Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a32b75d1-fb93-459a-bd22-b8f58bccecf3.roa
File: a32b75d1-fb93-459a-bd22-b8f58bccecf3.roa (raw, json)
Hash identifier: qGgWnh4LlIfIpy7bdSBVCXsOve0rARtRJdjNmYni2wY=
Subject key identifier: 12:48:A4:64:28:0E:3A:6F:6C:F3:4F:07:68:BC:4C:C1:09:C0:DD:DF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D1295DEC8EC823A92DACF61920CC4210F09030C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a32b75d1-fb93-459a-bd22-b8f58bccecf3.roa
Signing time: Fri 27 Sep 2024 00:00:00 +0000
ROA not before: Fri 27 Sep 2024 00:00:00 +0000
ROA not after: Fri 01 Nov 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.0.128.0/17 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 14:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:12:95:de:c8:ec:82:3a:92:da:cf:61:92:0c:c4:21:0f:09:03:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:00:00 2024 GMT
Not After : Nov 1 23:59:59 2024 GMT
Subject: serialNumber=8965e9a8f68de58a8a984901b93a84d55d9799a8035b1fc21029bcc9471508d5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a7:52:64:a4:4c:9d:9c:0c:42:55:c8:dd:aa:
ff:3e:c4:a4:f9:0e:bc:30:8e:7c:92:49:64:65:ae:
1e:d1:62:11:9e:3a:f6:6c:2b:d0:c1:c0:0f:b0:fb:
9d:0a:de:67:14:59:c5:ea:82:37:30:f0:33:7d:ae:
c5:4f:26:2b:bd:14:b7:16:b0:cd:36:10:f3:c8:4e:
c9:f2:85:0c:9b:40:55:dd:55:5f:49:28:96:0f:f1:
de:ce:b9:73:30:77:52:66:4e:04:fc:bd:4b:91:c3:
e0:d3:02:68:cb:77:87:63:c0:f7:c6:84:b3:f0:5b:
e8:64:5b:fa:3b:10:1c:18:41:e9:41:5e:82:3f:78:
3e:19:13:f5:55:14:fe:ae:35:d7:4f:fa:2b:85:85:
3e:93:36:38:0a:9b:5e:11:f3:77:77:45:3d:3e:f3:
c3:b6:e7:22:03:a3:11:3b:04:92:ed:f7:a6:5d:81:
0a:da:b1:12:81:8a:d9:b1:c1:3f:88:6f:1b:4c:da:
6a:7c:03:1f:45:bc:23:5e:29:a4:8f:1f:1e:a1:e7:
50:3d:6a:14:22:4a:8a:be:3a:7f:04:b5:9f:2b:5d:
17:44:d9:05:0f:04:02:2e:95:70:da:be:1d:3c:55:
24:e0:09:00:be:8f:60:0d:87:2e:bc:6d:f1:9b:52:
9c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:48:A4:64:28:0E:3A:6F:6C:F3:4F:07:68:BC:4C:C1:09:C0:DD:DF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a32b75d1-fb93-459a-bd22-b8f58bccecf3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.128.0/17
Signature Algorithm: sha256WithRSAEncryption
58:bb:8b:b9:a8:3f:7e:44:00:64:0d:1b:aa:f0:2a:5b:eb:a8:
45:dd:21:da:e1:9b:2f:85:31:8c:47:ea:5f:8d:32:ca:13:51:
9b:8b:8a:9b:4c:10:85:cc:f4:64:dc:44:e5:42:0f:35:95:fd:
9d:02:76:23:32:c1:0b:86:36:e9:96:2c:61:b4:25:6b:54:2d:
d2:a8:c5:9d:e1:62:0c:ad:2e:28:1a:83:16:cd:f0:7f:b2:db:
5b:88:0b:66:4c:45:84:34:3d:39:d0:dc:4d:c0:82:63:3d:5a:
8b:93:60:15:50:2f:94:8f:00:1d:bf:01:77:71:4f:a0:18:e1:
86:c3:24:e5:c1:b6:ba:f0:65:85:37:91:fa:08:47:65:26:68:
a1:2a:93:e1:d7:ad:e6:d0:a8:7c:75:61:ca:4a:5a:3c:f8:88:
75:57:b2:dd:d4:a7:bc:8f:58:61:d0:0e:4d:22:7f:63:a0:e8:
39:0e:85:08:f2:a8:d8:a4:ff:6e:37:9c:4b:b5:46:0f:3b:70:
88:94:02:6e:17:8b:f0:51:c3:0b:4e:46:42:17:60:42:de:cf:
ff:66:ae:6e:ff:5a:90:4d:89:42:2d:00:15:25:da:e6:4b:31:
2b:d1:ed:cd:1d:12:60:80:62:90:0a:65:ce:7d:33:b4:4f:53:
27:54:16:d4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTRKV3sjsgjqS2s9hkgzEIQ8JAwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA5MjcwMDAwMDBaFw0yNDExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5NjVlOWE4ZjY4ZGU1OGE4YTk4NDkwMWI5M2E4NGQ1NWQ5Nzk5YTgwMzVi
MWZjMjEwMjliY2M5NDcxNTA4ZDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKunUmSkTJ2cDEJVyN2q/z7EpPkOvDCOfJJJZGWuHtFiEZ469mwr0MHAD7D7
nQreZxRZxeqCNzDwM32uxU8mK70UtxawzTYQ88hOyfKFDJtAVd1VX0kolg/x3s65
czB3UmZOBPy9S5HD4NMCaMt3h2PA98aEs/Bb6GRb+jsQHBhB6UFegj94PhkT9VUU
/q4110/6K4WFPpM2OAqbXhHzd3dFPT7zw7bnIgOjETsEku33pl2BCtqxEoGK2bHB
P4hvG0zaanwDH0W8I14ppI8fHqHnUD1qFCJKir46fwS1nytdF0TZBQ8EAi6VcNq+
HTxVJOAJAL6PYA2HLrxt8ZtSnHsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQSSKRk
KA46b2zzTwdovEzBCcDd3zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTMyYjc1ZDEtZmI5My00NTlhLWJkMjItYjhmNThiY2NlY2YzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzMAgDAN
BgkqhkiG9w0BAQsFAAOCAQEAWLuLuag/fkQAZA0bqvAqW+uoRd0h2uGbL4UxjEfq
X40yyhNRm4uKm0wQhcz0ZNxE5UIPNZX9nQJ2IzLBC4Y26ZYsYbQla1Qt0qjFneFi
DK0uKBqDFs3wf7LbW4gLZkxFhDQ9OdDcTcCCYz1ai5NgFVAvlI8AHb8Bd3FPoBjh
hsMk5cG2uvBlhTeR+ghHZSZooSqT4det5tCofHVhykpaPPiIdVey3dSnvI9YYdAO
TSJ/Y6DoOQ6FCPKo2KT/bjecS7VGDztwiJQCbheL8FHDC05GQhdgQt7P/2aubv9a
kE2JQi0AFSXa5ksxK9HtzR0SYIBikAplzn0ztE9TJ1QW1A==
-----END CERTIFICATE-----
Generated at Thu Oct 10 19:31:42 2024 by rpki-client on console-fra.rpki-client.org