Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a623a3a2f34382d3438203d3e203437323732.roa
File: 326130613a363034343a623a3a2f34382d3438203d3e203437323732.roa (raw, json)
Hash identifier: zPycA/PUfA9icGJHaTrlfk4kx64Bk2STxr5ob5ORXwQ=
Subject key identifier: 29:D3:82:95:C7:FE:13:49:06:07:A2:CD:24:2C:63:32:39:7C:49:41
Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial: 498A4FB375D5ED3566704C378C5046FFE8FF0B9C
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a623a3a2f34382d3438203d3e203437323732.roa
Signing time: Tue 06 Aug 2024 12:05:39 +0000
ROA not before: Tue 06 Aug 2024 12:00:39 +0000
ROA not after: Tue 05 Aug 2025 12:05:39 +0000
asID: 47272
IP address blocks: 2a0a:6044:b::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 29 Aug 2024 03:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:8a:4f:b3:75:d5:ed:35:66:70:4c:37:8c:50:46:ff:e8:ff:0b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Validity
Not Before: Aug 6 12:00:39 2024 GMT
Not After : Aug 5 12:05:39 2025 GMT
Subject: CN=29D38295C7FE13490607A2CD242C6332397C4941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:82:62:61:c4:dd:16:4e:5a:1d:cd:3d:f6:b0:
9b:c2:cd:c2:2d:1a:81:21:3d:05:fb:da:5b:98:70:
57:2f:97:71:8b:21:2e:59:0f:01:36:0d:43:2f:f7:
d1:3b:61:ed:70:75:e8:ab:c3:c8:72:8f:07:21:c6:
e3:8e:e2:4b:22:e6:a9:3b:5c:6e:fa:9b:07:bc:a0:
af:05:cc:92:9e:1c:12:8b:e1:8b:7d:ce:ae:88:70:
f4:44:6e:b6:06:df:b4:10:09:7b:c5:be:b5:2b:dc:
c5:18:5e:39:14:72:fe:ec:bc:52:87:e9:41:66:1c:
aa:ab:83:9c:20:e8:9e:01:cf:c8:c2:db:68:8e:a2:
02:de:5a:90:e6:70:3b:b0:dd:86:20:c8:e7:6f:ce:
6a:ab:d9:88:42:49:3c:19:4a:89:2a:9d:9d:eb:65:
c4:28:3b:71:02:c4:c8:bf:41:13:b3:51:ad:63:87:
4f:ea:13:02:df:dc:7f:67:eb:db:35:64:c3:75:1f:
a5:b7:60:29:18:4d:73:8f:75:48:03:5e:08:ce:70:
f4:7c:74:cd:94:35:aa:68:83:08:fa:94:36:c7:6e:
aa:eb:d1:11:fb:5e:e4:4e:e1:32:eb:92:97:c0:07:
57:01:be:32:3d:ed:59:40:83:83:4b:da:d2:37:f8:
36:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D3:82:95:C7:FE:13:49:06:07:A2:CD:24:2C:63:32:39:7C:49:41
X509v3 Authority Key Identifier:
keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a623a3a2f34382d3438203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:b::/48
Signature Algorithm: sha256WithRSAEncryption
4c:40:d9:b3:c0:34:84:42:04:fb:d5:05:83:74:82:69:38:8f:
c7:e4:70:8d:94:d5:f8:fa:9e:d2:ee:d9:e4:2b:4e:fa:da:8e:
44:9e:67:ac:2a:f3:2c:f6:ea:ce:96:fd:c5:95:fb:c5:2d:02:
d6:15:43:84:87:e6:9f:a3:90:cd:79:18:df:e6:1f:d2:63:5f:
f9:9a:ab:e3:05:20:8e:09:de:46:f6:54:a8:8c:d3:dd:4e:35:
70:d0:cd:8a:0d:9c:71:da:86:8a:eb:1b:a1:93:69:83:d2:df:
45:a3:51:52:bc:27:7a:90:56:6d:40:24:7f:33:05:2e:aa:f4:
1b:40:f7:0a:7a:79:48:9e:c2:9d:c3:8a:ad:aa:a5:32:c3:38:
82:5a:55:1a:c6:21:f5:df:72:81:6c:31:2e:e4:f7:88:8e:73:
ec:57:7c:36:fa:b6:4a:e5:a6:b3:59:c3:44:08:7d:ad:24:53:
d2:a6:de:6b:77:fb:4d:08:52:27:5e:b6:4b:d7:7f:94:f5:47:
07:76:c7:4b:c4:be:2b:08:fd:3b:02:d0:7b:57:4b:dd:12:0d:
76:83:1c:1f:70:ce:ff:64:bc:4f:09:52:53:c2:00:45:1b:8a:
c3:9b:26:b9:a1:8a:ef:e5:08:13:db:16:ef:54:55:13:37:00:
a1:a8:a1:4b
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgIUSYpPs3XV7TVmcEw3jFBG/+j/C5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA4MDYxMjAwMzlaFw0yNTA4MDUxMjA1MzlaMDMxMTAvBgNV
BAMTKDI5RDM4Mjk1QzdGRTEzNDkwNjA3QTJDRDI0MkM2MzMyMzk3QzQ5NDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYgmJhxN0WTlodzT32sJvCzcIt
GoEhPQX72luYcFcvl3GLIS5ZDwE2DUMv99E7Ye1wdeirw8hyjwchxuOO4ksi5qk7
XG76mwe8oK8FzJKeHBKL4Yt9zq6IcPREbrYG37QQCXvFvrUr3MUYXjkUcv7svFKH
6UFmHKqrg5wg6J4Bz8jC22iOogLeWpDmcDuw3YYgyOdvzmqr2YhCSTwZSokqnZ3r
ZcQoO3ECxMi/QROzUa1jh0/qEwLf3H9n69s1ZMN1H6W3YCkYTXOPdUgDXgjOcPR8
dM2UNapogwj6lDbHbqrr0RH7XuRO4TLrkpfAB1cBvjI97VlAg4NL2tI3+DatAgMB
AAGjggJyMIICbjAdBgNVHQ4EFgQUKdOClcf+E0kGB6LNJCxjMjl8SUEwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM0MzczMjM3MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqCmBEAAswDQYJKoZIhvcNAQELBQADggEBAExA2bPANIRCBPvVBYN0gmk4j8fk
cI2U1fj6ntLu2eQrTvrajkSeZ6wq8yz26s6W/cWV+8UtAtYVQ4SH5p+jkM15GN/m
H9JjX/maq+MFII4J3kb2VKiM091ONXDQzYoNnHHahorrG6GTaYPS30WjUVK8J3qQ
Vm1AJH8zBS6q9BtA9wp6eUiewp3Diq2qpTLDOIJaVRrGIfXfcoFsMS7k94iOc+xX
fDb6tkrlprNZw0QIfa0kU9Km3mt3+00IUidetkvXf5T1Rwd2x0vEvisI/TsC0HtX
S90SDXaDHB9wzv9kvE8JUlPCAEUbisObJrmhiu/lCBPbFu9UVRM3AKGooUs=
-----END CERTIFICATE-----
Generated at Thu Aug 29 06:12:38 2024 by rpki-client on console-ams.rpki-client.org