Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366332303a3a2f34382d3438203d3e203136393039.roa
File: 326131343a373538343a366332303a3a2f34382d3438203d3e203136393039.roa (raw, json)
Hash identifier: +wdTR2A1O4KmAGF0XNQW4XxHbQHGKcAXhJlc2LnSWDs=
Subject key identifier: 86:15:55:A3:17:C8:48:97:82:64:0D:DC:F9:99:46:0F:0F:4A:79:EF
Certificate issuer: /CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Certificate serial: 1868102128B6A2DE8BD5D69A2601ED31D6C2FCC6
Authority key identifier: 7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366332303a3a2f34382d3438203d3e203136393039.roa
Signing time: Sat 01 Feb 2025 19:34:16 +0000
ROA not before: Sat 01 Feb 2025 19:29:16 +0000
ROA not after: Sat 31 Jan 2026 19:34:16 +0000
asID: 16909
IP address blocks: 2a14:7584:6c20::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Feb 2025 15:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:68:10:21:28:b6:a2:de:8b:d5:d6:9a:26:01:ed:31:d6:c2:fc:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Validity
Not Before: Feb 1 19:29:16 2025 GMT
Not After : Jan 31 19:34:16 2026 GMT
Subject: CN=861555A317C8489782640DDCF999460F0F4A79EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:02:72:8c:e4:10:56:3f:da:78:d4:fc:3d:89:
3e:3e:53:e5:8f:ba:d7:8f:49:46:9f:bf:b8:4f:5f:
e0:96:46:a3:de:73:b1:9e:3e:91:3c:d5:66:c1:4a:
65:f6:c8:d5:01:df:56:97:a0:f1:96:28:9f:5e:36:
d4:30:48:7c:dd:e1:42:ba:51:66:91:5f:44:42:7f:
22:1f:cf:27:51:69:e5:07:2f:17:31:52:15:6a:d8:
c8:51:32:dc:ff:3e:7b:84:60:da:59:81:e0:59:43:
38:bc:80:e0:4c:10:6a:5a:db:f9:1e:c6:2d:1a:c3:
0d:11:96:f0:21:db:8d:81:5d:c5:f3:00:03:d3:49:
26:84:b0:bd:8d:72:c3:18:48:16:ee:f0:a0:21:97:
49:d6:75:6e:98:db:fc:ec:71:fd:e1:7b:ab:a1:e9:
42:bb:d3:9e:52:6e:94:06:20:ed:79:5f:c2:8d:70:
ef:d8:3d:c4:e5:94:2e:ef:38:68:e4:d7:ff:9d:05:
5b:0e:7a:60:8e:92:9c:47:87:81:5e:4a:d8:c8:ad:
79:82:3b:02:2c:03:88:a2:0a:12:ea:ef:67:0e:bc:
7b:d8:a3:bd:d4:31:2f:c7:55:3d:2d:bd:a3:61:3b:
1e:01:a8:69:ea:33:bb:88:61:67:76:18:3c:3f:8f:
34:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:15:55:A3:17:C8:48:97:82:64:0D:DC:F9:99:46:0F:0F:4A:79:EF
X509v3 Authority Key Identifier:
keyid:7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366332303a3a2f34382d3438203d3e203136393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7584:6c20::/48
Signature Algorithm: sha256WithRSAEncryption
24:80:13:ef:35:5a:44:9c:5f:0f:51:21:91:f4:bf:03:87:5a:
14:3d:8d:f4:ec:2c:e3:b0:93:93:61:9a:f4:20:b0:f3:9d:63:
b4:05:4d:83:fa:16:ce:cd:88:72:a8:98:07:d3:00:8b:d2:69:
90:e4:da:35:f4:56:6b:14:d3:49:0d:78:8f:52:52:94:7e:28:
7a:2f:a4:4a:a6:63:b4:80:c0:82:75:b2:5c:a2:c0:ba:91:a0:
14:6a:05:ac:e0:db:22:cc:92:88:0c:d0:c1:94:86:e6:21:12:
e9:c0:5b:d0:19:b4:b0:ab:85:ed:83:65:8d:ef:9a:f0:a5:08:
e8:cf:dc:7e:5b:3e:fd:8b:b3:ae:fd:fc:59:29:35:a3:8d:64:
86:8c:19:b8:bf:7a:56:c4:92:74:a3:e3:8d:db:4d:6f:7f:44:
7e:8f:8c:05:70:02:df:86:06:1f:ca:ab:85:62:54:92:27:61:
0e:a6:d2:b7:93:0e:37:ba:7c:0a:4c:06:10:27:2a:b8:93:38:
d7:7c:61:57:81:7e:fd:2b:62:a3:67:c4:2c:cd:bf:0f:46:c9:
f5:db:26:91:36:d9:1f:51:ac:ef:4c:58:89:86:3d:bd:0d:e7:
a7:2f:72:f8:8d:9d:f5:fb:3b:e6:08:1d:6f:fa:ac:af:51:cf:
e2:d4:c3:fe
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGGgQISi2ot6L1daaJgHtMdbC/MYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0NCMjZGNzY0MkZENkI0Q0JGMzVGQkVFNDU1RjFFRkIw
QzlGMEE0NTAeFw0yNTAyMDExOTI5MTZaFw0yNjAxMzExOTM0MTZaMDMxMTAvBgNV
BAMTKDg2MTU1NUEzMTdDODQ4OTc4MjY0MEREQ0Y5OTk0NjBGMEY0QTc5RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1AnKM5BBWP9p41Pw9iT4+U+WP
utePSUafv7hPX+CWRqPec7GePpE81WbBSmX2yNUB31aXoPGWKJ9eNtQwSHzd4UK6
UWaRX0RCfyIfzydRaeUHLxcxUhVq2MhRMtz/PnuEYNpZgeBZQzi8gOBMEGpa2/ke
xi0aww0RlvAh242BXcXzAAPTSSaEsL2NcsMYSBbu8KAhl0nWdW6Y2/zscf3he6uh
6UK7055SbpQGIO15X8KNcO/YPcTllC7vOGjk1/+dBVsOemCOkpxHh4FeStjIrXmC
OwIsA4iiChLq72cOvHvYo73UMS/HVT0tvaNhOx4BqGnqM7uIYWd2GDw/jzS1AgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUhhVVoxfISJeCZA3c+ZlGDw9Kee8wHwYDVR0j
BBgwFoAUfLJvdkL9a0y/NfvuRV8e+wyfCkUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNkZjQ1YTBlYTY2ODcvMS83Q0IyNkY3NjQy
RkQ2QjRDQkYzNUZCRUU0NTVGMUVGQjBDOUYwQTQ1LmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUtNDI5OS1iMDc5LTMwOWVkOTdm
MzgyNC8wLzdDQjI2Rjc2NDJGRDZCNENCRjM1RkJFRTQ1NUYxRUZCMEM5RjBBNDUu
Y2VyMIGqBggrBgEFBQcBCwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNk
ZjQ1YTBlYTY2ODcvMS8zMjYxMzEzNDNhMzczNTM4MzQzYTM2NjMzMjMwM2EzYTJm
MzQzODJkMzQzODIwM2QzZTIwMzEzNjM5MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoUdYRsIDAN
BgkqhkiG9w0BAQsFAAOCAQEAJIAT7zVaRJxfD1EhkfS/A4daFD2N9Ows47CTk2Ga
9CCw851jtAVNg/oWzs2IcqiYB9MAi9JpkOTaNfRWaxTTSQ14j1JSlH4oei+kSqZj
tIDAgnWyXKLAupGgFGoFrODbIsySiAzQwZSG5iES6cBb0Bm0sKuF7YNlje+a8KUI
6M/cfls+/Yuzrv38WSk1o41khowZuL96VsSSdKPjjdtNb39Efo+MBXAC34YGH8qr
hWJUkidhDqbSt5MON7p8CkwGECcquJM413xhV4F+/Stio2fELM2/D0bJ9dsmkTbZ
H1Gs70xYiYY9vQ3npy9y+I2d9fs75ggdb/qsr1HP4tTD/g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:40:24 2025 by rpki-client