Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/326130363a313238333a623130303a3a2f34302d3438203d3e20323136303532.roa
File: 326130363a313238333a623130303a3a2f34302d3438203d3e20323136303532.roa (raw, json)
Hash identifier: AfWimQNZoroLH+rtzJiyp8Ebr+IKKbMjXBPHHiKywUk=
Subject key identifier: E6:FE:CE:DB:6C:98:F3:A1:8A:50:0C:D7:CF:4C:1F:69:87:AC:8C:18
Certificate issuer: /CN=3986DB54152486D65338415899DEAD95A067B25E
Certificate serial: 7ECC193857FC710FC4AFB5C0FF3207371B6BE16B
Authority key identifier: 39:86:DB:54:15:24:86:D6:53:38:41:58:99:DE:AD:95:A0:67:B2:5E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/3986DB54152486D65338415899DEAD95A067B25E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/326130363a313238333a623130303a3a2f34302d3438203d3e20323136303532.roa
Signing time: Mon 13 Nov 2023 16:11:43 +0000
ROA not before: Mon 13 Nov 2023 16:06:43 +0000
ROA not after: Mon 11 Nov 2024 16:11:43 +0000
asID: 216052
IP address blocks: 2a06:1283:b100::/40 maxlen: 48
Validation: Failed, certificate revoked on Sun 28 Apr 2024 20:44:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:cc:19:38:57:fc:71:0f:c4:af:b5:c0:ff:32:07:37:1b:6b:e1:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3986DB54152486D65338415899DEAD95A067B25E
Validity
Not Before: Nov 13 16:06:43 2023 GMT
Not After : Nov 11 16:11:43 2024 GMT
Subject: CN=E6FECEDB6C98F3A18A500CD7CF4C1F6987AC8C18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6d:49:56:56:13:b6:17:71:dc:24:e8:66:47:
b0:de:df:c1:db:8c:a8:c3:e0:7b:cf:97:e8:12:60:
c8:d1:3d:56:36:ca:24:52:88:56:4f:e4:82:4e:4a:
51:08:93:0a:08:de:31:09:83:66:d8:86:9f:e6:07:
9f:0b:f7:70:b3:0e:ba:ed:ec:d5:de:34:2d:88:53:
11:fd:c6:54:b7:f8:1b:35:3a:0d:67:d1:15:42:4f:
46:23:ee:aa:75:59:ff:74:2c:e6:02:48:54:d7:e8:
b4:44:68:c7:66:92:3a:b6:0b:38:69:2d:fd:60:28:
11:60:e1:39:db:0a:ec:ac:0f:59:97:46:19:3f:ff:
20:38:3d:68:a9:b7:b4:1b:b0:6c:8f:cf:17:41:98:
32:1d:1a:e8:2f:22:fb:d3:f6:e8:69:0c:6a:20:d3:
e4:83:8b:3c:09:2b:59:12:a0:c3:b8:4c:93:f9:5e:
86:d8:73:dd:ef:d3:4e:26:21:d2:1d:13:6e:fc:c9:
c7:d7:27:bf:fb:ca:93:53:1e:4f:b1:34:93:c2:3f:
e1:ec:4b:14:46:91:f0:ed:b8:03:81:87:d2:a7:86:
5c:6e:88:97:49:2d:35:ab:ad:68:17:9c:89:d9:9e:
a8:d0:9b:fe:af:a3:14:74:6d:07:b6:10:89:0c:09:
11:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:FE:CE:DB:6C:98:F3:A1:8A:50:0C:D7:CF:4C:1F:69:87:AC:8C:18
X509v3 Authority Key Identifier:
keyid:39:86:DB:54:15:24:86:D6:53:38:41:58:99:DE:AD:95:A0:67:B2:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/3986DB54152486D65338415899DEAD95A067B25E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/3986DB54152486D65338415899DEAD95A067B25E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/326130363a313238333a623130303a3a2f34302d3438203d3e20323136303532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1283:b100::/40
Signature Algorithm: sha256WithRSAEncryption
2c:83:f0:13:d7:49:bd:e5:ae:83:69:6c:1d:2d:0c:9e:04:e2:
4f:4e:84:ff:df:d4:7e:bb:6b:d0:df:ff:72:b1:e9:37:a2:5e:
ac:ad:5b:fa:5b:6b:d3:f7:3f:ba:ca:f0:69:a7:83:85:fe:8b:
f9:f8:79:57:cc:24:06:ea:d4:88:ec:cd:4a:c3:53:5e:7f:52:
d8:44:ce:f3:27:35:eb:a5:f2:c9:0a:3b:42:0e:be:cf:70:35:
56:75:db:99:71:7b:32:77:1d:ad:56:33:c7:bf:6e:7b:24:d5:
fa:3c:fc:08:71:b9:cf:19:28:e2:63:2b:0f:0f:53:6a:6c:ae:
c5:ce:98:54:b4:75:b2:45:55:7a:f7:45:b4:e1:e8:04:88:72:
f5:22:16:74:e2:1b:74:bb:cf:85:86:5a:06:9b:02:0b:e1:82:
6b:29:7a:82:43:5b:63:25:53:cc:6c:27:6e:8c:d0:f4:55:63:
e0:87:24:4c:1b:81:c0:d4:a2:e1:f0:04:53:47:f2:2e:10:57:
15:25:07:49:23:bb:9d:b7:2b:30:0f:40:11:90:46:9d:1d:94:
67:ea:39:cb:0c:7b:ae:98:3f:9d:eb:b6:de:cc:3b:10:c4:db:
e5:aa:d8:e3:42:4b:df:9f:ad:7b:e7:73:13:30:96:44:cc:98:
8c:dc:e1:f8
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUfswZOFf8cQ/Er7XA/zIHNxtr4WswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzk4NkRCNTQxNTI0ODZENjUzMzg0MTU4OTlERUFEOTVB
MDY3QjI1RTAeFw0yMzExMTMxNjA2NDNaFw0yNDExMTExNjExNDNaMDMxMTAvBgNV
BAMTKEU2RkVDRURCNkM5OEYzQTE4QTUwMENEN0NGNEMxRjY5ODdBQzhDMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4bUlWVhO2F3HcJOhmR7De38Hb
jKjD4HvPl+gSYMjRPVY2yiRSiFZP5IJOSlEIkwoI3jEJg2bYhp/mB58L93CzDrrt
7NXeNC2IUxH9xlS3+Bs1Og1n0RVCT0Yj7qp1Wf90LOYCSFTX6LREaMdmkjq2Czhp
Lf1gKBFg4TnbCuysD1mXRhk//yA4PWipt7QbsGyPzxdBmDIdGugvIvvT9uhpDGog
0+SDizwJK1kSoMO4TJP5XobYc93v004mIdIdE278ycfXJ7/7ypNTHk+xNJPCP+Hs
SxRGkfDtuAOBh9KnhlxuiJdJLTWrrWgXnInZnqjQm/6voxR0bQe2EIkMCREnAgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQU5v7O22yY86GKUAzXz0wfaYesjBgwHwYDVR0j
BBgwFoAUOYbbVBUkhtZTOEFYmd6tlaBnsl4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmNhODExZjgtZDA3NS00ZTUwLTliYmYtN2IyZDA5MDcx
NjhmLzIvMzk4NkRCNTQxNTI0ODZENjUzMzg0MTU4OTlERUFEOTVBMDY3QjI1RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvMzk4NkRCNTQxNTI0ODZENjUzMzg0MTU4OTlERUFEOTVBMDY3
QjI1RS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmNhODExZjgt
ZDA3NS00ZTUwLTliYmYtN2IyZDA5MDcxNjhmLzIvMzI2MTMwMzYzYTMxMzIzODMz
M2E2MjMxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNjMwMzUzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoGEoOxMA0GCSqGSIb3DQEBCwUAA4IBAQAsg/AT10m95a6DaWwd
LQyeBOJPToT/39R+u2vQ3/9ysek3ol6srVv6W2vT9z+6yvBpp4OF/ov5+HlXzCQG
6tSI7M1Kw1Nef1LYRM7zJzXrpfLJCjtCDr7PcDVWdduZcXsydx2tVjPHv257JNX6
PPwIcbnPGSjiYysPD1NqbK7FzphUtHWyRVV690W04egEiHL1IhZ04ht0u8+FhloG
mwIL4YJrKXqCQ1tjJVPMbCdujND0VWPghyRMG4HA1KLh8ARTR/IuEFcVJQdJI7ud
tyswD0ARkEadHZRn6jnLDHuumD+d67bezDsQxNvlqtjjQkvfn61753MTMJZEzJiM
3OH4
-----END CERTIFICATE-----
Generated at Sun Apr 28 21:21:26 2024 by rpki-client on console-fra.rpki-client.org