Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
File: 0f648163-e886-4951-999f-6a050d9c305f.roa (raw, json)
Hash identifier: MDeAUEdkuq8LBlPsr7M8pb/fNWrr2cAzO8jLjb5GyrQ=
Subject key identifier: 67:37:EB:ED:BA:FA:CC:87:E2:ED:1A:DF:8B:94:0D:C7:29:93:FD:D9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F6663240BF91224467F115E128EAEC55A3A966E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
Signing time: Fri 27 Sep 2024 00:00:00 +0000
ROA not before: Fri 27 Sep 2024 00:00:00 +0000
ROA not after: Fri 01 Nov 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 20:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:66:63:24:0b:f9:12:24:46:7f:11:5e:12:8e:ae:c5:5a:3a:96:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:00:00 2024 GMT
Not After : Nov 1 23:59:59 2024 GMT
Subject: serialNumber=10f21f1e313beacdf07101b4bf703af7df90f8ce9d1483a2bbfe9f31b1e1a52f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0a:1c:bd:ff:a5:48:80:7f:e8:d6:d9:dd:ae:
4a:59:d1:ac:29:04:d1:57:47:7c:6d:e5:4d:19:c7:
6d:1f:44:82:03:6c:37:5b:f9:fc:74:4b:6d:a1:dc:
16:18:4c:52:ce:1e:b2:7e:ce:88:78:d0:59:12:5f:
02:c2:31:55:5d:b4:47:84:4a:95:fe:fc:c7:80:eb:
72:45:fb:ad:ac:58:15:58:27:12:28:09:fd:2d:9c:
c7:90:d2:e5:6f:25:61:bb:0e:ca:15:77:ee:aa:00:
2e:9d:e6:4f:cb:42:26:84:72:4d:b3:df:82:08:dc:
6b:ce:6e:c0:77:34:c4:ba:7d:83:17:bb:8c:62:01:
43:93:02:2c:e3:7e:fe:4f:8c:76:6e:c8:5b:cc:fb:
14:3b:37:45:c9:f8:a1:43:41:13:f5:09:0f:25:80:
f1:a6:6d:05:2c:ba:75:24:2e:2b:19:74:4f:cb:91:
fc:77:e7:f8:3e:e6:86:39:99:0d:33:c4:84:09:cf:
f4:24:d6:93:c3:90:25:47:8d:23:7c:df:1d:5d:32:
06:da:e2:d8:73:d6:b0:56:9a:04:a2:af:49:c7:5d:
ee:4d:87:6f:a7:7b:b0:43:56:4c:8e:5e:f8:9b:a9:
65:13:f9:2d:75:64:ab:1b:9a:e4:4a:eb:a9:13:5f:
c9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:37:EB:ED:BA:FA:CC:87:E2:ED:1A:DF:8B:94:0D:C7:29:93:FD:D9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f648163-e886-4951-999f-6a050d9c305f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:e3:a8:8a:d0:ab:50:38:6d:63:6d:74:2d:23:57:b6:97:81:
3f:55:b6:15:99:2c:ff:cf:b5:1e:55:84:ce:a6:9f:04:e3:c9:
b6:aa:eb:40:d1:6f:e1:00:65:54:87:2e:f3:aa:c6:69:f8:db:
db:e7:5f:33:4c:99:1c:6e:ee:32:7c:f5:b8:28:4f:13:e5:ea:
b0:c4:d5:a1:60:22:af:9d:86:c3:ef:dd:93:47:c2:f8:d0:d5:
be:95:1a:87:11:f7:19:b0:9a:89:c5:79:33:a8:e0:d7:7f:d8:
64:9e:f7:c6:05:18:a0:9d:2d:2d:f4:30:f8:5f:35:19:c6:19:
e1:ca:a0:4b:20:c5:fb:de:3d:81:d7:3d:84:20:c7:8a:29:a0:
31:15:28:23:9d:67:48:8e:27:af:77:f0:e7:2f:00:73:1e:00:
0d:57:2b:b5:33:2c:ff:8d:1b:2b:ae:51:2c:61:a1:84:15:fb:
9f:b0:2e:1c:a9:e4:e5:3d:23:a9:4d:b8:60:ed:b8:87:cc:22:
34:e9:eb:52:da:47:05:f1:54:e5:ca:49:8d:42:70:a8:bc:b7:
9e:b1:96:f5:e4:89:72:90:8c:77:0b:b5:1d:5d:c6:83:4b:b7:
10:94:43:48:62:a8:04:cb:ad:69:b4:6d:7a:8e:24:fe:37:fd:
35:16:2b:7a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP2ZjJAv5EiRGfxFeEo6uxVo6lm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA5MjcwMDAwMDBaFw0yNDExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwZjIxZjFlMzEzYmVhY2RmMDcxMDFiNGJmNzAzYWY3ZGY5MGY4Y2U5ZDE0
ODNhMmJiZmU5ZjMxYjFlMWE1MmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEKHL3/pUiAf+jW2d2uSlnRrCkE0VdHfG3lTRnHbR9EggNsN1v5/HRLbaHc
FhhMUs4esn7OiHjQWRJfAsIxVV20R4RKlf78x4DrckX7raxYFVgnEigJ/S2cx5DS
5W8lYbsOyhV37qoALp3mT8tCJoRyTbPfggjca85uwHc0xLp9gxe7jGIBQ5MCLON+
/k+Mdm7IW8z7FDs3Rcn4oUNBE/UJDyWA8aZtBSy6dSQuKxl0T8uR/Hfn+D7mhjmZ
DTPEhAnP9CTWk8OQJUeNI3zfHV0yBtri2HPWsFaaBKKvScdd7k2Hb6d7sENWTI5e
+JupZRP5LXVkqxua5ErrqRNfyXMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRnN+vt
uvrMh+LtGt+LlA3HKZP92TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGY2NDgxNjMtZTg4Ni00OTUxLTk5OWYtNmEwNTBkOWMzMDVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMAMA0G
CSqGSIb3DQEBCwUAA4IBAQCf46iK0KtQOG1jbXQtI1e2l4E/VbYVmSz/z7UeVYTO
pp8E48m2qutA0W/hAGVUhy7zqsZp+Nvb518zTJkcbu4yfPW4KE8T5eqwxNWhYCKv
nYbD792TR8L40NW+lRqHEfcZsJqJxXkzqODXf9hknvfGBRignS0t9DD4XzUZxhnh
yqBLIMX73j2B1z2EIMeKKaAxFSgjnWdIjievd/DnLwBzHgANVyu1Myz/jRsrrlEs
YaGEFfufsC4cqeTlPSOpTbhg7biHzCI06etS2kcF8VTlykmNQnCovLeesZb15Ily
kIx3C7UdXcaDS7cQlENIYqgEy61ptG16jiT+N/01Fit6
-----END CERTIFICATE-----
Generated at Thu Oct 10 21:18:41 2024 by rpki-client on console-fra.rpki-client.org