Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366435303a3a2f34382d3438203d3e203136393039.roa
File: 326131343a373538343a366435303a3a2f34382d3438203d3e203136393039.roa (raw, json)
Hash identifier: FofdxhPbKVEzKEfE40009FEI3VT9EsI7whBUYabQyuI=
Subject key identifier: 71:17:3E:8C:95:E0:13:B4:D2:CF:D6:4C:58:08:5D:28:11:6F:DA:5B
Certificate issuer: /CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Certificate serial: 3E06E4E9D063AFFBF76218852BC15A0F0DE456CC
Authority key identifier: 7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366435303a3a2f34382d3438203d3e203136393039.roa
Signing time: Sat 01 Feb 2025 21:54:06 +0000
ROA not before: Sat 01 Feb 2025 21:49:06 +0000
ROA not after: Sat 31 Jan 2026 21:54:06 +0000
asID: 16909
IP address blocks: 2a14:7584:6d50::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Feb 2025 19:27:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:06:e4:e9:d0:63:af:fb:f7:62:18:85:2b:c1:5a:0f:0d:e4:56:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45
Validity
Not Before: Feb 1 21:49:06 2025 GMT
Not After : Jan 31 21:54:06 2026 GMT
Subject: CN=71173E8C95E013B4D2CFD64C58085D28116FDA5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:75:da:4d:ff:dc:db:79:7b:bc:c8:22:be:e3:
02:d4:d1:7a:04:33:1f:91:a5:81:d9:90:dc:1d:6b:
f7:87:a0:37:5f:a8:54:1e:90:5c:b0:4b:a9:99:53:
d4:57:28:60:43:fe:d7:f2:4a:cb:56:f3:33:1d:40:
7e:66:cb:42:28:1b:a6:6e:0d:f4:6f:00:dd:cd:f4:
c3:e9:2e:d8:35:c7:0e:0c:a3:21:ce:7b:42:39:83:
54:38:42:ac:db:76:ed:6c:66:9e:ad:45:b8:01:bc:
1f:dc:79:d4:12:4c:23:19:22:cd:24:ba:05:a8:07:
fa:0d:56:fe:c6:8a:8e:ae:c8:39:e9:43:7f:71:e8:
a1:ee:db:2f:77:87:37:e1:64:f8:d7:e9:ac:af:ad:
90:49:b9:b2:7a:cb:bb:e2:60:54:20:9b:3f:e8:04:
d1:ab:06:c3:24:df:30:6e:b8:50:6f:2a:6e:c1:53:
ad:c3:78:01:2b:5a:22:71:34:b2:f9:fa:7c:75:c0:
a8:2e:17:95:46:c4:66:34:fe:73:10:7a:92:c7:cd:
e2:04:91:2d:a0:d3:26:99:1a:dc:be:92:4d:90:39:
95:95:d9:37:8d:95:28:1e:f6:53:bb:49:43:55:4a:
79:d0:94:ac:aa:d6:92:3b:b8:86:bd:af:bc:e3:c7:
86:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:17:3E:8C:95:E0:13:B4:D2:CF:D6:4C:58:08:5D:28:11:6F:DA:5B
X509v3 Authority Key Identifier:
keyid:7C:B2:6F:76:42:FD:6B:4C:BF:35:FB:EE:45:5F:1E:FB:0C:9F:0A:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/7CB26F7642FD6B4CBF35FBEE455F1EFB0C9F0A45.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/1/326131343a373538343a366435303a3a2f34382d3438203d3e203136393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7584:6d50::/48
Signature Algorithm: sha256WithRSAEncryption
84:ce:1d:21:9b:d7:c1:40:30:71:58:d2:d6:df:f4:1b:f0:ae:
25:85:3c:c3:4b:a5:80:a8:9c:96:7c:66:c9:98:67:ba:08:fb:
50:4e:c1:ff:f0:75:7b:32:8e:ea:b4:1b:1e:52:a5:1f:db:1c:
c6:c5:87:38:e0:85:e9:19:90:99:fd:9f:8c:ed:2d:be:83:04:
cd:45:7d:ee:a6:5b:f9:85:e5:8f:ac:55:c0:6a:a2:6a:94:99:
b9:a2:3b:43:d7:7a:31:c6:20:16:5c:a8:df:a1:47:c1:fa:15:
2e:14:d6:94:91:dd:26:da:e4:3a:19:18:fa:03:09:53:96:5c:
df:c7:a8:97:5f:a7:ce:87:60:69:68:1f:b6:46:ec:d4:9a:67:
42:9d:89:2a:21:47:26:0c:ba:c1:5b:6f:d6:e3:16:40:4f:ae:
ef:57:52:fa:36:87:c0:8b:b6:c9:09:52:c4:8e:5a:28:15:93:
b6:fb:f7:65:c4:e1:b5:d4:48:4b:a7:59:ef:88:88:94:49:c8:
91:7c:f0:60:f9:bb:00:b2:07:54:5b:05:6c:33:76:30:a9:fc:
39:b8:ab:ba:88:67:3d:40:23:0e:f6:71:2b:9a:ef:2c:c4:d7:
d3:be:04:2e:3a:76:c6:6c:ac:16:e4:97:a5:80:98:ce:f5:fc:
0c:bf:95:c9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPgbk6dBjr/v3YhiFK8FaDw3kVswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0NCMjZGNzY0MkZENkI0Q0JGMzVGQkVFNDU1RjFFRkIw
QzlGMEE0NTAeFw0yNTAyMDEyMTQ5MDZaFw0yNjAxMzEyMTU0MDZaMDMxMTAvBgNV
BAMTKDcxMTczRThDOTVFMDEzQjREMkNGRDY0QzU4MDg1RDI4MTE2RkRBNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqddpN/9zbeXu8yCK+4wLU0XoE
Mx+RpYHZkNwda/eHoDdfqFQekFywS6mZU9RXKGBD/tfySstW8zMdQH5my0IoG6Zu
DfRvAN3N9MPpLtg1xw4MoyHOe0I5g1Q4Qqzbdu1sZp6tRbgBvB/cedQSTCMZIs0k
ugWoB/oNVv7Gio6uyDnpQ39x6KHu2y93hzfhZPjX6ayvrZBJubJ6y7viYFQgmz/o
BNGrBsMk3zBuuFBvKm7BU63DeAErWiJxNLL5+nx1wKguF5VGxGY0/nMQepLHzeIE
kS2g0yaZGty+kk2QOZWV2TeNlSge9lO7SUNVSnnQlKyq1pI7uIa9r7zjx4a9AgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUcRc+jJXgE7TSz9ZMWAhdKBFv2lswHwYDVR0j
BBgwFoAUfLJvdkL9a0y/NfvuRV8e+wyfCkUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNkZjQ1YTBlYTY2ODcvMS83Q0IyNkY3NjQy
RkQ2QjRDQkYzNUZCRUU0NTVGMUVGQjBDOUYwQTQ1LmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUtNDI5OS1iMDc5LTMwOWVkOTdm
MzgyNC8wLzdDQjI2Rjc2NDJGRDZCNENCRjM1RkJFRTQ1NUYxRUZCMEM5RjBBNDUu
Y2VyMIGqBggrBgEFBQcBCwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNk
ZjQ1YTBlYTY2ODcvMS8zMjYxMzEzNDNhMzczNTM4MzQzYTM2NjQzNTMwM2EzYTJm
MzQzODJkMzQzODIwM2QzZTIwMzEzNjM5MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoUdYRtUDAN
BgkqhkiG9w0BAQsFAAOCAQEAhM4dIZvXwUAwcVjS1t/0G/CuJYU8w0ulgKiclnxm
yZhnugj7UE7B//B1ezKO6rQbHlKlH9scxsWHOOCF6RmQmf2fjO0tvoMEzUV97qZb
+YXlj6xVwGqiapSZuaI7Q9d6McYgFlyo36FHwfoVLhTWlJHdJtrkOhkY+gMJU5Zc
38eol1+nzodgaWgftkbs1JpnQp2JKiFHJgy6wVtv1uMWQE+u71dS+jaHwIu2yQlS
xI5aKBWTtvv3ZcThtdRIS6dZ74iIlEnIkXzwYPm7ALIHVFsFbDN2MKn8Obiruohn
PUAjDvZxK5rvLMTX074ELjp2xmysFuSXpYCYzvX8DL+VyQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:44:46 2025 by rpki-client