Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366266303a3a2f34382d3438203d3e203136393039.roa
File: 326131343a373538343a366266303a3a2f34382d3438203d3e203136393039.roa (raw, json)
Hash identifier: hqOcuqFVj4oVnLUocjcLabVwKjnrC2U5k+s2PgjBaiQ=
Subject key identifier: 6D:DA:C7:FB:83:0E:98:83:3C:27:86:88:C6:CC:13:7B:DE:01:F2:A0
Certificate issuer: /CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Certificate serial: 127EB9D799D6420703AD1482F280407D902C7955
Authority key identifier: 7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366266303a3a2f34382d3438203d3e203136393039.roa
Signing time: Sat 01 Feb 2025 19:33:45 +0000
ROA not before: Sat 01 Feb 2025 19:28:45 +0000
ROA not after: Sat 31 Jan 2026 19:33:45 +0000
asID: 16909
IP address blocks: 2a14:7584:6bf0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 15 Feb 2025 20:42:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:7e:b9:d7:99:d6:42:07:03:ad:14:82:f2:80:40:7d:90:2c:79:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Validity
Not Before: Feb 1 19:28:45 2025 GMT
Not After : Jan 31 19:33:45 2026 GMT
Subject: CN=6DDAC7FB830E98833C278688C6CC137BDE01F2A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:37:64:5f:e9:04:b6:fd:c9:50:ac:f2:53:24:
71:b3:05:27:d8:ca:cc:dd:fa:ec:73:8f:41:aa:d0:
1e:1b:be:38:e2:17:c6:fd:7b:b9:4d:f6:e4:05:41:
da:61:e7:32:a8:44:03:a3:3a:06:46:55:cd:00:91:
1f:01:b0:29:36:d2:cc:f5:8a:48:94:3b:de:08:23:
02:df:5c:6d:0f:14:07:69:99:ff:cc:56:3e:a0:d2:
70:a2:5f:42:14:a9:cc:e7:c0:93:58:3b:d8:42:d1:
1e:bf:1f:77:54:67:6f:c0:0a:5e:77:2a:40:6e:22:
ed:47:46:1c:ce:c2:ac:18:ce:61:78:5c:b5:f9:38:
d9:94:d9:f5:11:31:ab:70:28:b7:1d:23:84:c8:23:
b6:28:97:bd:af:65:71:c4:6d:79:73:e6:31:2d:fa:
e0:9e:e5:a1:f1:a5:84:83:b2:b3:ad:d2:db:cb:68:
c0:11:87:e2:f2:78:ca:ba:23:ac:31:c0:5d:2e:d1:
b6:23:76:9f:fc:25:18:29:04:91:0a:8a:cb:10:06:
a8:bb:86:9f:d5:5c:de:8d:70:63:17:91:92:32:52:
df:9f:62:18:f0:d6:5f:3e:94:34:34:b4:71:68:c7:
e7:42:06:de:c4:c4:aa:76:21:e7:9f:9e:cc:97:53:
ec:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:DA:C7:FB:83:0E:98:83:3C:27:86:88:C6:CC:13:7B:DE:01:F2:A0
X509v3 Authority Key Identifier:
keyid:7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366266303a3a2f34382d3438203d3e203136393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7584:6bf0::/48
Signature Algorithm: sha256WithRSAEncryption
08:af:ba:a8:38:60:f1:70:07:1e:1e:88:05:5d:7c:a8:d0:af:
64:8c:c8:38:c2:b5:bb:ff:f3:7c:16:c3:fd:7b:7e:f3:6c:cb:
d1:4b:6d:f2:26:f2:88:4a:35:9d:d3:3f:87:7c:f9:6a:66:47:
50:8c:ea:e7:60:70:24:1c:1a:62:46:34:6a:b7:52:59:fc:90:
65:0f:a1:18:6b:32:f0:ee:ea:39:e0:31:17:ec:2f:01:91:28:
8d:67:41:89:89:0f:e5:34:bc:8f:b9:df:ed:2a:ba:af:c1:8f:
76:41:c9:92:0e:e1:c9:61:43:10:d8:e6:3f:df:d2:fb:d4:ef:
62:f1:66:f9:a5:26:55:2e:8e:2d:e2:7d:50:18:4e:07:7f:ca:
fc:af:f4:2a:a5:45:1c:31:ff:0d:63:49:f4:ec:f6:36:ce:e3:
fb:a7:0b:ca:f2:f1:c8:5a:3c:6a:cf:7a:70:85:4a:38:96:63:
b9:4d:5b:5d:d6:3b:df:6d:cd:83:64:6b:90:e9:a0:1b:f4:28:
08:93:02:fa:22:3a:99:85:a4:a6:01:fe:b5:c8:8a:47:60:ea:
a3:c6:0b:78:04:41:ed:d9:3e:2b:59:12:bf:4b:79:21:b2:69:
a4:01:38:fb:b4:e1:01:b9:9c:88:df:40:2d:98:08:c4:22:f1:
28:94:3d:48
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEn6515nWQgcDrRSC8oBAfZAseVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0NCMjZGNzY0MkZENkI0Q0JGMzVGQkVFNDU1RjFFRkIw
QzlGMEE0NTAeFw0yNTAyMDExOTI4NDVaFw0yNjAxMzExOTMzNDVaMDMxMTAvBgNV
BAMTKDZEREFDN0ZCODMwRTk4ODMzQzI3ODY4OEM2Q0MxMzdCREUwMUYyQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVN2Rf6QS2/clQrPJTJHGzBSfY
yszd+uxzj0Gq0B4bvjjiF8b9e7lN9uQFQdph5zKoRAOjOgZGVc0AkR8BsCk20sz1
ikiUO94IIwLfXG0PFAdpmf/MVj6g0nCiX0IUqcznwJNYO9hC0R6/H3dUZ2/ACl53
KkBuIu1HRhzOwqwYzmF4XLX5ONmU2fURMatwKLcdI4TII7Yol72vZXHEbXlz5jEt
+uCe5aHxpYSDsrOt0tvLaMARh+LyeMq6I6wxwF0u0bYjdp/8JRgpBJEKissQBqi7
hp/VXN6NcGMXkZIyUt+fYhjw1l8+lDQ0tHFox+dCBt7ExKp2IeefnsyXU+xbAgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUbdrH+4MOmIM8J4aIxswTe94B8qAwHwYDVR0j
BBgwFoAUfLJvdkL9a0y/NfvuRV8e+wyfCkUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNkZjQ1YTBlYTY2ODcvMS83Q0IyNkY3NjQy
RkQ2QjRDQkYzNUZCRUU0NTVGMUVGQjBDOUYwQTQ1LmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUtNDI5OS1iMDc5LTMwOWVkOTdm
MzgyNC8wLzdDQjI2Rjc2NDJGRDZCNENCRjM1RkJFRTQ1NUYxRUZCMEM5RjBBNDUu
Y2VyMIGqBggrBgEFBQcBCwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNk
ZjQ1YTBlYTY2ODcvMS8zMjYxMzEzNDNhMzczNTM4MzQzYTM2NjI2NjMwM2EzYTJm
MzQzODJkMzQzODIwM2QzZTIwMzEzNjM5MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoUdYRr8DAN
BgkqhkiG9w0BAQsFAAOCAQEACK+6qDhg8XAHHh6IBV18qNCvZIzIOMK1u//zfBbD
/Xt+82zL0Utt8ibyiEo1ndM/h3z5amZHUIzq52BwJBwaYkY0ardSWfyQZQ+hGGsy
8O7qOeAxF+wvAZEojWdBiYkP5TS8j7nf7Sq6r8GPdkHJkg7hyWFDENjmP9/S+9Tv
YvFm+aUmVS6OLeJ9UBhOB3/K/K/0KqVFHDH/DWNJ9Oz2Ns7j+6cLyvLxyFo8as96
cIVKOJZjuU1bXdY7323Ng2RrkOmgG/QoCJMC+iI6mYWkpgH+tciKR2Dqo8YLeARB
7dk+K1kSv0t5IbJppAE4+7ThAbmciN9ALZgIxCLxKJQ9SA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:45:54 2025 by rpki-client