Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130393a353463363a613030303a3a2f33362d3434203d3e20323132313238.roa
File: 326130393a353463363a613030303a3a2f33362d3434203d3e20323132313238.roa (raw, json)
Hash identifier: rxjbTGZWL+fbBDg5t9ypY/X0tP2VgldmSiVbsfpY8vA=
Subject key identifier: 6B:35:62:92:E7:AD:71:FA:36:A3:AD:1D:FD:47:97:27:8F:1F:98:4C
Certificate issuer: /CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Certificate serial: 4D12B64D049DDD5377571F556D86CC32AC8BB38D
Authority key identifier: CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130393a353463363a613030303a3a2f33362d3434203d3e20323132313238.roa
Signing time: Thu 10 Apr 2025 20:13:30 +0000
ROA not before: Thu 10 Apr 2025 20:08:30 +0000
ROA not after: Thu 09 Apr 2026 20:13:30 +0000
asID: 212128
IP address blocks: 2a09:54c6:a000::/36 maxlen: 44
Validation: Failed, certificate revoked on Tue 22 Apr 2025 14:54:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:12:b6:4d:04:9d:dd:53:77:57:1f:55:6d:86:cc:32:ac:8b:b3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Validity
Not Before: Apr 10 20:08:30 2025 GMT
Not After : Apr 9 20:13:30 2026 GMT
Subject: CN=6B356292E7AD71FA36A3AD1DFD4797278F1F984C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:13:3e:88:9e:36:17:b2:6d:f5:3f:e1:f3:84:
dc:e4:09:16:8b:3a:07:0f:30:6e:fe:bb:77:73:aa:
e2:96:d3:ee:48:b8:63:2e:4a:78:15:a3:5d:aa:d1:
70:74:b4:7d:9a:89:25:aa:52:5d:75:74:37:d8:2d:
c9:06:c0:5f:27:43:6f:7e:93:b9:77:5b:dd:1c:5f:
41:b5:d2:bd:62:9a:4c:e8:de:ae:4d:47:28:ec:8c:
01:36:1e:6f:1a:ea:38:bd:fb:5d:75:f3:a6:8d:b8:
c7:e8:51:6e:26:d8:97:79:7f:39:d7:42:60:47:96:
36:b9:16:b2:8a:24:ba:24:60:86:d7:94:7e:b7:14:
e4:7d:8e:28:40:d4:13:07:6d:dd:2e:6a:1b:d6:f2:
f1:60:3b:5a:a9:b1:a2:89:0c:31:11:ad:1a:84:43:
4e:c3:02:39:84:e8:9a:96:49:55:1f:76:34:d4:d7:
73:3c:9d:5d:fd:ce:5f:da:c6:ab:6b:b0:d5:43:14:
17:ac:08:e9:b8:0e:dc:ca:6b:95:e3:55:a8:6c:26:
fa:2b:15:67:2f:02:0e:07:46:ef:d2:9b:3c:52:06:
4e:1c:21:ba:b4:91:55:34:89:23:0d:de:95:e7:9c:
5a:56:45:e8:03:c1:41:dd:1f:3e:75:c4:9b:fa:b3:
68:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:35:62:92:E7:AD:71:FA:36:A3:AD:1D:FD:47:97:27:8F:1F:98:4C
X509v3 Authority Key Identifier:
keyid:CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130393a353463363a613030303a3a2f33362d3434203d3e20323132313238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:54c6:a000::/36
Signature Algorithm: sha256WithRSAEncryption
71:51:67:e9:9f:25:fe:31:33:f7:2f:1c:da:86:61:74:bf:47:
07:d7:36:12:64:c6:b1:5c:24:e2:cc:00:52:06:b3:6e:1a:21:
47:51:7f:c5:95:16:f6:0a:51:31:e1:8c:ff:4b:e1:99:d2:7a:
6c:2e:4f:36:ea:3e:1a:6c:f6:73:55:a0:36:fa:47:bc:5a:33:
5c:bf:e9:b9:7d:25:79:65:92:f5:2a:ad:7a:3f:8e:af:61:12:
ee:63:88:ce:15:10:e8:70:b7:18:a0:23:a0:e2:d7:89:54:26:
16:d5:fe:b0:33:2b:e1:77:5b:ab:b2:90:ef:4c:fd:a1:23:60:
f3:40:e2:9e:13:c2:6d:0c:28:70:bb:ba:ca:4c:d9:d4:c2:78:
3e:06:8e:3a:48:c8:02:68:9e:b8:3c:84:b8:14:69:b4:50:42:
20:af:2d:9b:c7:94:a6:c4:b3:45:89:08:0a:69:18:7d:01:77:
5f:11:35:ef:01:70:ea:d1:bd:f1:fd:90:78:ec:8f:8e:4b:5f:
f6:16:90:e1:13:11:75:a2:56:96:e5:8d:64:5f:09:1b:4a:e1:
fd:b1:66:23:3a:9c:00:59:73:d8:08:a3:ef:a7:13:7a:63:e8:
70:c4:fe:2c:06:b7:dc:57:04:e9:4d:4d:38:f8:4a:7a:49:52:
bc:72:b8:6a
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUTRK2TQSd3VN3Vx9VbYbMMqyLs40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMx
OEMyM0IzNjAeFw0yNTA0MTAyMDA4MzBaFw0yNjA0MDkyMDEzMzBaMDMxMTAvBgNV
BAMTKDZCMzU2MjkyRTdBRDcxRkEzNkEzQUQxREZENDc5NzI3OEYxRjk4NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKEz6InjYXsm31P+HzhNzkCRaL
OgcPMG7+u3dzquKW0+5IuGMuSngVo12q0XB0tH2aiSWqUl11dDfYLckGwF8nQ29+
k7l3W90cX0G10r1imkzo3q5NRyjsjAE2Hm8a6ji9+11186aNuMfoUW4m2Jd5fznX
QmBHlja5FrKKJLokYIbXlH63FOR9jihA1BMHbd0uahvW8vFgO1qpsaKJDDERrRqE
Q07DAjmE6JqWSVUfdjTU13M8nV39zl/axqtrsNVDFBesCOm4DtzKa5XjVahsJvor
FWcvAg4HRu/SmzxSBk4cIbq0kVU0iSMN3pXnnFpWRegDwUHdHz51xJv6s2gPAgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQUazVikuetcfo2o60d/UeXJ48fmEwwHwYDVR0j
BBgwFoAUzNXTvklFb31ItzIQKciG8xjCOzYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjc5NDg3MzgtMzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5
OTVkLzMvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMyM0IzNi5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMy
M0IzNi5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjc5NDg3Mzgt
MzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5OTVkLzMvMzI2MTMwMzkzYTM1MzQ2MzM2
M2E2MTMwMzAzMDNhM2EyZjMzMzYyZDM0MzQyMDNkM2UyMDMyMzEzMjMxMzIzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGBCoJVMagMA0GCSqGSIb3DQEBCwUAA4IBAQBxUWfpnyX+MTP3Lxza
hmF0v0cH1zYSZMaxXCTizABSBrNuGiFHUX/FlRb2ClEx4Yz/S+GZ0npsLk826j4a
bPZzVaA2+ke8WjNcv+m5fSV5ZZL1Kq16P46vYRLuY4jOFRDocLcYoCOg4teJVCYW
1f6wMyvhd1urspDvTP2hI2DzQOKeE8JtDChwu7rKTNnUwng+Bo46SMgCaJ64PIS4
FGm0UEIgry2bx5SmxLNFiQgKaRh9AXdfETXvAXDq0b3x/ZB47I+OS1/2FpDhExF1
olaW5Y1kXwkbSuH9sWYjOpwAWXPYCKPvpxN6Y+hwxP4sBrfcVwTpTU04+Ep6SVK8
crhq
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:37:47 2025 by rpki-client