Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/045c4172-cf2a-4f25-96f1-25c2fd9edd2c.roa
File: 045c4172-cf2a-4f25-96f1-25c2fd9edd2c.roa (raw, json)
Hash identifier: +Dv+zaiEFukmn+hsuP8QKcasgFIySSe8WaorxesWOOk=
Subject key identifier: 8B:E7:71:DC:3E:C9:D0:55:10:38:D4:5B:7F:78:42:08:C2:8A:70:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E4381C1BB02A5110209E21CAF1689B5C5A2DB6B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/045c4172-cf2a-4f25-96f1-25c2fd9edd2c.roa
Signing time: Tue 20 May 2025 18:41:25 +0000
ROA not before: Tue 20 May 2025 18:41:25 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:e0c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:22:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:43:81:c1:bb:02:a5:11:02:09:e2:1c:af:16:89:b5:c5:a2:db:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:41:25 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=51754c98b96b83b3d7d540c10753ba5cc94228ca5e5678b968f4258ebfc4f5cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ad:e2:db:9f:6a:71:3c:52:5b:b7:65:4e:0e:
99:3a:c3:79:7f:7b:65:5e:c8:0d:09:0c:46:f2:70:
ce:fd:14:2a:52:fa:c9:4b:ee:7b:d3:5a:17:3d:b3:
86:47:c0:ed:6f:9a:29:0a:54:d5:f0:48:ed:4e:98:
49:49:fe:16:51:bd:07:07:f0:1f:bf:ca:7c:b9:61:
9e:26:11:f6:5b:bf:f3:da:2d:59:0d:0d:60:4d:e9:
b4:56:a8:b3:29:3c:49:2c:07:1c:d3:8a:73:a7:ec:
95:75:7b:65:ff:72:1c:47:3f:0d:4d:26:6a:9a:6b:
d4:1d:0d:a7:74:6b:fb:2f:3e:da:b3:f4:a7:6c:38:
c7:1a:38:c5:7a:06:31:22:7a:75:da:96:18:d1:7c:
ee:57:58:7b:2c:15:d5:cb:39:80:fd:a9:5d:2e:01:
80:cc:25:62:a3:24:f1:46:1d:2a:77:34:6a:2a:4a:
be:d0:61:70:db:69:fa:7a:f8:70:1f:f6:b7:7b:18:
14:ac:5b:4c:56:f4:b1:db:aa:ed:4a:f9:40:18:67:
32:31:6b:53:66:81:66:bb:fc:04:c3:1b:26:d7:9d:
78:3c:cd:1d:8e:14:df:78:9a:4b:e4:9c:42:fb:68:
6d:54:3d:9a:c9:c9:14:4d:29:11:62:9e:83:f0:75:
be:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E7:71:DC:3E:C9:D0:55:10:38:D4:5B:7F:78:42:08:C2:8A:70:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/045c4172-cf2a-4f25-96f1-25c2fd9edd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
41:34:af:ab:38:33:8e:a9:ae:28:7b:df:36:84:6e:28:07:cc:
f0:b8:b6:2d:5d:59:16:d9:48:72:6c:20:d9:4d:c5:b9:6f:ef:
b8:6f:1b:e0:fe:ce:a5:5c:d5:5b:c6:3a:92:d3:58:1b:19:23:
94:40:a4:86:55:75:5a:4e:48:c8:71:c2:9e:9f:44:97:38:20:
80:1d:fc:06:ec:9a:bb:c4:b2:4b:82:2a:d6:12:56:69:40:90:
ca:b3:52:f5:10:6e:be:8c:e5:7f:d4:d0:2c:d2:52:f4:87:1b:
bf:d9:96:e2:70:3e:d4:36:bf:db:59:db:98:31:fd:64:bd:95:
28:c4:01:32:a7:8c:c0:3f:51:4a:3b:31:84:bc:54:db:1e:2a:
ba:da:e7:ec:b3:a8:c3:6c:34:c9:eb:a5:ba:5a:99:11:3b:b8:
89:44:bb:26:d9:0b:ea:fd:19:10:bc:cc:b5:e7:b0:c3:71:e6:
c2:a5:d7:21:57:3e:84:c4:62:28:a7:b1:4b:36:e8:1e:9c:a8:
e9:8a:35:7c:a6:71:d6:5f:79:65:bd:75:0a:64:ff:5f:f6:5e:
4a:22:bd:8b:c2:6f:13:db:f4:9b:07:41:e2:99:c4:8a:c9:d2:
3d:99:6c:cf:5d:80:e8:ea:99:3c:c5:06:ce:f5:3a:aa:a4:bf:
8f:90:85:30
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfkOBwbsCpRECCeIcrxaJtcWi22swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQxMjVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNzU0Yzk4Yjk2YjgzYjNkN2Q1NDBjMTA3NTNiYTVjYzk0MjI4Y2E1ZTU2
NzhiOTY4ZjQyNThlYmZjNGY1Y2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyt4tufanE8Ulu3ZU4OmTrDeX97ZV7IDQkMRvJwzv0UKlL6yUvue9NaFz2z
hkfA7W+aKQpU1fBI7U6YSUn+FlG9BwfwH7/KfLlhniYR9lu/89otWQ0NYE3ptFao
syk8SSwHHNOKc6fslXV7Zf9yHEc/DU0mappr1B0Np3Rr+y8+2rP0p2w4xxo4xXoG
MSJ6ddqWGNF87ldYeywV1cs5gP2pXS4BgMwlYqMk8UYdKnc0aipKvtBhcNtp+nr4
cB/2t3sYFKxbTFb0sduq7Ur5QBhnMjFrU2aBZrv8BMMbJtedeDzNHY4U33iaS+Sc
QvtobVQ9msnJFE0pEWKeg/B1vo8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSL53Hc
PsnQVRA41Ft/eEIIwopwNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQ1YzQxNzItY2YyYS00ZjI1LTk2ZjEtMjVjMmZkOWVkZDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTg
wDANBgkqhkiG9w0BAQsFAAOCAQEAQTSvqzgzjqmuKHvfNoRuKAfM8Li2LV1ZFtlI
cmwg2U3FuW/vuG8b4P7OpVzVW8Y6ktNYGxkjlECkhlV1Wk5IyHHCnp9ElzgggB38
Buyau8SyS4Iq1hJWaUCQyrNS9RBuvozlf9TQLNJS9Icbv9mW4nA+1Da/21nbmDH9
ZL2VKMQBMqeMwD9RSjsxhLxU2x4qutrn7LOow2w0yeululqZETu4iUS7JtkL6v0Z
ELzMteeww3HmwqXXIVc+hMRiKKexSzboHpyo6Yo1fKZx1l95Zb11CmT/X/ZeSiK9
i8JvE9v0mwdB4pnEisnSPZlsz12A6OqZPMUGzvU6qqS/j5CFMA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:03 2025 by rpki-client