Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130303a3a2f34382d3438203d3e20313937393633.roa
File: 326130613a363034343a616130303a3a2f34382d3438203d3e20313937393633.roa (raw, json)
Hash identifier: YOFjeZRLDPrV9QhbKkv0Ofp7f7g3XrRID9F3WK+6y3Y=
Subject key identifier: 5E:41:C5:08:EE:FA:DC:19:22:26:C2:30:41:A2:3C:EB:55:9E:35:6A
Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial: 3A1323B9517ADA2248CDAE195E04B525A81323D6
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130303a3a2f34382d3438203d3e20313937393633.roa
Signing time: Fri 26 Jan 2024 19:46:08 +0000
ROA not before: Fri 26 Jan 2024 19:41:08 +0000
ROA not after: Fri 24 Jan 2025 19:46:08 +0000
asID: 197963
IP address blocks: 2a0a:6044:aa00::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 29 Aug 2024 03:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:13:23:b9:51:7a:da:22:48:cd:ae:19:5e:04:b5:25:a8:13:23:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Validity
Not Before: Jan 26 19:41:08 2024 GMT
Not After : Jan 24 19:46:08 2025 GMT
Subject: CN=5E41C508EEFADC192226C23041A23CEB559E356A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:88:2e:a5:32:45:c0:12:be:b5:c5:d4:d2:10:
c4:97:15:1f:b5:80:c2:14:9f:5f:15:08:e6:7e:cd:
86:44:1e:c4:e8:9f:16:d6:6b:19:99:fa:ac:aa:b7:
5e:72:f8:7e:62:8c:18:b7:76:e3:2e:9e:60:2b:a3:
9b:24:24:43:61:64:38:8b:dc:d4:ea:51:53:e0:f5:
a0:cb:4c:c6:ba:de:ee:b0:57:76:98:77:69:b2:1e:
16:98:a5:24:4b:4e:7d:e5:fa:b7:18:dd:5d:59:92:
e0:5b:66:bb:48:f3:b1:e2:91:b4:60:99:c6:13:1c:
84:22:78:b3:28:a5:22:c2:23:ce:f2:cc:a0:49:27:
94:15:21:2d:fa:f5:62:91:50:37:d6:54:68:24:6a:
59:e5:82:8a:47:09:ba:36:73:af:f9:26:70:8b:ea:
6b:dd:86:ad:e5:9f:cb:47:3a:c4:57:ec:95:ac:d6:
7b:7e:63:b9:9d:c3:be:d9:8f:d9:b1:ae:7c:af:6b:
82:c8:d3:73:99:cf:08:99:da:8d:59:5a:71:51:15:
64:77:af:fd:81:53:d2:93:f2:52:7b:bd:06:43:26:
f6:9d:7a:a9:ca:54:19:7f:ff:2c:1f:b2:ad:ce:1c:
d7:1e:15:d3:0f:43:60:81:0a:bc:7d:fd:a5:60:8a:
3c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:41:C5:08:EE:FA:DC:19:22:26:C2:30:41:A2:3C:EB:55:9E:35:6A
X509v3 Authority Key Identifier:
keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130303a3a2f34382d3438203d3e20313937393633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:aa00::/48
Signature Algorithm: sha256WithRSAEncryption
6d:04:20:f0:99:50:78:3c:0b:d5:34:68:5f:72:95:f0:9e:87:
45:0c:18:70:77:46:ee:a1:e8:d4:b2:9c:de:41:5c:ac:91:4c:
cf:61:8a:52:d9:bd:e0:26:47:a6:23:21:bb:84:f8:b9:66:54:
ac:fd:24:84:81:c3:dc:04:6e:83:7d:65:1a:b9:8d:d2:05:16:
b0:27:1f:c4:59:f6:69:30:56:61:ae:3c:6b:08:d6:96:79:ce:
c1:68:78:22:28:4f:44:f2:2a:c8:cd:a4:b2:31:a3:8e:0c:ba:
54:b3:42:5c:2c:1a:69:7f:b8:e6:09:67:fe:04:4a:11:7d:27:
54:e3:59:ab:26:3c:1b:ba:95:96:03:f7:27:83:3d:bf:3d:da:
88:5f:81:24:63:5d:32:d2:fd:3c:25:84:b9:b9:9d:00:2a:d1:
c9:90:53:0f:3d:5b:f4:9b:ba:1d:d0:20:09:46:c1:4e:e5:2f:
d7:08:a7:fa:41:d7:b9:88:fd:57:6f:e5:d0:38:81:4e:67:5d:
0c:2c:84:28:67:a1:61:a3:09:52:b5:e3:ed:b2:8a:af:6b:c4:
95:bf:3e:7b:50:d6:05:51:90:9d:8c:83:db:0b:8b:80:58:eb:
78:a6:f2:9b:f7:b1:85:aa:84:3d:65:a2:28:d1:a6:47:e3:b6:
21:82:2c:b9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUOhMjuVF62iJIza4ZXgS1JagTI9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDAxMjYxOTQxMDhaFw0yNTAxMjQxOTQ2MDhaMDMxMTAvBgNV
BAMTKDVFNDFDNTA4RUVGQURDMTkyMjI2QzIzMDQxQTIzQ0VCNTU5RTM1NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDciC6lMkXAEr61xdTSEMSXFR+1
gMIUn18VCOZ+zYZEHsTonxbWaxmZ+qyqt15y+H5ijBi3duMunmAro5skJENhZDiL
3NTqUVPg9aDLTMa63u6wV3aYd2myHhaYpSRLTn3l+rcY3V1ZkuBbZrtI87HikbRg
mcYTHIQieLMopSLCI87yzKBJJ5QVIS369WKRUDfWVGgkalnlgopHCbo2c6/5JnCL
6mvdhq3ln8tHOsRX7JWs1nt+Y7mdw77Zj9mxrnyva4LI03OZzwiZ2o1ZWnFRFWR3
r/2BU9KT8lJ7vQZDJvadeqnKVBl//ywfsq3OHNceFdMPQ2CBCrx9/aVgijztAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUXkHFCO763BkiJsIwQaI861WeNWowHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MTYxMzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzkzNzM5MzYzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoKYESqADANBgkqhkiG9w0BAQsFAAOCAQEAbQQg8JlQeDwL1TRo
X3KV8J6HRQwYcHdG7qHo1LKc3kFcrJFMz2GKUtm94CZHpiMhu4T4uWZUrP0khIHD
3ARug31lGrmN0gUWsCcfxFn2aTBWYa48awjWlnnOwWh4IihPRPIqyM2ksjGjjgy6
VLNCXCwaaX+45gln/gRKEX0nVONZqyY8G7qVlgP3J4M9vz3aiF+BJGNdMtL9PCWE
ubmdACrRyZBTDz1b9Ju6HdAgCUbBTuUv1win+kHXuYj9V2/l0DiBTmddDCyEKGeh
YaMJUrXj7bKKr2vElb8+e1DWBVGQnYyD2wuLgFjreKbym/exhaqEPWWiKNGmR+O2
IYIsuQ==
-----END CERTIFICATE-----
Generated at Thu Aug 29 06:12:37 2024 by rpki-client on console-ams.rpki-client.org