Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d18fde79-f555-4173-b698-355d8129ae53.roa
File: d18fde79-f555-4173-b698-355d8129ae53.roa (raw, json)
Hash identifier: u/C5sBrXP4zolx1n7ha6fEOV/cPTrBA2C+3vjuTl5DY=
Subject key identifier: C0:0E:61:33:68:48:4E:F0:17:39:22:54:A4:9C:6D:8B:2F:8E:BD:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A0AF31CD4FF3A172848174FCBDB5A7AC9B67858
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d18fde79-f555-4173-b698-355d8129ae53.roa
Signing time: Fri 27 Sep 2024 00:00:00 +0000
ROA not before: Fri 27 Sep 2024 00:00:00 +0000
ROA not after: Fri 01 Nov 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.0.0/19 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 14:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:0a:f3:1c:d4:ff:3a:17:28:48:17:4f:cb:db:5a:7a:c9:b6:78:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:00:00 2024 GMT
Not After : Nov 1 23:59:59 2024 GMT
Subject: serialNumber=f37ac8111973880f70bbad7c2b5f8e48e4ccc7ab746e0c146d89dafa51b01cb1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a8:71:f6:56:5b:5d:69:2b:7b:a8:98:69:20:
7f:48:51:0b:e8:10:fe:10:09:fb:4c:86:a4:84:a1:
c3:0d:8b:3e:b4:25:9e:24:e3:5a:08:b7:5a:a8:01:
aa:fc:4f:31:db:a1:ef:e1:a5:bc:f8:67:25:b2:31:
70:53:79:ba:2c:26:da:ab:68:2c:13:6d:db:b0:42:
12:bd:c4:ee:0a:2b:b7:6e:fe:00:22:60:bf:22:df:
98:50:e1:9b:44:5e:3e:1b:38:4d:a2:48:f2:6f:64:
52:aa:51:c5:be:8f:10:a3:a7:26:0d:ef:25:e3:45:
99:fd:b8:50:ba:71:4d:64:24:d6:d3:1f:5e:65:c4:
1e:de:e9:b4:4e:21:cd:fd:cd:5d:8e:0c:95:af:73:
f0:be:5f:ec:3a:6a:0d:a3:90:1c:f6:1c:26:23:6b:
e8:1f:5e:30:2f:41:f1:90:f5:55:59:da:42:f5:7e:
53:7d:3c:b2:ac:cb:81:8b:28:18:96:c8:0e:c1:6a:
35:05:4f:d7:73:5c:71:53:3d:2f:a9:ba:aa:46:54:
b9:b9:47:5e:31:c8:ca:13:a4:e6:3f:9c:64:f2:d4:
9e:a5:70:7c:87:70:cf:b5:82:ce:a3:78:81:9e:92:
fd:79:e7:60:65:95:9c:df:8b:67:3e:e6:21:fb:c6:
f0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:0E:61:33:68:48:4E:F0:17:39:22:54:A4:9C:6D:8B:2F:8E:BD:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d18fde79-f555-4173-b698-355d8129ae53.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/19
Signature Algorithm: sha256WithRSAEncryption
92:30:35:8d:1b:86:33:3f:4f:cb:b2:60:ff:40:94:22:da:58:
8a:f7:90:0a:44:c5:79:dc:10:d4:05:27:e4:32:13:35:74:ed:
78:c5:df:83:a3:29:5b:29:df:2c:25:f9:7c:2c:43:42:94:b0:
e4:40:6b:15:36:64:81:ff:32:00:74:f8:85:34:4c:cd:dc:48:
4d:22:b0:c7:7b:eb:29:3a:11:6b:38:47:d5:ef:22:6c:29:ee:
de:61:52:65:40:a1:cd:77:d1:e6:06:c0:3a:33:3e:17:5e:7b:
b8:fb:25:b6:38:94:26:58:91:c0:2f:56:79:e2:f0:43:1f:df:
5b:37:56:44:8e:55:13:d5:d9:04:8d:bc:aa:3e:fd:44:7f:39:
13:2d:a7:2a:f5:5a:04:f8:6f:12:25:b2:43:22:90:b0:99:73:
03:5b:12:78:eb:aa:0c:e6:41:d8:a5:fd:04:7c:85:43:71:f8:
66:39:1c:00:7a:ab:84:2f:9c:1d:d2:34:66:3d:8e:52:34:84:
11:86:56:d7:11:2c:2a:1a:99:c1:1c:78:83:3c:a7:3e:93:5e:
fd:a1:1c:e4:3a:8b:7a:63:e1:54:66:30:c4:e0:6e:92:46:2e:
69:01:3f:55:e8:c0:8a:d7:2d:d5:2c:f4:02:f0:f5:35:93:a9:
84:a2:8e:10
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUegrzHNT/OhcoSBdPy9taesm2eFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA5MjcwMDAwMDBaFw0yNDExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzN2FjODExMTk3Mzg4MGY3MGJiYWQ3YzJiNWY4ZTQ4ZTRjY2M3YWI3NDZl
MGMxNDZkODlkYWZhNTFiMDFjYjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGocfZWW11pK3uomGkgf0hRC+gQ/hAJ+0yGpIShww2LPrQlniTjWgi3WqgB
qvxPMduh7+GlvPhnJbIxcFN5uiwm2qtoLBNt27BCEr3E7gort27+ACJgvyLfmFDh
m0RePhs4TaJI8m9kUqpRxb6PEKOnJg3vJeNFmf24ULpxTWQk1tMfXmXEHt7ptE4h
zf3NXY4Mla9z8L5f7DpqDaOQHPYcJiNr6B9eMC9B8ZD1VVnaQvV+U308sqzLgYso
GJbIDsFqNQVP13NccVM9L6m6qkZUublHXjHIyhOk5j+cZPLUnqVwfIdwz7WCzqN4
gZ6S/XnnYGWVnN+LZz7mIfvG8I8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTADmEz
aEhO8Bc5IlSknG2LL469tTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDE4ZmRlNzktZjU1NS00MTczLWI2OTgtMzU1ZDgxMjlhZTUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAADAN
BgkqhkiG9w0BAQsFAAOCAQEAkjA1jRuGMz9Py7Jg/0CUItpYiveQCkTFedwQ1AUn
5DITNXTteMXfg6MpWynfLCX5fCxDQpSw5EBrFTZkgf8yAHT4hTRMzdxITSKwx3vr
KToRazhH1e8ibCnu3mFSZUChzXfR5gbAOjM+F157uPsltjiUJliRwC9WeeLwQx/f
WzdWRI5VE9XZBI28qj79RH85Ey2nKvVaBPhvEiWyQyKQsJlzA1sSeOuqDOZB2KX9
BHyFQ3H4ZjkcAHqrhC+cHdI0Zj2OUjSEEYZW1xEsKhqZwRx4gzynPpNe/aEc5DqL
emPhVGYwxOBukkYuaQE/VejAitct1Sz0AvD1NZOphKKOEA==
-----END CERTIFICATE-----
Generated at Thu Oct 10 18:39:23 2024 by rpki-client on console-ams.rpki-client.org