Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a643030303a3a2f33362d3336203d3e203437323732.roa
File: 326130613a363034343a643030303a3a2f33362d3336203d3e203437323732.roa (raw, json)
Hash identifier: s9wcXg1mygD61rIZvbG5tJjVmUkfTSxvXgvoqX21Et8=
Subject key identifier: 66:EA:E3:F3:E4:B6:51:35:5C:F2:74:57:43:BA:75:A6:0A:A3:DD:51
Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial: 657E7C87A9A6AB66E120BB9EE3B81C77650B9BA7
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a643030303a3a2f33362d3336203d3e203437323732.roa
Signing time: Thu 11 Apr 2024 18:02:06 +0000
ROA not before: Thu 11 Apr 2024 17:57:06 +0000
ROA not after: Thu 10 Apr 2025 18:02:06 +0000
asID: 47272
IP address blocks: 2a0a:6044:d000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 22 May 2024 17:17:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:7e:7c:87:a9:a6:ab:66:e1:20:bb:9e:e3:b8:1c:77:65:0b:9b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Validity
Not Before: Apr 11 17:57:06 2024 GMT
Not After : Apr 10 18:02:06 2025 GMT
Subject: CN=66EAE3F3E4B651355CF2745743BA75A60AA3DD51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:01:fa:50:e2:04:f4:cf:39:5f:81:c5:0b:c0:
8b:f8:d5:64:81:d2:35:8e:5d:3e:c1:3e:51:b6:22:
f5:cc:08:b0:1f:7e:fd:38:b3:b5:31:9e:0e:f0:23:
97:81:78:77:82:05:95:6e:2b:96:44:75:08:27:aa:
31:ea:e6:62:b0:77:ed:43:9c:99:fd:d7:40:58:44:
16:db:94:54:09:13:58:03:09:3b:95:2d:58:75:b9:
fc:97:79:b5:de:03:46:e9:11:84:72:1c:22:36:34:
08:30:13:ec:59:c8:fa:9b:49:ea:56:de:3b:dc:6f:
52:97:7c:73:22:f0:72:a7:b5:92:76:ef:e0:ea:d3:
d2:e0:cf:50:07:a0:f5:13:0d:92:f9:5c:70:f9:d1:
bd:ab:03:7a:51:ab:28:84:75:fa:9f:73:e4:45:63:
57:8b:d8:30:71:fe:34:db:b4:7c:3d:54:d8:70:f4:
29:e3:c9:87:56:8e:0c:38:f3:c9:8e:87:0b:12:29:
61:25:29:cb:c9:82:70:2b:63:31:77:d2:cb:1e:5c:
57:c1:3a:1e:b7:e3:d1:be:47:2b:0c:11:07:c5:4b:
f3:36:57:ca:ca:15:50:43:97:80:9a:d1:5b:c6:c0:
37:7b:b0:3b:26:eb:40:f7:57:5f:52:c8:76:d8:a4:
20:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:EA:E3:F3:E4:B6:51:35:5C:F2:74:57:43:BA:75:A6:0A:A3:DD:51
X509v3 Authority Key Identifier:
keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a643030303a3a2f33362d3336203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:d000::/36
Signature Algorithm: sha256WithRSAEncryption
95:14:4e:74:d7:25:7c:54:d4:9e:2d:4a:cb:21:5f:27:af:f0:
f4:7d:44:9f:ac:9c:5a:0d:85:3c:36:59:15:48:9e:17:a2:d9:
22:96:31:aa:97:ab:78:90:a9:f9:36:76:bd:da:7a:5f:b9:67:
2d:84:13:25:56:03:9e:e1:d0:3a:6f:aa:d7:4c:94:4f:7d:55:
da:db:ce:ed:6b:bf:4e:16:97:70:be:10:f2:d5:8e:b0:f2:ad:
da:1c:3b:67:3e:6a:67:02:06:64:9a:ed:c4:23:36:02:d3:69:
1d:4f:48:c9:83:44:3c:11:ce:fd:4f:22:93:16:af:7f:14:76:
87:78:b2:53:e4:45:f0:08:32:c5:7b:0f:b5:ce:56:7a:44:45:
77:44:31:07:3d:5a:7c:e4:3c:8a:8f:a3:1e:14:fb:89:68:99:
49:aa:7d:72:28:ac:6b:cb:dd:1f:2c:0a:74:f6:db:a6:e4:bb:
04:c4:3d:07:21:93:27:81:6d:5c:4d:28:39:31:f7:d9:28:24:
39:9e:8d:7a:f1:eb:5c:c7:cc:08:26:c3:9b:49:51:0d:ce:54:
9e:49:04:29:35:71:c6:0c:3c:65:5d:1e:87:c4:35:a3:73:77:
d0:f7:07:f6:8e:08:0a:9f:84:49:51:b8:e5:db:71:27:8f:f8:
5c:17:9f:cf
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUZX58h6mmq2bhILue47gcd2ULm6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA0MTExNzU3MDZaFw0yNTA0MTAxODAyMDZaMDMxMTAvBgNV
BAMTKDY2RUFFM0YzRTRCNjUxMzU1Q0YyNzQ1NzQzQkE3NUE2MEFBM0RENTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3AfpQ4gT0zzlfgcULwIv41WSB
0jWOXT7BPlG2IvXMCLAffv04s7Uxng7wI5eBeHeCBZVuK5ZEdQgnqjHq5mKwd+1D
nJn910BYRBbblFQJE1gDCTuVLVh1ufyXebXeA0bpEYRyHCI2NAgwE+xZyPqbSepW
3jvcb1KXfHMi8HKntZJ27+Dq09Lgz1AHoPUTDZL5XHD50b2rA3pRqyiEdfqfc+RF
Y1eL2DBx/jTbtHw9VNhw9CnjyYdWjgw488mOhwsSKWElKcvJgnArYzF30sseXFfB
Oh6349G+RysMEQfFS/M2V8rKFVBDl4Ca0VvGwDd7sDsm60D3V19SyHbYpCDTAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUZurj8+S2UTVc8nRXQ7p1pgqj3VEwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2NDMwMzAzMDNhM2EyZjMzMzYyZDMzMzYyMDNkM2UyMDM0MzczMjM3MzIucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgQqCmBE0DANBgkqhkiG9w0BAQsFAAOCAQEAlRROdNclfFTUni1KyyFf
J6/w9H1En6ycWg2FPDZZFUieF6LZIpYxqpereJCp+TZ2vdp6X7lnLYQTJVYDnuHQ
Om+q10yUT31V2tvO7Wu/ThaXcL4Q8tWOsPKt2hw7Zz5qZwIGZJrtxCM2AtNpHU9I
yYNEPBHO/U8ikxavfxR2h3iyU+RF8AgyxXsPtc5WekRFd0QxBz1afOQ8io+jHhT7
iWiZSap9ciisa8vdHywKdPbbpuS7BMQ9ByGTJ4FtXE0oOTH32SgkOZ6NevHrXMfM
CCbDm0lRDc5UnkkEKTVxxgw8ZV0eh8Q1o3N30PcH9o4ICp+ESVG45dtxJ4/4XBef
zw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:11 2024 by rpki-client on console-fra.rpki-client.org