Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS19620.roa
File: AS19620.roa (raw, json)
Hash identifier: WBM3BdG8H1qZhZBrmXAc7Nb6ynyX/Be2UbNKW28DdcE=
Subject key identifier: 52:36:24:3C:84:FA:67:31:E3:EA:C1:16:F9:4C:FF:77:CC:C5:67:70
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 703D67928A17B733836D2A1DE21D12A958B04117
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS19620.roa
Signing time: Sat 13 Jan 2024 15:46:22 +0000
ROA not before: Sat 13 Jan 2024 15:41:22 +0000
ROA not after: Sat 11 Jan 2025 15:46:22 +0000
asID: 19620
IP address blocks: 2a07:54c3::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 30 Jan 2024 17:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:3d:67:92:8a:17:b7:33:83:6d:2a:1d:e2:1d:12:a9:58:b0:41:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Jan 13 15:41:22 2024 GMT
Not After : Jan 11 15:46:22 2025 GMT
Subject: CN=5236243C84FA6731E3EAC116F94CFF77CCC56770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:69:34:c3:e4:e4:4a:5c:70:24:1e:ea:06:07:
a7:c9:b9:97:19:ab:bf:8d:4f:d1:6f:2a:16:16:2c:
94:72:90:5f:37:2f:75:c3:ba:a8:a8:2e:4e:0f:fa:
d9:7f:e1:a0:58:84:b2:19:2e:19:7e:74:c2:39:4a:
d4:c1:40:75:f7:27:48:63:4e:9a:84:e3:19:64:12:
30:a3:79:e5:8b:7f:b2:c8:35:e3:02:97:db:a5:6b:
a8:ec:04:45:00:74:f9:ad:fd:2b:1c:31:5f:03:1b:
21:a0:e1:08:8c:66:07:4d:8b:38:1b:52:e9:57:e0:
9d:a6:67:69:a0:8e:0e:e3:23:e3:5c:cc:5a:c7:c6:
13:7a:0d:ab:23:41:eb:d9:26:fd:37:c5:20:b5:bb:
59:8f:17:23:6b:17:2c:11:fb:42:e1:57:f7:fa:95:
74:7b:2f:2b:4a:a4:e8:5a:ff:a5:b5:11:21:2a:cc:
7c:d6:a8:37:94:d2:c7:ea:38:4b:ca:42:0c:d9:a0:
0a:67:29:a1:8b:b2:7e:b5:73:6d:50:27:43:02:38:
f4:63:49:eb:b0:d2:8b:9a:29:8b:9e:01:eb:b3:5f:
12:17:16:9b:6b:a2:51:dc:c8:22:1a:76:c9:2e:8d:
f7:82:e1:d1:b3:24:61:ac:1b:86:27:5b:80:26:52:
c3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:36:24:3C:84:FA:67:31:E3:EA:C1:16:F9:4C:FF:77:CC:C5:67:70
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS19620.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c3::/32
Signature Algorithm: sha256WithRSAEncryption
32:80:00:95:13:b0:70:14:fc:ea:9b:41:13:39:ee:69:57:de:
10:5b:0b:f6:a3:85:08:dc:c7:6a:75:89:32:ba:39:22:3a:a1:
36:e3:cb:c3:51:f4:6d:eb:b8:cd:97:41:16:fb:bd:43:34:9e:
12:33:f6:15:c8:71:27:17:12:40:e7:a4:9f:b2:5a:b1:43:12:
40:51:52:60:76:60:d5:63:5d:13:dd:f1:01:49:95:94:a2:6d:
5c:23:98:6d:18:ea:10:a0:b0:45:53:ee:09:d3:64:47:83:74:
3a:6f:d3:3c:08:9c:c1:aa:f2:31:2e:da:62:0b:91:3c:73:93:
a1:6e:45:f0:03:9d:c7:7e:d9:f6:a3:38:1e:78:b5:46:a7:0f:
11:87:06:53:7f:a3:ba:c4:26:27:df:59:01:9c:e4:58:b3:33:
b4:13:60:94:8a:f5:80:fd:92:08:0b:86:8f:1e:ba:33:13:26:
9b:6f:2e:b2:e1:09:7f:1d:a8:1e:73:9a:75:ee:2c:0f:d4:72:
95:13:46:d3:59:8b:25:c9:96:61:83:dd:37:26:ca:02:17:79:
55:7a:24:cd:1e:dd:c4:23:90:98:41:fe:06:74:42:47:ed:6f:
b2:30:65:cc:b5:95:e5:28:d1:07:16:51:b3:3f:83:80:d2:aa:
d3:3e:e5:56
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUcD1nkooXtzODbSod4h0SqViwQRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDAxMTMxNTQxMjJaFw0yNTAxMTExNTQ2MjJaMDMxMTAvBgNV
BAMTKDUyMzYyNDNDODRGQTY3MzFFM0VBQzExNkY5NENGRjc3Q0NDNTY3NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCaTTD5ORKXHAkHuoGB6fJuZcZ
q7+NT9FvKhYWLJRykF83L3XDuqioLk4P+tl/4aBYhLIZLhl+dMI5StTBQHX3J0hj
TpqE4xlkEjCjeeWLf7LINeMCl9ula6jsBEUAdPmt/SscMV8DGyGg4QiMZgdNizgb
UulX4J2mZ2mgjg7jI+NczFrHxhN6DasjQevZJv03xSC1u1mPFyNrFywR+0LhV/f6
lXR7LytKpOha/6W1ESEqzHzWqDeU0sfqOEvKQgzZoApnKaGLsn61c21QJ0MCOPRj
Seuw0ouaKYueAeuzXxIXFptrolHcyCIadskujfeC4dGzJGGsG4YnW4AmUsMxAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUUjYkPIT6ZzHj6sEW+Uz/d8zFZ3AwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTk2MjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqB1TD
MA0GCSqGSIb3DQEBCwUAA4IBAQAygACVE7BwFPzqm0ETOe5pV94QWwv2o4UI3Mdq
dYkyujkiOqE248vDUfRt67jNl0EW+71DNJ4SM/YVyHEnFxJA56SfslqxQxJAUVJg
dmDVY10T3fEBSZWUom1cI5htGOoQoLBFU+4J02RHg3Q6b9M8CJzBqvIxLtpiC5E8
c5OhbkXwA53Hftn2ozgeeLVGpw8RhwZTf6O6xCYn31kBnORYszO0E2CUivWA/ZII
C4aPHrozEyabby6y4Ql/Hagec5p17iwP1HKVE0bTWYslyZZhg903JsoCF3lVeiTN
Ht3EI5CYQf4GdEJH7W+yMGXMtZXlKNEHFlGzP4OA0qrTPuVW
-----END CERTIFICATE-----
Generated at Tue Jan 30 20:33:58 2024 by rpki-client on console-fra.rpki-client.org