Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366334303a3a2f34382d3438203d3e203136393039.roa
File: 326131343a373538343a366334303a3a2f34382d3438203d3e203136393039.roa (raw, json)
Hash identifier: NNzbyzzzWvih7B4v3xl2n1+sjmEgCINCmDYI3Oxonfg=
Subject key identifier: CB:85:2A:E9:2F:D6:B9:53:FA:5E:29:50:C3:48:BB:71:A7:2F:66:76
Certificate issuer: /CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Certificate serial: 5AAF9CF970ADB04EB60E5CA0CAA8459A379B07C1
Authority key identifier: 7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366334303a3a2f34382d3438203d3e203136393039.roa
Signing time: Sat 01 Feb 2025 19:34:17 +0000
ROA not before: Sat 01 Feb 2025 19:29:17 +0000
ROA not after: Sat 31 Jan 2026 19:34:17 +0000
asID: 16909
IP address blocks: 2a14:7584:6c40::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Feb 2025 15:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:af:9c:f9:70:ad:b0:4e:b6:0e:5c:a0:ca:a8:45:9a:37:9b:07:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Validity
Not Before: Feb 1 19:29:17 2025 GMT
Not After : Jan 31 19:34:17 2026 GMT
Subject: CN=CB852AE92FD6B953FA5E2950C348BB71A72F6676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:13:57:ac:66:91:db:0e:58:42:5e:13:07:53:
50:93:f0:91:5f:67:5f:7f:f2:ad:b6:f9:a1:0c:30:
ab:48:e8:57:27:a9:ce:11:ff:e5:4c:38:fa:aa:91:
20:3b:14:7f:33:3f:fb:2c:5b:0c:ef:0f:6e:2f:89:
5f:e8:42:b7:05:88:d9:b4:7b:59:03:19:ff:e3:34:
d7:ed:bb:5b:bf:24:46:5d:03:a0:96:45:b4:15:93:
f7:76:33:f2:c1:b7:a3:b8:8e:20:b2:3e:00:ad:db:
6a:01:f1:d4:13:57:d6:72:10:9e:01:e6:59:1e:19:
4d:dc:78:38:d8:44:d0:ee:47:ad:6c:de:6f:a9:ac:
3f:e0:e4:3f:a7:a1:35:a8:77:9f:af:be:87:3e:d9:
1f:98:2e:9c:3a:44:2e:8a:ca:eb:fd:6a:11:3c:18:
ae:83:1b:01:71:e4:07:32:9b:1e:95:f1:51:e7:d9:
94:42:fc:9f:2c:1d:2e:21:c7:62:96:01:6b:7e:62:
89:05:51:74:aa:0d:08:23:73:a8:89:7c:3f:52:47:
6b:db:25:a6:d9:44:f7:f7:09:cd:fe:d9:5c:52:31:
dd:ec:03:8d:b5:c2:23:c3:dd:73:2d:55:1b:50:4a:
c3:c3:7f:be:ae:8c:ce:ad:78:8b:69:5d:8c:b3:90:
d4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:85:2A:E9:2F:D6:B9:53:FA:5E:29:50:C3:48:BB:71:A7:2F:66:76
X509v3 Authority Key Identifier:
keyid:7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366334303a3a2f34382d3438203d3e203136393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7584:6c40::/48
Signature Algorithm: sha256WithRSAEncryption
40:97:22:f0:a4:83:36:e8:9a:de:9c:9b:40:d5:80:c4:b3:0e:
e9:b0:95:da:17:40:f2:86:d6:f7:5f:8a:12:b8:f3:78:87:a8:
5d:1e:36:25:51:b2:63:de:eb:8e:1a:0f:ff:a9:e3:ef:f0:f8:
9e:59:1c:63:3b:4c:ff:dc:1b:25:45:09:ab:d2:b8:47:a3:d2:
99:77:a7:ef:8c:17:b1:41:b0:5b:6a:49:7f:d2:85:60:79:f4:
d8:2c:0d:14:4a:91:87:cc:3f:33:cf:e0:cd:83:7b:0a:be:65:
0b:78:5d:74:dc:63:90:c7:27:b1:95:16:7a:d9:aa:a0:dd:31:
20:f4:c7:99:00:fa:09:9d:f8:58:69:ec:d5:a1:a9:4d:83:08:
7a:5b:4b:db:7c:44:19:8c:4c:2d:5f:d6:ee:1e:ef:2d:11:78:
e6:fe:e7:cf:de:cd:51:c0:14:12:93:37:30:85:9a:c0:25:c3:
d1:a8:89:08:f0:18:84:78:6b:23:71:26:03:ba:d7:5e:99:87:
ac:2d:ef:6d:60:d1:57:ee:aa:f3:70:06:cc:7a:fa:5b:ea:9d:
43:f9:13:4a:e2:fa:5e:0d:3e:78:67:e9:a1:77:9b:29:08:b1:
af:37:f2:cf:b4:18:76:b4:d4:e4:b4:c4:e7:cb:d9:d9:9f:f7:
92:14:4f:70
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWq+c+XCtsE62DlygyqhFmjebB8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0NCMjZGNzY0MkZENkI0Q0JGMzVGQkVFNDU1RjFFRkIw
QzlGMEE0NTAeFw0yNTAyMDExOTI5MTdaFw0yNjAxMzExOTM0MTdaMDMxMTAvBgNV
BAMTKENCODUyQUU5MkZENkI5NTNGQTVFMjk1MEMzNDhCQjcxQTcyRjY2NzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7E1esZpHbDlhCXhMHU1CT8JFf
Z19/8q22+aEMMKtI6Fcnqc4R/+VMOPqqkSA7FH8zP/ssWwzvD24viV/oQrcFiNm0
e1kDGf/jNNftu1u/JEZdA6CWRbQVk/d2M/LBt6O4jiCyPgCt22oB8dQTV9ZyEJ4B
5lkeGU3ceDjYRNDuR61s3m+prD/g5D+noTWod5+vvoc+2R+YLpw6RC6Kyuv9ahE8
GK6DGwFx5Acymx6V8VHn2ZRC/J8sHS4hx2KWAWt+YokFUXSqDQgjc6iJfD9SR2vb
JabZRPf3Cc3+2VxSMd3sA421wiPD3XMtVRtQSsPDf76ujM6teItpXYyzkNRRAgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUy4Uq6S/WuVP6XilQw0i7cacvZnYwHwYDVR0j
BBgwFoAUfLJvdkL9a0y/NfvuRV8e+wyfCkUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNkZjQ1YTBlYTY2ODcvMS83Q0IyNkY3NjQy
RkQ2QjRDQkYzNUZCRUU0NTVGMUVGQjBDOUYwQTQ1LmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUtNDI5OS1iMDc5LTMwOWVkOTdm
MzgyNC8wLzdDQjI2Rjc2NDJGRDZCNENCRjM1RkJFRTQ1NUYxRUZCMEM5RjBBNDUu
Y2VyMIGqBggrBgEFBQcBCwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNk
ZjQ1YTBlYTY2ODcvMS8zMjYxMzEzNDNhMzczNTM4MzQzYTM2NjMzNDMwM2EzYTJm
MzQzODJkMzQzODIwM2QzZTIwMzEzNjM5MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoUdYRsQDAN
BgkqhkiG9w0BAQsFAAOCAQEAQJci8KSDNuia3pybQNWAxLMO6bCV2hdA8obW91+K
ErjzeIeoXR42JVGyY97rjhoP/6nj7/D4nlkcYztM/9wbJUUJq9K4R6PSmXen74wX
sUGwW2pJf9KFYHn02CwNFEqRh8w/M8/gzYN7Cr5lC3hddNxjkMcnsZUWetmqoN0x
IPTHmQD6CZ34WGns1aGpTYMIeltL23xEGYxMLV/W7h7vLRF45v7nz97NUcAUEpM3
MIWawCXD0aiJCPAYhHhrI3EmA7rXXpmHrC3vbWDRV+6q83AGzHr6W+qdQ/kTSuL6
Xg0+eGfpoXebKQixrzfyz7QYdrTU5LTE58vZ2Z/3khRPcA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:45:03 2025 by rpki-client