Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366434303a3a2f34382d3438203d3e203136393039.roa
File: 326131343a373538343a366434303a3a2f34382d3438203d3e203136393039.roa (raw, json)
Hash identifier: T/x+lAzwgyQ4hauoW5t97hTEOKgZEQm1Cdhjqo9c3qU=
Subject key identifier: 8E:DE:62:AE:7C:3F:C4:AE:ED:06:F4:42:81:C7:F4:7B:39:9D:C4:03
Certificate issuer: /CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Certificate serial: 799E3D2D610FCB3BA1D3B9AD9D055416F5ABB6E8
Authority key identifier: 7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366434303a3a2f34382d3438203d3e203136393039.roa
Signing time: Sat 01 Feb 2025 21:54:05 +0000
ROA not before: Sat 01 Feb 2025 21:49:05 +0000
ROA not after: Sat 31 Jan 2026 21:54:05 +0000
asID: 16909
IP address blocks: 2a14:7584:6d40::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Feb 2025 19:27:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:9e:3d:2d:61:0f:cb:3b:a1:d3:b9:ad:9d:05:54:16:f5:ab:b6:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Validity
Not Before: Feb 1 21:49:05 2025 GMT
Not After : Jan 31 21:54:05 2026 GMT
Subject: CN=8EDE62AE7C3FC4AEED06F44281C7F47B399DC403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:81:fa:2d:8e:df:26:48:60:21:0d:c7:08:95:
dd:0d:fc:a8:b4:0e:bf:dc:3b:e4:c3:8e:3b:fb:c4:
e0:18:ab:bf:03:31:3b:55:39:9e:17:3f:65:82:36:
31:49:fb:eb:d5:35:9a:23:34:4b:31:ee:53:1e:58:
47:24:9b:89:e4:2c:95:62:83:9b:c2:c3:50:28:56:
fc:03:79:6f:dc:3c:c3:18:a6:85:68:2f:4b:e1:2d:
f3:8d:86:dd:b3:86:2f:69:03:27:bf:b3:cf:eb:bc:
52:e2:91:49:c4:83:0e:1d:ac:12:4b:62:0a:13:93:
6a:38:eb:cc:dc:64:51:4b:95:1f:3f:0b:e3:6c:6e:
4b:6f:68:3f:b4:f2:4c:cc:52:c4:57:2a:d7:3f:ec:
01:63:d5:f0:e9:8b:b0:2a:c2:24:73:82:67:07:23:
9d:06:fb:30:78:1a:42:77:ac:b7:35:70:6f:d6:4c:
ad:b3:51:5d:8c:76:d8:5a:0a:f9:d9:99:ed:2e:7b:
21:23:18:b8:03:82:0a:f1:e9:b4:f3:ff:44:b7:1b:
a9:8d:75:5b:b9:ce:e0:06:a7:38:17:8f:88:bc:2c:
5c:c8:38:3f:07:12:8b:8f:4a:d0:da:78:02:2f:90:
1c:71:0b:a1:92:93:6b:90:4b:93:ea:3c:ae:00:9d:
44:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:DE:62:AE:7C:3F:C4:AE:ED:06:F4:42:81:C7:F4:7B:39:9D:C4:03
X509v3 Authority Key Identifier:
keyid:7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366434303a3a2f34382d3438203d3e203136393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7584:6d40::/48
Signature Algorithm: sha256WithRSAEncryption
72:b6:18:b2:58:51:2c:bc:90:e2:cc:8e:25:c9:02:23:aa:83:
a1:c5:86:e8:61:9c:05:97:64:f9:47:2f:65:ed:5c:14:34:07:
15:85:b0:4e:3d:88:3e:c4:0b:1b:e8:48:10:17:cd:de:54:bb:
2d:c4:0c:14:a2:c9:4e:25:64:97:7e:8e:ae:bf:16:f1:ae:3b:
74:39:22:c4:c3:a9:25:fa:e5:6c:17:24:e4:10:27:bb:68:0d:
b0:02:1d:48:ad:e9:02:1a:3c:67:88:6a:4c:69:c9:d1:03:3d:
4e:2b:34:4e:9c:6d:d5:f0:88:94:9c:f2:83:a5:c8:96:eb:e6:
eb:71:f1:3e:80:ea:51:f8:ed:be:5c:e4:61:f1:c2:2b:de:a7:
57:b2:3c:37:64:6d:1f:7e:86:f3:28:43:93:0f:c4:07:44:5f:
f2:50:e8:6d:20:aa:74:11:7a:69:af:b0:7a:ee:81:3a:ac:31:
b6:9c:93:1f:8c:53:be:01:0b:ad:73:32:cc:20:52:b6:bf:33:
95:4e:e1:bf:33:81:9f:07:90:b9:c5:ca:7d:7c:86:f2:65:50:
3f:16:5c:e1:66:51:fb:45:26:a0:27:85:93:48:46:a9:8e:35:
c0:87:d5:03:66:ea:8d:db:e0:9e:3f:ad:fb:32:a0:ea:3d:d9:
c6:6b:fc:52
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeZ49LWEPyzuh07mtnQVUFvWrtugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0NCMjZGNzY0MkZENkI0Q0JGMzVGQkVFNDU1RjFFRkIw
QzlGMEE0NTAeFw0yNTAyMDEyMTQ5MDVaFw0yNjAxMzEyMTU0MDVaMDMxMTAvBgNV
BAMTKDhFREU2MkFFN0MzRkM0QUVFRDA2RjQ0MjgxQzdGNDdCMzk5REM0MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEgfotjt8mSGAhDccIld0N/Ki0
Dr/cO+TDjjv7xOAYq78DMTtVOZ4XP2WCNjFJ++vVNZojNEsx7lMeWEckm4nkLJVi
g5vCw1AoVvwDeW/cPMMYpoVoL0vhLfONht2zhi9pAye/s8/rvFLikUnEgw4drBJL
YgoTk2o468zcZFFLlR8/C+NsbktvaD+08kzMUsRXKtc/7AFj1fDpi7AqwiRzgmcH
I50G+zB4GkJ3rLc1cG/WTK2zUV2MdthaCvnZme0ueyEjGLgDggrx6bTz/0S3G6mN
dVu5zuAGpzgXj4i8LFzIOD8HEouPStDaeAIvkBxxC6GSk2uQS5PqPK4AnUR5AgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUjt5irnw/xK7tBvRCgcf0ezmdxAMwHwYDVR0j
BBgwFoAUfLJvdkL9a0y/NfvuRV8e+wyfCkUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNkZjQ1YTBlYTY2ODcvMS83Q0IyNkY3NjQy
RkQ2QjRDQkYzNUZCRUU0NTVGMUVGQjBDOUYwQTQ1LmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUtNDI5OS1iMDc5LTMwOWVkOTdm
MzgyNC8wLzdDQjI2Rjc2NDJGRDZCNENCRjM1RkJFRTQ1NUYxRUZCMEM5RjBBNDUu
Y2VyMIGqBggrBgEFBQcBCwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNk
ZjQ1YTBlYTY2ODcvMS8zMjYxMzEzNDNhMzczNTM4MzQzYTM2NjQzNDMwM2EzYTJm
MzQzODJkMzQzODIwM2QzZTIwMzEzNjM5MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoUdYRtQDAN
BgkqhkiG9w0BAQsFAAOCAQEAcrYYslhRLLyQ4syOJckCI6qDocWG6GGcBZdk+Ucv
Ze1cFDQHFYWwTj2IPsQLG+hIEBfN3lS7LcQMFKLJTiVkl36Orr8W8a47dDkixMOp
JfrlbBck5BAnu2gNsAIdSK3pAho8Z4hqTGnJ0QM9Tis0Tpxt1fCIlJzyg6XIluvm
63HxPoDqUfjtvlzkYfHCK96nV7I8N2RtH36G8yhDkw/EB0Rf8lDobSCqdBF6aa+w
eu6BOqwxtpyTH4xTvgELrXMyzCBStr8zlU7hvzOBnweQucXKfXyG8mVQPxZc4WZR
+0UmoCeFk0hGqY41wIfVA2bqjdvgnj+t+zKg6j3Zxmv8Ug==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:46:59 2025 by rpki-client