhWagtjKdGmcZrXQQRN1rLP/agH6pYusi
yA4+lbEYgYim3ok1I/pyXuh2vxChG5IfG0DSWUBpVVH1YAbcKBNG1J7MzJHEzZzm
8F08hpr5RDiO02QtRBrVK2RqXW/oAEha8JBnwciVl60IdWYtOKDB3FuDR5i8/1i7
Wf1DiY8x/INTQ0hCrqAIoChliXPTHloBuWfisDmvBn8+Qw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:42:11 2025 by rpki-client