Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04b3d59a-1622-4222-b4f7-96e18174cf66.roa
File: 04b3d59a-1622-4222-b4f7-96e18174cf66.roa (raw, json)
Hash identifier: 8aIzHdbmAv/pZXMq/XW5fJhF8VydBrSLJU2tigvN0uA=
Subject key identifier: A4:EE:D2:22:4B:A4:CE:B9:4F:16:3E:65:2C:07:5B:76:C2:0D:50:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 19D5E56431C224563A160110398DD811234221C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04b3d59a-1622-4222-b4f7-96e18174cf66.roa
Signing time: Mon 31 Mar 2025 21:00:13 +0000
ROA not before: Mon 31 Mar 2025 21:00:13 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:8000::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Apr 2025 13:52:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:d5:e5:64:31:c2:24:56:3a:16:01:10:39:8d:d8:11:23:42:21:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 21:00:13 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=2aca24f7ea93f77216ec5d815447f95a6dd661da4b970bd8d54d62076947b96a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fe:48:a5:d6:c5:5e:59:59:da:c5:3a:fc:5f:
61:4d:f2:46:9a:72:6b:34:ef:2a:53:f2:43:66:5e:
04:c5:76:5c:c3:a2:d3:76:d3:35:0e:cc:20:4d:85:
64:f7:9c:8b:3c:e0:77:64:0e:ca:a3:ca:92:4d:51:
43:1f:21:58:b0:26:e0:29:b2:81:13:d5:e7:c6:32:
8c:2a:22:7a:be:74:54:05:28:49:15:5a:50:4a:7a:
a6:3e:c0:f6:03:ab:47:6f:46:2c:98:ec:3f:5e:de:
09:be:da:fa:41:e3:2d:b0:e5:8d:e2:eb:e7:fd:b9:
44:f1:c1:ce:e4:6c:5b:55:3c:20:16:ef:d4:a6:af:
9f:68:d8:fa:0d:bf:7f:bc:c6:5a:00:2c:57:64:54:
31:00:5e:82:61:45:39:7a:e5:1c:2b:74:e9:61:c6:
bd:49:52:f0:97:cc:e7:49:5a:d0:b7:2e:ab:7a:b5:
72:f2:ac:06:53:54:16:4a:5b:79:e0:b8:e0:56:e2:
87:8c:49:74:ab:cd:55:3c:f1:3b:b3:5b:a2:00:87:
de:ee:42:b5:f6:c4:8b:51:6d:e7:d7:f5:d6:e7:a7:
41:f0:a7:af:e6:28:c6:51:e8:43:02:01:9b:7a:96:
25:be:05:b4:23:0e:5c:26:85:e7:35:9d:28:2b:f5:
3b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EE:D2:22:4B:A4:CE:B9:4F:16:3E:65:2C:07:5B:76:C2:0D:50:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04b3d59a-1622-4222-b4f7-96e18174cf66.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:8000::/40
Signature Algorithm: sha256WithRSAEncryption
43:31:2a:25:18:0f:5f:23:9a:c2:ab:65:6a:c4:6f:26:77:f7:
c9:e0:9d:89:09:90:10:de:66:69:36:47:cb:cc:55:93:f6:a6:
df:d8:1e:ab:db:13:b2:ca:b6:f0:5f:e7:2c:27:a4:4c:c6:56:
81:fb:0b:7b:bc:7e:66:d2:a6:b7:81:a7:ea:fe:81:29:01:ec:
c3:42:5f:e4:0b:2d:34:0f:2d:6d:be:3d:ec:9f:7f:b0:8c:a1:
f8:c6:42:bf:89:d4:cb:d3:10:67:f9:f1:fb:dd:e1:58:d9:56:
48:e4:d0:16:de:90:bd:cd:cc:ca:8a:26:22:18:57:ee:fd:5d:
44:c6:2a:bc:60:a0:6f:28:15:a7:65:fa:29:d3:37:a4:58:76:
c0:7f:3f:73:c6:e9:7a:e1:47:9f:81:3e:cf:cf:c8:2c:6b:3b:
40:f4:21:46:d9:a7:a2:de:63:a2:2c:a0:ac:71:58:0f:2d:05:
ff:b9:bf:13:eb:cf:32:64:5c:9e:90:63:6f:c7:76:66:8d:32:
93:c4:2a:0d:ea:d6:09:e0:9c:10:4e:d4:b1:79:b8:d1:7e:97:
42:0d:35:a0:dc:03:99:53:b7:00:7d:32:8f:cc:6a:80:09:79:
e7:9a:93:67:85:ca:02:a8:e6:98:cf:23:68:4c:23:68:45:af:
44:15:f0:32
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGdXlZDHCJFY6FgEQOY3YESNCIckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMTAwMTNaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhY2EyNGY3ZWE5M2Y3NzIxNmVjNWQ4MTU0NDdmOTVhNmRkNjYxZGE0Yjk3
MGJkOGQ1NGQ2MjA3Njk0N2I5NmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7+SKXWxV5ZWdrFOvxfYU3yRppyazTvKlPyQ2ZeBMV2XMOi03bTNQ7MIE2F
ZPecizzgd2QOyqPKkk1RQx8hWLAm4CmygRPV58YyjCoier50VAUoSRVaUEp6pj7A
9gOrR29GLJjsP17eCb7a+kHjLbDljeLr5/25RPHBzuRsW1U8IBbv1Kavn2jY+g2/
f7zGWgAsV2RUMQBegmFFOXrlHCt06WHGvUlS8JfM50la0Lcuq3q1cvKsBlNUFkpb
eeC44Fbih4xJdKvNVTzxO7NbogCH3u5CtfbEi1Ft59f11uenQfCnr+YoxlHoQwIB
m3qWJb4FtCMOXCaF5zWdKCv1O3UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSk7tIi
S6TOuU8WPmUsB1t2wg1QITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRiM2Q1OWEtMTYyMi00MjIyLWI0ZjctOTZlMTgxNzRjZjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G6A
MA0GCSqGSIb3DQEBCwUAA4IBAQBDMSolGA9fI5rCq2VqxG8md/fJ4J2JCZAQ3mZp
NkfLzFWT9qbf2B6r2xOyyrbwX+csJ6RMxlaB+wt7vH5m0qa3gafq/oEpAezDQl/k
Cy00Dy1tvj3sn3+wjKH4xkK/idTL0xBn+fH73eFY2VZI5NAW3pC9zczKiiYiGFfu
/V1Exiq8YKBvKBWnZfop0zekWHbAfz9zxul64UefgT7Pz8gsaztA9CFG2aei3mOi
LKCscVgPLQX/ub8T688yZFyekGNvx3ZmjTKTxCoN6tYJ4JwQTtSxebjRfpdCDTWg
3AOZU7cAfTKPzGqACXnnmpNnhcoCqOaYzyNoTCNoRa9EFfAy
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:15 2025 by rpki-client