Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc80f02f-68a8-4245-9562-5311abe3fa18.roa
File: fc80f02f-68a8-4245-9562-5311abe3fa18.roa (raw, json)
Hash identifier: k9KIeOynJ3AIumx2JnnS3FHYxN7Hj0eRoX+y3jMMYbk=
Subject key identifier: 3B:3A:55:D1:FB:62:C1:A6:13:56:AA:26:79:BA:DF:BA:58:B6:E6:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B8343C7B345A53610DE96D8FAC96080324C2631
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc80f02f-68a8-4245-9562-5311abe3fa18.roa
Signing time: Wed 18 Sep 2024 00:00:00 +0000
ROA not before: Wed 18 Sep 2024 00:00:00 +0000
ROA not after: Wed 23 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.128.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 14:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:83:43:c7:b3:45:a5:36:10:de:96:d8:fa:c9:60:80:32:4c:26:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 18 00:00:00 2024 GMT
Not After : Oct 23 23:59:59 2024 GMT
Subject: serialNumber=db8111ffc5478d4b8f8db0ba96a487bac95656a39d3a4e5c9b45e67221400ad2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ed:39:07:04:4d:2d:c2:53:9e:ad:48:83:29:
b9:4e:42:84:f3:04:8d:b7:19:36:36:aa:09:9a:85:
a7:ac:33:33:39:bf:f7:66:be:8e:b3:c0:fd:da:14:
36:29:ae:ac:20:86:76:da:e8:fd:bc:b1:01:51:c2:
e4:7a:fb:13:a9:39:d0:89:37:a7:80:da:3d:45:ec:
11:57:95:48:c0:4d:46:f3:d1:aa:e7:7e:c6:ac:32:
c0:d8:e1:36:6c:c0:01:5b:cb:8e:a8:b5:8b:6c:9a:
78:18:66:f0:61:36:f9:64:4f:4c:c4:bd:d0:c9:38:
6e:db:49:67:f6:02:1f:ee:0e:2d:86:71:20:d0:a3:
fd:8f:ee:2e:23:25:1c:85:69:2e:4d:86:77:84:78:
34:53:e1:04:60:2e:b5:ec:09:3b:d1:2d:08:34:f8:
9d:b5:92:2f:a2:2b:4e:d3:e4:33:aa:53:a6:4d:41:
58:55:a6:1f:fd:e3:44:5c:97:ce:c8:e5:ed:6b:5e:
2a:0c:c7:9d:7e:95:7b:aa:5d:fd:82:47:66:ca:0f:
eb:64:0d:6c:0b:9e:4d:27:b9:24:bf:fe:f7:22:fd:
bb:4e:e5:41:76:a7:c8:b3:06:9d:53:78:09:3f:22:
22:7e:da:d0:ad:17:7b:63:68:6c:3d:0c:6d:03:7b:
d1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3A:55:D1:FB:62:C1:A6:13:56:AA:26:79:BA:DF:BA:58:B6:E6:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc80f02f-68a8-4245-9562-5311abe3fa18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.128.0/21
Signature Algorithm: sha256WithRSAEncryption
69:11:3d:38:26:11:b8:ff:ad:42:63:f5:2e:09:de:30:7c:4a:
c3:3e:4f:f9:eb:c1:8f:65:30:d7:af:9c:80:54:38:7d:5b:15:
54:cc:5a:c2:1a:ae:b3:5f:e0:b4:ed:69:9c:8b:eb:9c:84:30:
ba:50:4f:71:33:0e:85:ef:04:2e:38:ce:43:fd:a3:2f:93:f1:
7a:65:bb:57:51:c7:dd:e2:63:26:76:1d:fb:fe:e1:dc:2e:1b:
e3:a2:83:8c:6a:d2:40:0f:5c:13:f1:a7:8d:69:9f:ba:f3:7f:
41:41:b2:0e:90:8a:5c:37:7e:17:99:ae:f0:e8:cf:76:2b:ee:
ae:60:dd:6f:32:52:64:dc:c4:71:ed:6c:5e:96:0e:67:66:79:
20:85:9d:15:a2:9e:7b:f3:a0:70:d2:bd:03:6e:64:de:d1:5c:
a6:2d:be:7c:53:49:c0:73:fc:47:64:29:18:78:52:1f:55:de:
af:be:21:d4:fd:bd:a7:ea:68:cc:b1:37:d9:6b:de:8e:20:39:
1e:3a:87:cb:ac:a7:cf:6e:43:98:06:c3:30:24:ca:70:31:77:
31:1d:6b:47:94:5f:86:59:f1:bb:30:55:cb:61:dc:0a:e3:36:
5f:c1:fc:7a:6d:1d:17:65:61:18:32:f2:20:4c:d9:a2:94:12:
29:c0:66:c8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUO4NDx7NFpTYQ3pbY+slggDJMJjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA5MTgwMDAwMDBaFw0yNDEwMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiODExMWZmYzU0NzhkNGI4ZjhkYjBiYTk2YTQ4N2JhYzk1NjU2YTM5ZDNh
NGU1YzliNDVlNjcyMjE0MDBhZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjtOQcETS3CU56tSIMpuU5ChPMEjbcZNjaqCZqFp6wzMzm/92a+jrPA/doU
NimurCCGdtro/byxAVHC5Hr7E6k50Ik3p4DaPUXsEVeVSMBNRvPRqud+xqwywNjh
NmzAAVvLjqi1i2yaeBhm8GE2+WRPTMS90Mk4bttJZ/YCH+4OLYZxINCj/Y/uLiMl
HIVpLk2Gd4R4NFPhBGAutewJO9EtCDT4nbWSL6IrTtPkM6pTpk1BWFWmH/3jRFyX
zsjl7WteKgzHnX6Ve6pd/YJHZsoP62QNbAueTSe5JL/+9yL9u07lQXanyLMGnVN4
CT8iIn7a0K0Xe2NobD0MbQN70U0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ7OlXR
+2LBphNWqiZ5ut+6WLbmQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM4MGYwMmYtNjhhOC00MjQ1LTk1NjItNTMxMWFiZTNmYTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAgDAN
BgkqhkiG9w0BAQsFAAOCAQEAaRE9OCYRuP+tQmP1LgneMHxKwz5P+evBj2Uw16+c
gFQ4fVsVVMxawhqus1/gtO1pnIvrnIQwulBPcTMOhe8ELjjOQ/2jL5PxemW7V1HH
3eJjJnYd+/7h3C4b46KDjGrSQA9cE/GnjWmfuvN/QUGyDpCKXDd+F5mu8OjPdivu
rmDdbzJSZNzEce1sXpYOZ2Z5IIWdFaKee/OgcNK9A25k3tFcpi2+fFNJwHP8R2Qp
GHhSH1Xer74h1P29p+pozLE32WvejiA5HjqHy6ynz25DmAbDMCTKcDF3MR1rR5Rf
hlnxuzBVy2HcCuM2X8H8em0dF2VhGDLyIEzZopQSKcBmyA==
-----END CERTIFICATE-----
Generated at Thu Oct 10 18:39:23 2024 by rpki-client on console-ams.rpki-client.org