Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: BqXfdzAnYHQkOaChPU+Q8FO7M4klbSyznz59DJGsBa4=
Subject key identifier: 05:DE:C5:F6:88:07:1B:4C:BB:CB:D4:96:31:CD:80:2C:10:DD:36:C4
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 4C6F4AED9D19BE081590F44F4A0308D6A1AA3946
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa
Signing time: Sun 28 Jul 2024 16:46:38 +0000
ROA not before: Sun 28 Jul 2024 16:41:38 +0000
ROA not after: Sun 27 Jul 2025 16:46:38 +0000
asID: 0
IP address blocks: 2a07:54c5::/32 maxlen: 32
2a07:54c5:a007::/48 maxlen: 48
2a07:54c5:a008::/48 maxlen: 48
2a07:54c5:b00b::/48 maxlen: 48
2a07:54c5:beee::/48 maxlen: 48
2a07:54c5:cafe::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Aug 2024 03:46:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:6f:4a:ed:9d:19:be:08:15:90:f4:4f:4a:03:08:d6:a1:aa:39:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Jul 28 16:41:38 2024 GMT
Not After : Jul 27 16:46:38 2025 GMT
Subject: CN=05DEC5F688071B4CBBCBD49631CD802C10DD36C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0f:18:5c:4d:67:1e:57:70:76:60:1c:db:6b:
47:1b:74:6d:af:36:73:92:3d:63:08:c9:53:d3:1f:
bf:85:20:f8:48:20:be:e3:ff:ae:c0:0a:7e:5f:4b:
5c:28:30:96:5d:24:e2:25:bf:16:32:ae:7f:67:9f:
0a:dd:fb:73:36:00:22:35:66:89:20:1d:a5:48:bf:
0d:3f:0a:b4:c3:01:c0:b3:ea:8f:8b:ad:8d:53:f5:
94:3a:90:26:dc:c1:09:c4:52:0a:0d:19:7d:a7:c4:
a1:b1:f9:97:9d:83:45:ec:12:9b:72:3f:9e:13:d0:
84:ed:89:b8:77:c0:89:6d:cc:ac:4e:d0:36:fe:8c:
ee:b3:75:18:00:df:14:b2:a9:8a:a5:ec:e4:68:56:
91:70:f0:9e:50:70:a6:20:21:ef:a5:e3:cd:45:f0:
c1:ae:45:0d:2e:37:c9:01:ff:7f:c3:aa:bd:c0:29:
b1:4c:fd:a1:68:17:f8:d1:7f:ce:e0:05:66:b9:35:
61:dd:52:46:c8:7c:16:45:66:ea:05:77:70:a6:30:
96:c0:44:bb:d0:29:4a:eb:2f:93:60:b9:c9:f8:8b:
ae:3c:e4:4f:46:0c:33:85:13:d0:02:e1:e5:e9:c3:
cc:5e:7c:e1:c5:be:73:23:0b:9e:32:3b:39:4f:5d:
46:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DE:C5:F6:88:07:1B:4C:BB:CB:D4:96:31:CD:80:2C:10:DD:36:C4
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c5::/32
Signature Algorithm: sha256WithRSAEncryption
32:3c:f4:7a:e5:c9:9e:4c:e2:3f:26:84:8e:fb:b6:56:69:8b:
ce:b3:e4:f1:36:14:0a:e6:09:09:7a:b6:fb:b7:db:90:72:6b:
54:55:07:31:0d:dd:db:0f:bf:0b:ab:3c:fe:64:fd:1c:23:c0:
96:3f:e9:c9:3c:46:78:b2:10:e7:72:5c:98:69:fd:39:42:e7:
a2:d3:af:8f:11:c5:b9:2e:e6:22:29:22:60:86:af:27:f3:94:
22:60:79:ad:37:2c:34:d3:97:85:f1:76:94:b7:2e:21:7e:1d:
36:53:a2:4b:58:07:ad:52:57:80:6e:48:1d:bf:38:c1:c1:e5:
21:10:f4:59:26:b6:87:02:16:d2:a5:a7:31:2a:81:c4:11:4b:
59:47:23:94:a9:9b:54:83:f2:10:01:64:a3:70:3d:db:41:79:
ec:54:b4:93:6d:ef:1f:a1:c9:5b:04:6e:f6:5d:9b:9e:1a:35:
3b:93:5c:7a:f2:c5:e1:d9:5a:94:d3:39:d4:62:2b:56:53:b7:
05:e0:36:2b:43:92:15:8b:dc:05:ab:c0:ed:b5:f4:eb:95:a7:
be:e5:aa:cb:47:97:5e:7e:ff:b7:5e:a7:6a:8f:e0:94:d5:c6:
ed:17:1d:70:4f:2f:5e:c9:8d:52:d3:93:ff:37:23:f7:fd:7e:
94:5d:31:52
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUTG9K7Z0ZvggVkPRPSgMI1qGqOUYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA3MjgxNjQxMzhaFw0yNTA3MjcxNjQ2MzhaMDMxMTAvBgNV
BAMTKDA1REVDNUY2ODgwNzFCNENCQkNCRDQ5NjMxQ0Q4MDJDMTBERDM2QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCDxhcTWceV3B2YBzba0cbdG2v
NnOSPWMIyVPTH7+FIPhIIL7j/67ACn5fS1woMJZdJOIlvxYyrn9nnwrd+3M2ACI1
ZokgHaVIvw0/CrTDAcCz6o+LrY1T9ZQ6kCbcwQnEUgoNGX2nxKGx+Zedg0XsEpty
P54T0ITtibh3wIltzKxO0Db+jO6zdRgA3xSyqYql7ORoVpFw8J5QcKYgIe+l481F
8MGuRQ0uN8kB/3/Dqr3AKbFM/aFoF/jRf87gBWa5NWHdUkbIfBZFZuoFd3CmMJbA
RLvQKUrrL5Ngucn4i6485E9GDDOFE9AC4eXpw8xefOHFvnMjC54yOzlPXUZ9AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUBd7F9ogHG0y7y9SWMc2ALBDdNsQwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoHVMUwDQYJ
KoZIhvcNAQELBQADggEBADI89HrlyZ5M4j8mhI77tlZpi86z5PE2FArmCQl6tvu3
25Bya1RVBzEN3dsPvwurPP5k/RwjwJY/6ck8RniyEOdyXJhp/TlC56LTr48Rxbku
5iIpImCGryfzlCJgea03LDTTl4XxdpS3LiF+HTZToktYB61SV4BuSB2/OMHB5SEQ
9FkmtocCFtKlpzEqgcQRS1lHI5Spm1SD8hABZKNwPdtBeexUtJNt7x+hyVsEbvZd
m54aNTuTXHryxeHZWpTTOdRiK1ZTtwXgNitDkhWL3AWrwO219OuVp77lqstHl15+
/7dep2qP4JTVxu0XHXBPL17JjVLTk/83I/f9fpRdMVI=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:25:29 2025 by rpki-client