Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0231389b-52ca-4beb-8f44-531335cb72bd.roa
File: 0231389b-52ca-4beb-8f44-531335cb72bd.roa (raw, json)
Hash identifier: NTbFSEAb9VhIogp/ujoZUXb6zQ5HhKfU3L9G5Peks6k=
Subject key identifier: 9C:A7:06:25:FD:D8:37:02:55:41:EE:09:AE:FB:2D:99:CA:EF:E9:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 48758296AB2BF26BBFB16AC4C5003637CD926797
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0231389b-52ca-4beb-8f44-531335cb72bd.roa
Signing time: Thu 17 Apr 2025 16:37:19 +0000
ROA not before: Thu 17 Apr 2025 16:37:19 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:4000::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 17 Apr 2025 20:37:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:75:82:96:ab:2b:f2:6b:bf:b1:6a:c4:c5:00:36:37:cd:92:67:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:37:19 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=2eb9c37bd790105f4177487fb63b8c3a8d5d3558d1fe9402da1c2f117419cfb6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:04:81:33:31:5f:36:b4:b3:18:4b:fe:be:6a:
6b:f1:0e:b1:4f:45:41:8f:e9:a1:38:85:85:a9:ab:
d3:39:f4:a6:74:a1:01:4a:a6:da:08:72:1a:17:c8:
bb:e4:79:91:01:8a:78:9d:fd:a7:0f:45:b7:eb:7b:
5c:62:20:45:5d:94:20:cb:30:c4:32:1a:ee:52:bc:
dd:f5:aa:34:4b:6d:8f:39:da:37:48:78:b0:27:50:
68:8b:9c:3d:b9:a0:51:5d:c4:33:14:ea:7e:16:96:
3a:fb:0f:2a:14:85:a1:a3:bc:95:3c:14:5a:8d:66:
b9:b4:98:97:79:f8:a7:a1:75:f4:23:7e:a0:23:6d:
2e:76:c4:df:17:dc:9d:10:05:66:83:a7:e1:0a:98:
43:14:6a:89:44:e1:af:f1:c3:37:8a:91:9c:43:13:
74:f6:8a:a1:66:46:9b:84:15:93:9c:f2:22:26:dc:
c1:ad:70:87:c0:b0:6d:c1:77:38:3c:56:08:1a:d0:
54:2f:92:66:7e:f7:e0:6a:71:6a:45:4c:4f:a5:7f:
e9:3f:7b:fb:8f:7c:44:2b:51:47:3d:da:dd:5c:b4:
9d:6a:e7:bf:e6:57:7b:95:58:5a:ad:c0:cf:10:d0:
91:56:b9:25:4e:63:b5:84:d0:db:3c:34:8e:30:ec:
4d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A7:06:25:FD:D8:37:02:55:41:EE:09:AE:FB:2D:99:CA:EF:E9:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0231389b-52ca-4beb-8f44-531335cb72bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:4000::/40
Signature Algorithm: sha256WithRSAEncryption
20:c5:ef:cd:3b:41:0a:3c:7b:1f:e2:6a:db:2c:e1:c7:bb:60:
8a:65:7c:22:34:0d:51:43:70:06:80:19:8a:b8:60:25:6c:05:
28:c3:ca:15:4d:7b:57:f3:3a:d5:1a:10:2f:72:54:f4:80:77:
1f:30:08:74:02:4d:94:35:f2:cd:0b:2c:8a:08:4b:a3:ad:2a:
06:df:22:e8:9d:8c:da:47:5a:d5:41:90:3b:6e:fd:de:16:3a:
42:d9:80:bc:ee:73:33:b2:ad:59:18:5e:6f:2a:ca:0e:ff:5a:
f0:6f:05:0f:ce:82:a0:f9:cb:d1:72:a2:a8:b4:61:d6:3a:8f:
ca:f4:25:bf:3a:43:09:01:75:95:1c:f5:54:ee:2a:f9:6f:be:
be:0b:f2:24:ff:5b:29:00:00:3e:b3:cc:68:00:47:92:35:c9:
85:fc:be:63:53:bb:63:a6:69:0c:9f:4f:5b:7e:02:0e:4e:65:
f0:e1:7f:42:e8:70:37:6c:e6:c1:68:56:08:01:3d:b8:bc:58:
a8:5a:e1:a8:5c:13:f0:e7:76:70:97:1c:02:ac:80:53:65:4e:
bf:3f:02:cb:4a:5a:b9:1c:75:f2:78:53:41:62:23:0f:e7:ce:
e6:b3:a1:f4:30:4c:18:9d:2c:30:db:9d:7b:3e:0b:d1:12:79:
7a:92:6c:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSHWClqsr8mu/sWrExQA2N82SZ5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM3MTlaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlYjljMzdiZDc5MDEwNWY0MTc3NDg3ZmI2M2I4YzNhOGQ1ZDM1NThkMWZl
OTQwMmRhMWMyZjExNzQxOWNmYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOYEgTMxXza0sxhL/r5qa/EOsU9FQY/poTiFhamr0zn0pnShAUqm2ghyGhfI
u+R5kQGKeJ39pw9Ft+t7XGIgRV2UIMswxDIa7lK83fWqNEttjznaN0h4sCdQaIuc
PbmgUV3EMxTqfhaWOvsPKhSFoaO8lTwUWo1mubSYl3n4p6F19CN+oCNtLnbE3xfc
nRAFZoOn4QqYQxRqiUThr/HDN4qRnEMTdPaKoWZGm4QVk5zyIibcwa1wh8CwbcF3
ODxWCBrQVC+SZn734GpxakVMT6V/6T97+498RCtRRz3a3Vy0nWrnv+ZXe5VYWq3A
zxDQkVa5JU5jtYTQ2zw0jjDsTYMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBScpwYl
/dg3AlVB7gmu+y2Zyu/pzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDIzMTM4OWItNTJjYS00YmViLThmNDQtNTMxMzM1Y2I3MmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G5A
MA0GCSqGSIb3DQEBCwUAA4IBAQAgxe/NO0EKPHsf4mrbLOHHu2CKZXwiNA1RQ3AG
gBmKuGAlbAUow8oVTXtX8zrVGhAvclT0gHcfMAh0Ak2UNfLNCyyKCEujrSoG3yLo
nYzaR1rVQZA7bv3eFjpC2YC87nMzsq1ZGF5vKsoO/1rwbwUPzoKg+cvRcqKotGHW
Oo/K9CW/OkMJAXWVHPVU7ir5b76+C/Ik/1spAAA+s8xoAEeSNcmF/L5jU7tjpmkM
n09bfgIOTmXw4X9C6HA3bObBaFYIAT24vFioWuGoXBPw53ZwlxwCrIBTZU6/PwLL
Slq5HHXyeFNBYiMP587ms6H0MEwYnSww2517PgvREnl6kmy8
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:49:08 2025 by rpki-client