Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
File: 5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa (raw, json)
Hash identifier: ftgSxHOJFfCQbpBmpuIoeG8CmhuPxz2dTIyoM+M1DTY=
Subject key identifier: 3C:D6:21:64:3A:09:65:0D:8E:66:4C:22:11:77:6C:EE:E5:80:D2:F4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F7F99F23F59B8CC428F44C9EA44ECB5F527D74F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
Signing time: Fri 27 Sep 2024 00:00:00 +0000
ROA not before: Fri 27 Sep 2024 00:00:00 +0000
ROA not after: Fri 01 Nov 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.0.0/15 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 14:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:7f:99:f2:3f:59:b8:cc:42:8f:44:c9:ea:44:ec:b5:f5:27:d7:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:00:00 2024 GMT
Not After : Nov 1 23:59:59 2024 GMT
Subject: serialNumber=ef68728924fb0e7f62bf8249a212c931c16631af6f04e3b1dcb89f44449c28ed, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:16:a4:4d:04:22:7c:ed:f7:10:aa:69:e3:ee:
48:02:ec:1a:0c:65:fe:82:f3:69:15:e1:1a:3b:fb:
87:be:ed:ff:8d:f7:83:87:95:f8:c1:f4:54:92:3b:
28:ca:80:49:82:28:76:c8:af:28:d2:96:f2:2f:1c:
2d:3d:1c:af:3c:e4:fe:1c:60:06:f9:08:6b:2d:6a:
13:0d:02:2b:71:11:01:c2:2d:bb:e7:72:13:97:82:
90:ac:89:1d:e3:0b:c0:d7:eb:1a:61:42:06:2a:e0:
20:46:88:61:a7:9b:92:df:e0:ef:6f:74:52:ca:b7:
14:3c:8f:57:96:a1:af:4f:3c:b4:3b:d4:1f:11:93:
be:e3:61:7a:c7:fd:e9:f9:e1:89:cf:10:b3:7b:7b:
79:96:83:7f:ee:cb:ab:eb:19:91:44:4e:29:62:e0:
92:0f:9f:13:04:47:e6:6c:45:c3:22:ca:c9:da:fd:
40:fd:1e:06:04:3a:1c:2a:7d:82:ba:8f:d5:a7:6f:
e3:66:12:2f:82:56:04:0a:37:b5:00:57:12:fd:ff:
a1:6f:d1:2a:b1:ad:49:1f:fe:38:6d:bf:b7:7d:51:
c0:55:cc:e4:9e:d6:60:10:ac:84:c7:d2:54:4d:9b:
ce:e4:c4:b1:63:b5:11:98:86:2d:f3:ad:cb:af:e8:
b6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D6:21:64:3A:09:65:0D:8E:66:4C:22:11:77:6C:EE:E5:80:D2:F4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2a:aa:e8:64:f6:3d:ba:97:e6:3f:f0:c0:d0:89:bd:40:db:13:
45:26:01:f2:71:69:d7:aa:aa:0b:6f:d4:64:e0:8f:a8:44:e0:
16:c6:a5:84:a9:35:d2:cf:c1:26:3a:1e:68:d8:c2:0c:16:ac:
33:28:1e:74:4c:42:aa:d8:bb:69:e7:f3:71:5b:ee:ab:01:96:
32:e0:be:29:e9:d9:7a:9f:79:97:f5:f4:bc:8e:14:82:84:20:
71:3d:ac:04:cc:07:fd:54:e5:de:59:32:ce:f7:df:d8:20:c5:
2f:6c:ff:4b:b7:1f:8b:ad:4d:bf:07:16:34:38:94:6b:bf:01:
48:9b:db:80:60:84:0b:04:74:fb:51:a4:66:18:07:a1:e1:ca:
0d:d0:51:75:ee:1b:79:a9:6c:ef:e3:71:07:ec:ec:ae:46:f4:
fa:0d:35:f7:d5:72:12:2d:33:da:a6:d5:04:7b:77:fb:d3:56:
d5:d6:82:f1:e8:38:ff:3d:fe:6a:28:59:b7:19:ac:96:25:e5:
99:f3:23:d1:1d:73:24:90:69:c2:53:09:54:12:0f:63:66:db:
52:81:cf:d5:63:49:63:ba:3c:8d:a5:20:5c:6f:99:78:21:78:
c6:79:46:bb:84:d9:fa:88:b2:1d:75:3c:ff:e5:65:95:49:18:
51:ac:cf:d0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL3+Z8j9ZuMxCj0TJ6kTstfUn108wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA5MjcwMDAwMDBaFw0yNDExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmNjg3Mjg5MjRmYjBlN2Y2MmJmODI0OWEyMTJjOTMxYzE2NjMxYWY2ZjA0
ZTNiMWRjYjg5ZjQ0NDQ5YzI4ZWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJMWpE0EInzt9xCqaePuSALsGgxl/oLzaRXhGjv7h77t/433g4eV+MH0VJI7
KMqASYIodsivKNKW8i8cLT0crzzk/hxgBvkIay1qEw0CK3ERAcItu+dyE5eCkKyJ
HeMLwNfrGmFCBirgIEaIYaebkt/g7290Usq3FDyPV5ahr088tDvUHxGTvuNhesf9
6fnhic8Qs3t7eZaDf+7Lq+sZkUROKWLgkg+fEwRH5mxFwyLKydr9QP0eBgQ6HCp9
grqP1adv42YSL4JWBAo3tQBXEv3/oW/RKrGtSR/+OG2/t31RwFXM5J7WYBCshMfS
VE2bzuTEsWO1EZiGLfOty6/otscCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ81iFk
OgllDY5mTCIRd2zu5YDS9DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWNjZjA1YTgtYjRmZS00ZTJjLTlhZDItNzMzYTMzMDI5ZTIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPgMA0G
CSqGSIb3DQEBCwUAA4IBAQAqquhk9j26l+Y/8MDQib1A2xNFJgHycWnXqqoLb9Rk
4I+oROAWxqWEqTXSz8EmOh5o2MIMFqwzKB50TEKq2Ltp5/NxW+6rAZYy4L4p6dl6
n3mX9fS8jhSChCBxPawEzAf9VOXeWTLO99/YIMUvbP9Ltx+LrU2/BxY0OJRrvwFI
m9uAYIQLBHT7UaRmGAeh4coN0FF17ht5qWzv43EH7OyuRvT6DTX31XISLTPaptUE
e3f701bV1oLx6Dj/Pf5qKFm3GayWJeWZ8yPRHXMkkGnCUwlUEg9jZttSgc/VY0lj
ujyNpSBcb5l4IXjGeUa7hNn6iLIddTz/5WWVSRhRrM/Q
-----END CERTIFICATE-----
Generated at Thu Oct 10 18:39:23 2024 by rpki-client on console-ams.rpki-client.org