Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/501dbaae-8f4c-4119-bba2-497c304add44.roa
File: 501dbaae-8f4c-4119-bba2-497c304add44.roa (raw, json)
Hash identifier: IuWL0Ju+VRzxtwr5GZxyZ2pDdbg16RkUqFP+iS8L878=
Subject key identifier: 6A:44:6F:EE:03:EC:34:89:DF:00:7B:E0:1C:96:D6:A0:65:D1:07:02
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 745BDD54666F34834A179A8CC51A76C3A52FFC93
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/501dbaae-8f4c-4119-bba2-497c304add44.roa
Signing time: Fri 27 Sep 2024 00:00:00 +0000
ROA not before: Fri 27 Sep 2024 00:00:00 +0000
ROA not after: Fri 01 Nov 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.0.128.0/17 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 14:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:5b:dd:54:66:6f:34:83:4a:17:9a:8c:c5:1a:76:c3:a5:2f:fc:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:00:00 2024 GMT
Not After : Nov 1 23:59:59 2024 GMT
Subject: serialNumber=d3b94f17b1f557d7877a18653c0e38d389e6f50a91b7dee3abb96fba15fe1db7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f5:18:c6:24:da:e2:c4:c1:55:60:e1:ec:a3:
b2:00:fe:11:6d:54:f5:90:08:30:b5:e6:e2:66:1c:
8f:06:8e:a3:85:9f:19:48:65:91:26:a6:b2:3c:ac:
91:bc:5f:c7:b0:9e:ea:ef:7e:81:64:b7:74:b0:bf:
42:57:01:b2:9c:6e:83:c1:2f:9f:59:b1:de:d5:f6:
dd:e5:ac:f1:97:5c:e9:16:e1:79:82:33:bd:69:09:
79:ff:40:89:cd:b3:97:50:6c:dc:e3:7d:a6:38:ca:
c2:0d:c2:8c:78:87:8a:60:61:d5:0f:17:c8:b7:67:
57:28:ba:fd:5d:af:82:cb:a6:39:14:54:0e:78:8d:
3f:28:cb:95:92:25:36:57:c7:4f:53:db:45:dd:eb:
47:b2:9c:f1:a8:33:f6:6e:eb:5a:45:cc:b7:de:2b:
c9:ff:79:e6:43:d6:bc:b1:2f:64:a1:49:cf:ce:1d:
86:51:87:b9:be:ed:45:b8:ba:55:79:41:d4:85:a8:
8e:18:6f:88:0c:82:38:42:a0:12:13:21:6e:0b:e2:
ba:6c:d2:97:c0:bb:74:38:e6:03:60:d3:66:c1:1f:
33:93:72:be:38:65:17:c4:d5:f0:8d:84:f7:f2:0f:
6a:91:6d:66:50:b3:6f:79:a1:45:41:c1:b4:58:b9:
cd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:44:6F:EE:03:EC:34:89:DF:00:7B:E0:1C:96:D6:A0:65:D1:07:02
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/501dbaae-8f4c-4119-bba2-497c304add44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.128.0/17
Signature Algorithm: sha256WithRSAEncryption
78:66:41:0a:01:1b:0a:2f:cd:29:29:d4:b6:ac:f7:54:56:bf:
42:32:a5:a1:d2:cc:86:0e:ae:1a:d9:43:63:59:d9:0a:f0:fd:
73:26:c4:f8:df:99:89:94:d2:d1:a3:09:a5:be:fe:bf:91:d6:
44:e7:3f:c9:2a:6f:a6:38:72:b5:ea:57:15:ef:ba:21:62:7b:
bc:19:bd:85:be:cb:f4:9d:1c:8d:a5:05:c2:d3:06:53:bb:3b:
0e:7c:00:a8:bc:09:a2:df:0a:7b:b7:01:2a:10:d3:05:e2:95:
33:c1:76:27:e0:fb:17:e8:9f:87:27:33:46:b0:ac:0c:15:d9:
86:44:f8:72:ec:c9:26:3e:bc:a7:03:65:20:ae:05:a3:b1:93:
94:e1:cd:bf:68:51:6d:f7:55:92:ee:ea:bf:58:54:53:8c:b1:
2f:8e:84:63:5b:48:5f:27:0a:26:6e:cc:79:7a:c9:bc:f2:06:
e9:97:4d:fa:38:b7:5e:90:12:2a:fe:1f:f7:f2:ef:50:8e:72:
63:db:27:dd:4e:dc:de:2b:f8:ce:c6:16:6c:12:ee:1f:74:68:
b2:10:d7:14:a0:da:39:23:0b:47:63:e7:e6:c7:be:97:ed:e0:
94:e1:2d:0c:de:13:fb:53:7a:65:6a:0b:a3:b3:47:2d:74:63:
fd:73:35:9d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdFvdVGZvNINKF5qMxRp2w6Uv/JMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA5MjcwMDAwMDBaFw0yNDExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzYjk0ZjE3YjFmNTU3ZDc4NzdhMTg2NTNjMGUzOGQzODllNmY1MGE5MWI3
ZGVlM2FiYjk2ZmJhMTVmZTFkYjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK31GMYk2uLEwVVg4eyjsgD+EW1U9ZAIMLXm4mYcjwaOo4WfGUhlkSamsjys
kbxfx7Ce6u9+gWS3dLC/QlcBspxug8Evn1mx3tX23eWs8Zdc6RbheYIzvWkJef9A
ic2zl1Bs3ON9pjjKwg3CjHiHimBh1Q8XyLdnVyi6/V2vgsumORRUDniNPyjLlZIl
NlfHT1PbRd3rR7Kc8agz9m7rWkXMt94ryf955kPWvLEvZKFJz84dhlGHub7tRbi6
VXlB1IWojhhviAyCOEKgEhMhbgviumzSl8C7dDjmA2DTZsEfM5NyvjhlF8TV8I2E
9/IPapFtZlCzb3mhRUHBtFi5zUMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRqRG/u
A+w0id8Ae+AcltagZdEHAjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTAxZGJhYWUtOGY0Yy00MTE5LWJiYTItNDk3YzMwNGFkZDQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzMAgDAN
BgkqhkiG9w0BAQsFAAOCAQEAeGZBCgEbCi/NKSnUtqz3VFa/QjKlodLMhg6uGtlD
Y1nZCvD9cybE+N+ZiZTS0aMJpb7+v5HWROc/ySpvpjhytepXFe+6IWJ7vBm9hb7L
9J0cjaUFwtMGU7s7DnwAqLwJot8Ke7cBKhDTBeKVM8F2J+D7F+ifhyczRrCsDBXZ
hkT4cuzJJj68pwNlIK4Fo7GTlOHNv2hRbfdVku7qv1hUU4yxL46EY1tIXycKJm7M
eXrJvPIG6ZdN+ji3XpASKv4f9/LvUI5yY9sn3U7c3iv4zsYWbBLuH3RoshDXFKDa
OSMLR2Pn5se+l+3glOEtDN4T+1N6ZWoLo7NHLXRj/XM1nQ==
-----END CERTIFICATE-----
Generated at Thu Oct 10 19:31:42 2024 by rpki-client on console-fra.rpki-client.org