Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7df85c95-e0fa-41de-aaf6-6af8d04e1250.roa
File: 7df85c95-e0fa-41de-aaf6-6af8d04e1250.roa (raw, json)
Hash identifier: tkSN/SygvE8AKBq3as9k+V2hq2F5zGxS3NCpOp7XycE=
Subject key identifier: 52:E8:42:33:F0:32:6A:86:28:EB:27:80:15:F8:E0:CA:F5:56:91:7A
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 65FB1AE098B4C7DF809E71C0B233697B4234342C
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7df85c95-e0fa-41de-aaf6-6af8d04e1250.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f002:c000::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Jan 2025 23:38:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:fb:1a:e0:98:b4:c7:df:80:9e:71:c0:b2:33:69:7b:42:34:34:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: serialNumber=40b01459fce9a96b08bb240416ba869aa6af0490b219e743bd393a8f46333b3c, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d2:93:8f:69:2e:d0:2b:45:65:c9:37:af:6f:
ab:80:5c:89:57:88:d7:70:68:d3:3e:c7:81:76:76:
86:20:34:e8:72:1d:ce:ee:b3:61:dc:d4:1f:8e:6e:
28:3a:bc:9a:d0:1f:16:bd:96:ec:50:aa:ac:90:85:
e6:bb:82:fb:2e:b6:27:1e:ed:45:77:7f:56:05:ab:
3f:60:a1:25:b7:27:35:7e:29:f5:19:2a:8b:0d:69:
ac:56:34:ed:07:e7:8f:a6:f6:38:c5:12:3f:6f:95:
ed:48:d5:89:91:18:3a:9b:da:66:10:1f:95:0c:23:
20:eb:d5:1c:18:ef:9e:1b:1b:f1:68:bb:93:fb:1d:
fd:47:89:80:58:c1:45:f5:0d:bb:0b:e8:2f:f8:d2:
f6:8b:c2:f9:5a:af:fd:db:f4:63:fb:21:ea:b1:63:
59:f9:c6:f4:13:8e:ef:25:10:5b:e8:b8:2f:c4:63:
47:52:14:44:31:c9:e5:07:d0:5b:d6:03:6e:94:53:
3a:96:bf:b9:d6:40:b5:18:99:47:6f:85:53:85:c1:
c6:80:7e:6f:e2:eb:e5:23:96:ee:91:25:04:8b:e9:
25:45:34:87:bf:52:a9:0c:2b:d7:0c:69:de:5a:ad:
09:f5:87:1e:d4:71:8b:00:18:83:92:01:9c:81:d3:
c4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E8:42:33:F0:32:6A:86:28:EB:27:80:15:F8:E0:CA:F5:56:91:7A
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7df85c95-e0fa-41de-aaf6-6af8d04e1250.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f002:c000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:39:ec:a2:5a:a9:f7:6f:0a:6c:cb:c9:1c:3a:a8:e4:39:23:
ed:e4:02:ec:e7:73:a1:47:83:91:8e:25:7a:32:5b:59:fa:47:
f0:06:b8:35:40:90:7f:51:1a:72:f1:37:59:18:b0:1b:98:8d:
77:21:a2:12:ed:21:f6:e2:17:f5:5b:e2:d1:28:a8:b1:39:72:
df:64:87:db:30:e3:0c:d0:c4:3e:e2:9c:98:20:cf:bf:c4:82:
4a:bc:5e:08:a3:a4:4b:d9:63:ca:99:d5:83:75:78:2f:cc:84:
56:11:f5:12:5d:3e:00:03:34:cd:91:28:13:b4:39:6b:d0:13:
0f:36:14:81:5d:ed:55:7b:fc:92:ac:8e:26:f9:d7:08:cc:09:
7a:66:54:bb:36:4f:6b:d9:8b:06:ec:71:dc:d3:cb:8b:38:7e:
98:83:d2:49:dc:34:a3:4f:c4:e6:10:51:29:e1:e2:58:a8:ec:
d4:43:09:e3:bf:ba:80:9e:01:48:8e:25:d3:b4:c9:77:a8:1c:
a6:c8:a1:61:65:a1:68:83:9f:41:1c:73:6f:04:4c:73:bd:d5:
b9:da:ec:61:eb:b0:45:1e:e3:1b:5c:16:9a:73:99:01:c6:51:
5d:f3:9a:01:83:ba:d6:fe:49:f6:1f:d1:b9:28:a0:0d:17:74:
4c:69:c1:e1
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUZfsa4Ji0x9+AnnHAsjNpe0I0NCwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQxMjIwMDAwMDAwWhcNMjUwMTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MGIwMTQ1OWZjZTlhOTZiMDhiYjI0MDQxNmJhODY5YWE2
YWYwNDkwYjIxOWU3NDNiZDM5M2E4ZjQ2MzMzYjNjMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCc0pOPaS7QK0VlyTevb6uAXIlXiNdwaNM+x4F2doYgNOhy
Hc7us2Hc1B+Obig6vJrQHxa9luxQqqyQhea7gvsutice7UV3f1YFqz9goSW3JzV+
KfUZKosNaaxWNO0H54+m9jjFEj9vle1I1YmRGDqb2mYQH5UMIyDr1RwY754bG/Fo
u5P7Hf1HiYBYwUX1DbsL6C/40vaLwvlar/3b9GP7IeqxY1n5xvQTju8lEFvouC/E
Y0dSFEQxyeUH0FvWA26UUzqWv7nWQLUYmUdvhVOFwcaAfm/i6+Ujlu6RJQSL6SVF
NIe/UqkMK9cMad5arQn1hx7UcYsAGIOSAZyB08QLAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUUuhCM/AyaoYo6yeAFfjgyvVWkXowHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzdkZjg1Yzk1LWUwZmEtNDFkZS1hYWY2LTZhZjhkMDRlMTI1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPACwDANBgkqhkiG9w0BAQsFAAOCAQEAXjnsolqp928KbMvJHDqo5Dkj
7eQC7OdzoUeDkY4lejJbWfpH8Aa4NUCQf1EacvE3WRiwG5iNdyGiEu0h9uIX9Vvi
0SiosTly32SH2zDjDNDEPuKcmCDPv8SCSrxeCKOkS9ljypnVg3V4L8yEVhH1El0+
AAM0zZEoE7Q5a9ATDzYUgV3tVXv8kqyOJvnXCMwJemZUuzZPa9mLBuxx3NPLizh+
mIPSSdw0o0/E5hBRKeHiWKjs1EMJ47+6gJ4BSI4l07TJd6gcpsihYWWhaIOfQRxz
bwRMc73VudrsYeuwRR7jG1wWmnOZAcZRXfOaAYO61v5J9h/RuSigDRd0TGnB4Q==
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org