Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS203635.roa
File: AS203635.roa (raw, json)
Hash identifier: e0ETm+a9im9BSxJoERiHHXdlhPQ2o8uJOhg1qgdpcVQ=
Subject key identifier: 67:0F:A3:99:1E:ED:28:32:64:63:0C:64:4D:43:78:D8:F2:F3:A6:E2
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 2554497632C00CA91A77269AD46B63BACC159883
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS203635.roa
Signing time: Tue 25 Jun 2024 20:57:12 +0000
ROA not before: Tue 25 Jun 2024 20:52:12 +0000
ROA not after: Tue 24 Jun 2025 20:57:12 +0000
asID: 203635
IP address blocks: 2a07:54c4:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Jun 2024 17:28:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:54:49:76:32:c0:0c:a9:1a:77:26:9a:d4:6b:63:ba:cc:15:98:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Jun 25 20:52:12 2024 GMT
Not After : Jun 24 20:57:12 2025 GMT
Subject: CN=670FA3991EED283264630C644D4378D8F2F3A6E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:10:5b:dd:c0:ad:6c:be:d6:65:7b:83:16:32:
17:1b:ae:63:a3:a1:95:08:e6:9c:f1:32:85:50:61:
c2:fa:ba:e5:d4:97:e6:ab:eb:73:28:a2:93:ba:8d:
b4:5e:1b:ff:21:d0:68:30:8a:45:8c:6e:ae:72:b2:
f4:97:ff:d0:6c:d6:80:dc:ad:51:0b:2b:29:b7:0d:
c9:96:6a:7f:b4:e3:72:22:f7:1b:a6:5d:a0:34:c9:
8d:0d:40:ce:14:c4:ad:c5:c5:06:ed:b8:5f:95:1f:
1d:14:67:6f:87:73:f8:c6:46:0c:2b:99:61:20:c5:
2d:56:42:47:a7:ae:87:c9:08:0a:62:15:c7:c7:4a:
12:7f:d9:7f:27:ea:e3:70:d9:cb:5f:16:58:2c:b5:
5f:59:4e:7d:e2:03:cc:e7:ae:1b:2c:b7:d0:8f:44:
ef:09:6a:4a:47:ce:29:14:91:4a:f3:ba:8b:58:84:
84:88:35:15:98:0c:85:a0:a1:54:9d:ab:63:77:ea:
0e:6c:dc:93:b0:a0:41:a8:d2:ed:92:0a:db:c0:bc:
96:1a:f6:bc:7d:d3:b9:59:6f:22:53:77:fc:6d:eb:
98:b3:b8:10:fa:3b:6e:28:b7:43:14:05:e8:e8:5c:
52:4a:4f:03:ae:33:74:2d:63:46:84:43:f2:aa:f8:
6c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:0F:A3:99:1E:ED:28:32:64:63:0C:64:4D:43:78:D8:F2:F3:A6:E2
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS203635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c4:3::/48
Signature Algorithm: sha256WithRSAEncryption
03:7f:0b:95:ed:b9:a7:05:92:22:eb:da:04:90:8c:08:49:8f:
cf:60:08:2f:d6:55:4a:be:a8:5c:f2:9f:8a:81:4f:06:37:34:
c8:f0:7c:bb:a0:2c:74:ed:a8:e9:98:23:61:ba:43:8d:4f:cd:
24:34:f8:ae:a1:b9:f4:55:b7:36:4c:5f:56:04:ea:0a:d1:bc:
e2:2d:7d:de:a3:82:e9:f4:bd:89:92:7e:21:74:b8:aa:20:c8:
cc:71:9a:42:b1:80:db:a5:55:8c:e4:de:a6:27:19:c1:78:c4:
2a:2a:0e:c8:c7:09:0a:6f:f6:8a:4c:ea:71:38:b7:b3:25:e7:
cd:01:99:cc:b4:50:25:62:08:25:92:c4:41:c0:16:8a:93:23:
26:b7:c5:74:a0:49:76:39:0e:b6:41:16:62:a1:c2:df:28:63:
5d:15:51:c6:22:db:86:88:12:0a:7f:69:f6:c3:26:f3:8c:d3:
08:c6:8b:62:08:c8:b2:b4:31:8b:db:ec:e7:b2:a1:86:54:e1:
0b:c7:92:23:7d:5f:e4:49:a0:af:f3:94:85:fc:41:06:6f:69:
3f:db:d4:9f:30:ac:f6:8c:9a:43:ad:d7:79:9a:19:7e:5b:bb:
73:61:25:f6:f2:06:29:e3:64:d6:5d:0b:80:2d:24:3d:b7:33:
e4:44:71:e2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJVRJdjLADKkadyaa1GtjuswVmIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA2MjUyMDUyMTJaFw0yNTA2MjQyMDU3MTJaMDMxMTAvBgNV
BAMTKDY3MEZBMzk5MUVFRDI4MzI2NDYzMEM2NDRENDM3OEQ4RjJGM0E2RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4EFvdwK1svtZle4MWMhcbrmOj
oZUI5pzxMoVQYcL6uuXUl+ar63MoopO6jbReG/8h0GgwikWMbq5ysvSX/9Bs1oDc
rVELKym3DcmWan+043Ii9xumXaA0yY0NQM4UxK3FxQbtuF+VHx0UZ2+Hc/jGRgwr
mWEgxS1WQkenrofJCApiFcfHShJ/2X8n6uNw2ctfFlgstV9ZTn3iA8znrhsst9CP
RO8JakpHzikUkUrzuotYhISINRWYDIWgoVSdq2N36g5s3JOwoEGo0u2SCtvAvJYa
9rx907lZbyJTd/xt65izuBD6O24ot0MUBejoXFJKTwOuM3QtY0aEQ/Kq+GxLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZw+jmR7tKDJkYwxkTUN42PLzpuIwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjAzNjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
xAADMA0GCSqGSIb3DQEBCwUAA4IBAQADfwuV7bmnBZIi69oEkIwISY/PYAgv1lVK
vqhc8p+KgU8GNzTI8Hy7oCx07ajpmCNhukONT80kNPiuobn0Vbc2TF9WBOoK0bzi
LX3eo4Lp9L2Jkn4hdLiqIMjMcZpCsYDbpVWM5N6mJxnBeMQqKg7IxwkKb/aKTOpx
OLezJefNAZnMtFAlYgglksRBwBaKkyMmt8V0oEl2OQ62QRZiocLfKGNdFVHGItuG
iBIKf2n2wybzjNMIxotiCMiytDGL2+znsqGGVOELx5IjfV/kSaCv85SF/EEGb2k/
29SfMKz2jJpDrdd5mhl+W7tzYSX28gYp42TWXQuALSQ9tzPkRHHi
-----END CERTIFICATE-----
Generated at Wed Jun 26 22:31:08 2024 by rpki-client on console-fra.rpki-client.org