Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05a72d01-7790-4b75-991b-28806ee2dacf.roa
File: 05a72d01-7790-4b75-991b-28806ee2dacf.roa (raw, json)
Hash identifier: hC8/pGNPejLA7dQBIcdutYSmU5ZQtrpSm9qq+zCLKck=
Subject key identifier: 15:C0:9E:22:DB:6F:59:36:53:0A:CA:0E:08:8C:9A:BC:BB:58:5B:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 398A9543000C3EECF9217E3748F0C19697A015B3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05a72d01-7790-4b75-991b-28806ee2dacf.roa
Signing time: Tue 20 May 2025 18:40:07 +0000
ROA not before: Tue 20 May 2025 18:40:07 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:1040::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:8a:95:43:00:0c:3e:ec:f9:21:7e:37:48:f0:c1:96:97:a0:15:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:40:07 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e7fab4a53951c7bcc531a9cc4e9ec9d1a70c274c8e6ab10ae3672cae049bb670, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:08:b2:d9:f8:5a:24:77:1d:b5:9a:96:e7:7e:
8a:b5:03:dc:cc:be:01:b9:14:93:c1:3e:a1:e2:1a:
a6:d9:78:9f:98:4a:7c:09:ac:67:57:1a:bf:e4:f8:
e5:49:49:03:76:b3:d4:63:56:74:be:5b:10:4a:db:
d7:f9:a5:b3:ee:d3:6c:73:84:bf:1b:a2:22:e9:18:
8f:63:88:da:d6:b5:b2:05:c8:2f:6f:97:a8:16:72:
73:f3:d6:1f:2f:a8:5f:a4:fa:e8:b0:22:4b:66:42:
96:f3:9d:15:1f:d1:9c:83:4d:02:96:52:61:aa:54:
33:71:58:40:15:27:aa:5d:1e:40:fe:ad:61:a2:16:
10:75:d8:1b:d8:1a:c6:46:a1:ce:ea:23:bb:a4:72:
72:9d:d6:0e:33:1a:ed:f0:3b:b3:a4:fc:b0:c2:12:
f2:0d:7f:b0:e9:82:60:f1:59:43:49:a5:14:a0:a6:
d9:a6:34:94:ff:3e:75:f5:51:34:fe:db:1f:b3:78:
95:f0:f9:b8:3a:4b:ec:8a:19:c5:3f:3d:46:95:a6:
d2:4f:96:cb:d0:09:31:1d:ab:26:98:cd:4d:50:0d:
0e:d1:10:64:61:26:3f:b1:82:01:bf:90:c1:95:f8:
0e:f6:cf:ad:af:9d:f3:ee:36:af:c0:08:b2:0c:f1:
9e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C0:9E:22:DB:6F:59:36:53:0A:CA:0E:08:8C:9A:BC:BB:58:5B:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/05a72d01-7790-4b75-991b-28806ee2dacf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1040::/48
Signature Algorithm: sha256WithRSAEncryption
21:9e:ed:6a:e1:d2:3f:78:f1:db:ba:f2:71:22:0a:11:89:be:
3d:fd:f7:82:95:81:c5:60:94:b6:f4:51:92:bd:9b:70:29:94:
4e:c7:bd:3a:cd:a6:d7:5b:3f:47:53:80:49:d0:7b:0c:88:2c:
08:f0:ad:4b:e5:81:83:01:b4:c1:5c:2e:46:d9:37:29:39:e6:
01:ff:75:5c:17:b1:17:7d:3b:17:65:85:66:de:ba:24:b6:ef:
b8:e6:a3:0d:f0:05:3d:88:c7:da:e2:19:09:d0:f9:95:ba:e6:
17:6b:6b:df:f9:27:2d:33:d7:96:ce:02:f6:3c:10:1c:3e:26:
98:52:e5:67:fe:91:6e:3c:f1:e8:b8:cd:b1:4c:d2:e5:ff:d7:
69:b4:3b:15:a0:37:f2:64:2c:a7:98:05:b8:df:ef:42:b6:44:
b4:ea:71:08:bc:98:7d:69:d4:b4:0d:51:29:d0:21:e1:dd:ec:
90:2b:44:51:f1:fe:9c:51:48:7e:b9:d8:30:ed:73:33:98:b7:
16:56:0e:59:a9:22:0f:2e:d3:00:17:10:3a:57:22:7d:07:f7:
d3:6c:03:12:20:9f:2e:30:dc:1a:38:8a:f9:91:e4:b6:fe:66:
34:ff:52:36:ee:3b:c8:38:98:70:90:e9:98:73:86:6b:b7:39:
9f:7a:cb:86
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOYqVQwAMPuz5IX43SPDBlpegFbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODQwMDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3ZmFiNGE1Mzk1MWM3YmNjNTMxYTljYzRlOWVjOWQxYTcwYzI3NGM4ZTZh
YjEwYWUzNjcyY2FlMDQ5YmI2NzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQIstn4WiR3HbWalud+irUD3My+AbkUk8E+oeIaptl4n5hKfAmsZ1cav+T4
5UlJA3az1GNWdL5bEErb1/mls+7TbHOEvxuiIukYj2OI2ta1sgXIL2+XqBZyc/PW
Hy+oX6T66LAiS2ZClvOdFR/RnINNApZSYapUM3FYQBUnql0eQP6tYaIWEHXYG9ga
xkahzuoju6Rycp3WDjMa7fA7s6T8sMIS8g1/sOmCYPFZQ0mlFKCm2aY0lP8+dfVR
NP7bH7N4lfD5uDpL7IoZxT89RpWm0k+Wy9AJMR2rJpjNTVANDtEQZGEmP7GCAb+Q
wZX4DvbPra+d8+42r8AIsgzxnk0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQVwJ4i
229ZNlMKyg4IjJq8u1hbmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDVhNzJkMDEtNzc5MC00Yjc1LTk5MWItMjg4MDZlZTJkYWNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAIZ7tauHSP3jx27rycSIKEYm+Pf33gpWBxWCU
tvRRkr2bcCmUTse9Os2m11s/R1OASdB7DIgsCPCtS+WBgwG0wVwuRtk3KTnmAf91
XBexF307F2WFZt66JLbvuOajDfAFPYjH2uIZCdD5lbrmF2tr3/knLTPXls4C9jwQ
HD4mmFLlZ/6Rbjzx6LjNsUzS5f/XabQ7FaA38mQsp5gFuN/vQrZEtOpxCLyYfWnU
tA1RKdAh4d3skCtEUfH+nFFIfrnYMO1zM5i3FlYOWakiDy7TABcQOlcifQf302wD
EiCfLjDcGjiK+ZHktv5mNP9SNu47yDiYcJDpmHOGa7c5n3rLhg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:01:16 2025 by rpki-client