Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa
File: 15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa (raw, json)
Hash identifier: jy66kMG3yRFG+Us2NdiPvrAXjsMg6VS+aCMkIkFgQ4A=
Subject key identifier: 36:75:93:BB:33:BF:7D:A1:55:60:68:0F:41:9F:1F:2A:AB:42:59:21
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 02076AE681A53D92311C7190449C7EC2EDED0661
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa
Signing time: Fri 27 Sep 2024 00:00:00 +0000
ROA not before: Fri 27 Sep 2024 00:00:00 +0000
ROA not after: Fri 01 Nov 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.0.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 20:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:07:6a:e6:81:a5:3d:92:31:1c:71:90:44:9c:7e:c2:ed:ed:06:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:00:00 2024 GMT
Not After : Nov 1 23:59:59 2024 GMT
Subject: serialNumber=e9b3253d504d6555fa794b68c51d5336367613cefd1ebc027d4e01b6523ba407, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:69:46:4a:65:36:dd:ea:27:6a:34:fe:b4:33:
ce:79:c1:41:65:f5:53:79:d0:6c:f5:a3:ab:90:f2:
24:a1:0c:d7:0f:70:cc:cd:3e:30:1b:22:59:2e:e3:
1f:39:e6:fc:20:e8:d7:ab:28:5d:89:a6:fd:1b:44:
10:fe:87:3f:49:5a:cd:0d:f8:81:e5:89:a8:c4:64:
a8:4a:dc:83:05:0a:f2:37:23:f9:7f:3a:0c:89:7b:
6e:5a:e7:0c:5f:e6:a7:55:91:7a:c8:d1:10:80:8a:
cb:7c:7e:99:a1:b6:ed:8d:70:6a:c7:f4:ac:31:03:
60:1b:ad:c2:69:3b:ad:f4:bf:c8:8a:4a:43:cf:8b:
02:ac:c7:59:a8:1b:c5:2a:85:04:aa:7e:7e:1a:26:
96:66:c4:46:04:6a:ae:b1:26:9c:08:1a:c1:3f:43:
b7:bc:07:31:00:86:6b:c2:f4:c9:6a:f7:86:0c:c0:
bd:11:8f:8d:9f:5b:f1:f7:00:c6:56:2e:36:c5:6b:
ef:7d:17:b4:b5:fb:cc:49:8d:da:d2:af:96:a9:88:
82:d0:14:14:c3:b4:1f:19:78:02:34:f6:8a:18:34:
29:e8:72:eb:f1:fa:1e:39:a4:4b:7e:de:50:54:cf:
5c:e8:67:d1:ce:76:97:d0:e6:d7:be:a3:a0:77:8f:
46:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:75:93:BB:33:BF:7D:A1:55:60:68:0F:41:9F:1F:2A:AB:42:59:21
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:7a:f9:e1:fd:2e:f8:2f:e7:ce:8a:2c:77:36:d7:0e:71:b5:
51:29:1d:4c:d7:c9:3f:40:ef:2d:4e:bd:1c:17:f9:d9:08:c8:
c8:2d:17:b1:bd:bb:c8:33:be:b9:5e:1d:53:5a:fc:3b:5e:fa:
11:ac:a1:07:23:96:62:2c:5e:67:62:85:b3:d4:2f:03:3e:f3:
16:f2:f7:69:57:95:4a:b3:4c:bb:08:9b:ac:e5:7f:6c:a9:d5:
d9:41:a4:e7:30:da:a0:e6:b4:f3:2d:ef:b4:16:e1:42:c0:3c:
70:b4:c4:4e:68:1b:e0:e1:ed:ec:6f:5c:09:bb:a1:26:ff:0b:
d5:a5:4a:63:2a:29:6c:a1:6a:a2:ae:72:b5:49:3c:62:64:28:
8d:7e:65:3f:75:fc:1a:3b:f8:4d:ef:6c:ba:d4:72:4b:d0:26:
d5:38:02:36:c7:94:c7:ec:c7:5c:7a:4e:1d:b0:49:ab:42:c4:
ee:d5:ba:35:66:f1:77:2b:85:c7:c9:ef:fb:15:33:bb:13:39:
ef:d2:5b:a9:5d:4f:2b:cf:58:ee:5c:0c:36:75:b2:54:9a:be:
48:63:72:59:8a:fc:76:69:07:13:fb:d0:09:5d:ab:2c:b7:b1:
46:38:8f:4a:fa:53:6b:c0:64:5c:42:32:74:d4:34:9d:3b:00:
a9:5f:a3:07
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAgdq5oGlPZIxHHGQRJx+wu3tBmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA5MjcwMDAwMDBaFw0yNDExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YjMyNTNkNTA0ZDY1NTVmYTc5NGI2OGM1MWQ1MzM2MzY3NjEzY2VmZDFl
YmMwMjdkNGUwMWI2NTIzYmE0MDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtpRkplNt3qJ2o0/rQzznnBQWX1U3nQbPWjq5DyJKEM1w9wzM0+MBsiWS7j
Hznm/CDo16soXYmm/RtEEP6HP0lazQ34geWJqMRkqErcgwUK8jcj+X86DIl7blrn
DF/mp1WResjREICKy3x+maG27Y1wasf0rDEDYButwmk7rfS/yIpKQ8+LAqzHWagb
xSqFBKp+fhomlmbERgRqrrEmnAgawT9Dt7wHMQCGa8L0yWr3hgzAvRGPjZ9b8fcA
xlYuNsVr730XtLX7zEmN2tKvlqmIgtAUFMO0Hxl4AjT2ihg0Kehy6/H6HjmkS37e
UFTPXOhn0c52l9Dm176joHePRo0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ2dZO7
M799oVVgaA9Bnx8qq0JZITAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTViZTg0Y2EtYTllZS00NGM4LTliYWMtZmNiZTM0MTVhZTIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMAMA0G
CSqGSIb3DQEBCwUAA4IBAQAtevnh/S74L+fOiix3NtcOcbVRKR1M18k/QO8tTr0c
F/nZCMjILRexvbvIM765Xh1TWvw7XvoRrKEHI5ZiLF5nYoWz1C8DPvMW8vdpV5VK
s0y7CJus5X9sqdXZQaTnMNqg5rTzLe+0FuFCwDxwtMROaBvg4e3sb1wJu6Em/wvV
pUpjKilsoWqirnK1STxiZCiNfmU/dfwaO/hN72y61HJL0CbVOAI2x5TH7Mdcek4d
sEmrQsTu1bo1ZvF3K4XHye/7FTO7Eznv0lupXU8rz1juXAw2dbJUmr5IY3JZivx2
aQcT+9AJXasst7FGOI9K+lNrwGRcQjJ01DSdOwCpX6MH
-----END CERTIFICATE-----
Generated at Thu Oct 10 22:45:50 2024 by rpki-client on console-ams.rpki-client.org