Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366363303a3a2f34382d3438203d3e203136393039.roa
File: 326131343a373538343a366363303a3a2f34382d3438203d3e203136393039.roa (raw, json)
Hash identifier: 54umfDJnJUXi48tQyo9MnFbS+dAFdJEi3bijpwS7qxM=
Subject key identifier: 4C:92:0B:8D:C0:1D:07:00:D3:BD:14:F9:58:B7:F8:74:8F:AB:70:3A
Certificate issuer: /CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Certificate serial: 77E57195256A9FA94571943E0A2F51376CA11D0A
Authority key identifier: 7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366363303a3a2f34382d3438203d3e203136393039.roa
Signing time: Sat 01 Feb 2025 21:39:49 +0000
ROA not before: Sat 01 Feb 2025 21:34:49 +0000
ROA not after: Sat 31 Jan 2026 21:39:49 +0000
asID: 16909
IP address blocks: 2a14:7584:6cc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 15 Feb 2025 20:42:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:e5:71:95:25:6a:9f:a9:45:71:94:3e:0a:2f:51:37:6c:a1:1d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Validity
Not Before: Feb 1 21:34:49 2025 GMT
Not After : Jan 31 21:39:49 2026 GMT
Subject: CN=4C920B8DC01D0700D3BD14F958B7F8748FAB703A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1e:b4:9b:db:2f:f5:c6:30:72:f0:7d:0f:be:
27:b6:b1:50:f8:87:41:cb:36:92:0b:06:de:48:b5:
6f:a6:59:e3:f8:ef:62:95:c1:f1:a6:4f:f7:de:99:
bd:20:8f:f2:fb:6d:83:a3:17:47:0d:c3:77:25:9e:
d0:40:81:18:44:18:5f:c0:2d:b9:33:fb:93:6c:eb:
1d:19:da:fe:44:c1:ac:17:bb:62:19:77:99:af:27:
3a:dd:19:dd:9a:77:7b:b0:8f:7b:f6:bb:c6:9b:70:
98:bc:c9:a6:0c:b2:8d:ed:93:b7:31:40:71:a4:17:
5f:36:ea:0c:5b:4e:d0:e7:ab:7a:c3:07:a4:cf:77:
ec:44:c6:c5:c6:2c:df:60:9e:61:5c:45:fe:bb:f4:
56:02:5c:60:fc:57:29:bc:3b:31:e0:63:8f:15:e2:
55:03:f0:35:92:d4:10:64:8c:06:6b:26:45:9f:99:
9e:d4:81:61:07:65:5f:fb:e5:bd:4d:46:4a:ba:d5:
8d:ab:68:c8:b8:2d:d5:e3:82:ae:e2:b8:2a:a1:d6:
4a:5b:f6:2f:66:b2:5e:32:45:0d:35:19:40:d1:4c:
33:36:6b:93:2e:83:e2:9b:21:f3:a5:6d:e4:0b:73:
06:51:52:ff:a4:82:91:e5:4e:76:55:93:5e:29:84:
fb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:92:0B:8D:C0:1D:07:00:D3:BD:14:F9:58:B7:F8:74:8F:AB:70:3A
X509v3 Authority Key Identifier:
keyid:7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366363303a3a2f34382d3438203d3e203136393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7584:6cc0::/48
Signature Algorithm: sha256WithRSAEncryption
b4:58:a3:71:03:97:ea:5c:b7:71:c6:cb:00:f4:03:ca:d4:70:
c1:fd:8d:cc:b2:45:45:9c:01:ae:d6:2c:6e:4d:6e:6e:73:03:
86:66:47:dc:2f:85:7a:e5:5f:a2:c2:06:bc:e1:19:49:b0:aa:
4e:87:76:de:18:12:ca:d3:1c:f1:d7:32:0e:14:a3:98:1c:ab:
bd:fb:70:25:43:77:1e:47:57:57:d7:ac:bb:77:dd:9c:9d:15:
20:c6:b3:7d:d0:6e:bb:fb:19:f6:ee:16:31:7f:83:3d:7a:b7:
f7:96:32:f2:b4:f5:bf:f2:5f:0c:a5:12:4f:d1:ad:6e:a9:cd:
7b:57:e9:be:1b:32:6d:a5:86:56:a5:7a:67:44:a3:bd:bc:94:
4f:b9:29:6d:f7:ce:3a:13:3f:69:7e:94:d3:61:d9:ec:52:f2:
54:b2:28:1e:b7:92:ab:2e:66:4d:30:76:2e:35:b6:d4:7b:6d:
8e:ee:23:9c:24:9e:8e:06:f1:68:c7:2d:37:bb:41:e6:ce:be:
4c:75:e1:eb:92:49:8b:85:37:a8:a1:cd:0e:45:55:88:38:db:
57:c4:2e:e1:23:54:28:bc:3c:0f:19:83:10:95:f3:ac:0f:d9:
8e:c0:07:c0:10:c5:9e:4a:ce:62:d3:26:90:9f:3f:f9:36:ec:
93:fa:6b:bd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUd+VxlSVqn6lFcZQ+Ci9RN2yhHQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0NCMjZGNzY0MkZENkI0Q0JGMzVGQkVFNDU1RjFFRkIw
QzlGMEE0NTAeFw0yNTAyMDEyMTM0NDlaFw0yNjAxMzEyMTM5NDlaMDMxMTAvBgNV
BAMTKDRDOTIwQjhEQzAxRDA3MDBEM0JEMTRGOTU4QjdGODc0OEZBQjcwM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcHrSb2y/1xjBy8H0Pvie2sVD4
h0HLNpILBt5ItW+mWeP472KVwfGmT/femb0gj/L7bYOjF0cNw3clntBAgRhEGF/A
Lbkz+5Ns6x0Z2v5EwawXu2IZd5mvJzrdGd2ad3uwj3v2u8abcJi8yaYMso3tk7cx
QHGkF1826gxbTtDnq3rDB6TPd+xExsXGLN9gnmFcRf679FYCXGD8Vym8OzHgY48V
4lUD8DWS1BBkjAZrJkWfmZ7UgWEHZV/75b1NRkq61Y2raMi4LdXjgq7iuCqh1kpb
9i9msl4yRQ01GUDRTDM2a5Mug+KbIfOlbeQLcwZRUv+kgpHlTnZVk14phPtJAgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUTJILjcAdBwDTvRT5WLf4dI+rcDowHwYDVR0j
BBgwFoAUfLJvdkL9a0y/NfvuRV8e+wyfCkUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNkZjQ1YTBlYTY2ODcvMS83Q0IyNkY3NjQy
RkQ2QjRDQkYzNUZCRUU0NTVGMUVGQjBDOUYwQTQ1LmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUtNDI5OS1iMDc5LTMwOWVkOTdm
MzgyNC8wLzdDQjI2Rjc2NDJGRDZCNENCRjM1RkJFRTQ1NUYxRUZCMEM5RjBBNDUu
Y2VyMIGqBggrBgEFBQcBCwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNk
ZjQ1YTBlYTY2ODcvMS8zMjYxMzEzNDNhMzczNTM4MzQzYTM2NjM2MzMwM2EzYTJm
MzQzODJkMzQzODIwM2QzZTIwMzEzNjM5MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoUdYRswDAN
BgkqhkiG9w0BAQsFAAOCAQEAtFijcQOX6ly3ccbLAPQDytRwwf2NzLJFRZwBrtYs
bk1ubnMDhmZH3C+FeuVfosIGvOEZSbCqTod23hgSytMc8dcyDhSjmByrvftwJUN3
HkdXV9esu3fdnJ0VIMazfdBuu/sZ9u4WMX+DPXq395Yy8rT1v/JfDKUST9GtbqnN
e1fpvhsybaWGVqV6Z0SjvbyUT7kpbffOOhM/aX6U02HZ7FLyVLIoHreSqy5mTTB2
LjW21Httju4jnCSejgbxaMctN7tB5s6+THXh65JJi4U3qKHNDkVViDjbV8Qu4SNU
KLw8DxmDEJXzrA/ZjsAHwBDFnkrOYtMmkJ8/+Tbsk/prvQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:44:51 2025 by rpki-client