Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
File: c64c4a95-84a7-4a8b-8228-9d83b2456072.roa (raw, json)
Hash identifier: 6CHqP2548iwB8PWAPSLBlcUCZrwzx6pDNuUFeXqpK5U=
Subject key identifier: 80:AF:A4:A2:44:78:F1:4C:A4:63:FD:4D:73:1A:FC:7D:D4:41:2C:FE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3E66481B7EAA6484E413007714C62CF32A4C2BB2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
Signing time: Fri 27 Sep 2024 00:00:00 +0000
ROA not before: Fri 27 Sep 2024 00:00:00 +0000
ROA not after: Fri 01 Nov 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.0.0.0/19 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 14:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:66:48:1b:7e:aa:64:84:e4:13:00:77:14:c6:2c:f3:2a:4c:2b:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:00:00 2024 GMT
Not After : Nov 1 23:59:59 2024 GMT
Subject: serialNumber=e11dccff9bac4c1c4aaaad63f86fdabc43b004ebb229faa131e8883729c0f7a3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:85:e3:a2:e9:3e:0f:4e:5d:14:bd:e3:e6:85:
c5:45:ce:17:ae:cf:af:44:70:88:d5:ba:c7:53:b1:
d1:27:f7:4a:bd:40:d7:40:a5:af:9f:fc:1c:33:9c:
f4:bf:d6:dd:bb:39:7a:bc:f9:cf:2a:37:c2:88:63:
9d:63:3b:1d:75:db:36:b2:0c:50:fa:bc:fd:2b:6c:
88:51:ee:27:7e:e2:97:fe:c9:7e:80:26:8d:40:bf:
00:f5:fa:7e:14:67:7d:9c:e3:7d:4b:8d:eb:27:59:
50:bc:78:8a:56:ab:63:98:7b:f7:61:2f:d6:c8:b0:
44:0b:32:d6:d4:b5:37:26:5f:ef:f3:23:75:38:f2:
08:03:e8:a4:dd:46:9e:a6:d0:eb:ce:0a:49:ed:67:
c5:86:32:48:b5:35:72:43:04:81:46:88:59:95:d6:
6b:e7:a8:46:bb:01:bb:20:8c:15:3b:bd:78:da:fe:
52:64:43:f4:d7:83:94:60:f5:26:7a:01:95:df:8f:
d6:c5:90:aa:5f:b4:ee:6b:41:92:1d:c3:0c:6b:5c:
0c:c1:c7:95:d4:b2:4c:28:b8:1b:ef:74:7d:ac:f2:
6c:9f:ed:c2:ce:20:eb:b7:5c:ae:66:50:e0:9f:66:
c9:97:5a:dd:14:32:21:5d:95:76:30:b1:8a:43:bd:
2c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:AF:A4:A2:44:78:F1:4C:A4:63:FD:4D:73:1A:FC:7D:D4:41:2C:FE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:02:03:6f:1f:04:38:fc:4b:7f:7b:48:7c:02:6b:5b:5f:79:
69:e1:2a:91:52:f6:4c:72:1e:55:fe:7d:fb:cb:6a:b2:c7:87:
c4:0c:50:27:89:a2:41:d3:a0:ed:cc:90:e2:77:50:f9:16:dc:
29:54:6d:fa:90:33:bb:4d:c4:e9:31:f0:d5:b0:b8:8e:6e:b5:
b2:1b:0e:fe:3a:ae:a7:b3:b2:94:9f:f6:d5:96:34:be:66:b1:
ba:f3:69:60:2f:83:16:2e:a9:19:b1:d6:0a:3b:c4:ac:2a:54:
81:63:69:fe:b2:91:c7:f0:99:5b:44:55:a5:7e:1e:b8:b4:ad:
f2:fa:e8:67:02:5c:db:29:d7:1b:30:59:99:5d:c8:78:70:4e:
44:16:7e:91:21:b4:76:01:22:13:c0:3a:b6:64:e0:3f:bf:19:
cb:92:dc:dd:e4:3c:9a:04:4b:8d:6a:85:9a:13:79:fe:d8:82:
5a:d1:ae:c9:52:bf:d1:45:2e:7f:3d:7b:30:5c:4e:46:d4:78:
92:8c:cf:55:4a:b9:d3:2f:a5:d1:6a:19:fb:9d:fe:3b:2b:ef:
37:b0:d8:fc:48:e8:f0:13:8e:b0:af:17:18:fd:d0:d9:8e:20:
ec:be:37:68:3e:4e:d3:a5:60:5c:e2:35:0e:d9:aa:06:0c:cb:
79:b1:d4:0c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPmZIG36qZITkEwB3FMYs8ypMK7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA5MjcwMDAwMDBaFw0yNDExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxMWRjY2ZmOWJhYzRjMWM0YWFhYWQ2M2Y4NmZkYWJjNDNiMDA0ZWJiMjI5
ZmFhMTMxZTg4ODM3MjljMGY3YTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyF46LpPg9OXRS94+aFxUXOF67Pr0RwiNW6x1Ox0Sf3Sr1A10Clr5/8HDOc
9L/W3bs5erz5zyo3wohjnWM7HXXbNrIMUPq8/StsiFHuJ37il/7JfoAmjUC/APX6
fhRnfZzjfUuN6ydZULx4ilarY5h792Ev1siwRAsy1tS1NyZf7/MjdTjyCAPopN1G
nqbQ684KSe1nxYYySLU1ckMEgUaIWZXWa+eoRrsBuyCMFTu9eNr+UmRD9NeDlGD1
JnoBld+P1sWQql+07mtBkh3DDGtcDMHHldSyTCi4G+90fazybJ/tws4g67dcrmZQ
4J9myZda3RQyIV2VdjCxikO9LKMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSAr6Si
RHjxTKRj/U1zGvx91EEs/jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzY0YzRhOTUtODRhNy00YThiLTgyMjgtOWQ4M2IyNDU2MDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAADAN
BgkqhkiG9w0BAQsFAAOCAQEAbQIDbx8EOPxLf3tIfAJrW195aeEqkVL2THIeVf59
+8tqsseHxAxQJ4miQdOg7cyQ4ndQ+RbcKVRt+pAzu03E6THw1bC4jm61shsO/jqu
p7OylJ/21ZY0vmaxuvNpYC+DFi6pGbHWCjvErCpUgWNp/rKRx/CZW0RVpX4euLSt
8vroZwJc2ynXGzBZmV3IeHBORBZ+kSG0dgEiE8A6tmTgP78Zy5Lc3eQ8mgRLjWqF
mhN5/tiCWtGuyVK/0UUufz17MFxORtR4kozPVUq50y+l0WoZ+53+OyvvN7DY/Ejo
8BOOsK8XGP3Q2Y4g7L43aD5O06VgXOI1DtmqBgzLebHUDA==
-----END CERTIFICATE-----
Generated at Thu Oct 10 18:39:23 2024 by rpki-client on console-ams.rpki-client.org