Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/095ced86-de90-41a5-ae3e-b04468b93e6d.roa
File: 095ced86-de90-41a5-ae3e-b04468b93e6d.roa (raw, json)
Hash identifier: Zil7PULZyQUi5e1ajrKkDOCRjJQq+H+ffLfUUgLiSSI=
Subject key identifier: E3:C5:32:E5:EF:5A:F3:BF:A1:2E:7D:78:43:4E:6B:F8:0E:E3:8B:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 373795E4AF0CD38251F6C259435210723923C34E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/095ced86-de90-41a5-ae3e-b04468b93e6d.roa
Signing time: Thu 17 Apr 2025 16:37:08 +0000
ROA not before: Thu 17 Apr 2025 16:37:08 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:2000::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 17 Apr 2025 20:37:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:37:95:e4:af:0c:d3:82:51:f6:c2:59:43:52:10:72:39:23:c3:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:37:08 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=530d16f35421cc6e2cbf8b19693814ce8265217c451f70e3351281fc08ea8bda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:40:a7:0a:a2:30:63:9e:20:ad:d9:8c:ed:58:
92:00:3c:27:6a:ae:2d:a8:85:74:ec:e3:a2:61:fb:
dd:32:bd:83:d1:05:25:ed:dc:e3:78:7e:ec:f1:e7:
1a:01:e1:67:3d:22:87:9c:b9:a8:bd:59:97:6c:14:
34:ac:b0:89:e4:38:15:35:26:93:40:75:3f:ec:84:
31:be:20:0f:e7:ea:fc:0f:ca:83:48:79:4b:64:b3:
ba:75:58:66:cc:7c:ab:b2:c7:0e:45:cf:44:51:2d:
7a:85:93:d2:bd:82:9c:2f:36:00:a7:72:9a:9b:cd:
0a:ec:51:84:09:59:c5:16:da:aa:2a:17:96:50:4a:
54:56:e3:48:d8:e3:40:86:2d:72:6f:b0:3f:4b:ac:
f5:f5:98:5f:ff:1c:98:ee:91:d7:9d:7b:94:ab:6b:
ef:18:3f:4b:ae:95:b9:f8:97:1e:33:d3:06:df:b5:
12:3b:ca:56:60:c5:ef:be:aa:ac:99:ea:7d:b1:e4:
bd:ac:ee:56:20:e6:80:dd:93:e0:9e:6c:14:08:77:
6f:41:d3:42:3c:7e:19:9b:8d:72:74:05:e7:4c:95:
2d:75:28:b0:88:86:5d:f4:7e:cc:23:d6:35:b3:32:
7e:08:28:6c:6f:72:2d:25:da:83:0d:a7:34:f4:b7:
4f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C5:32:E5:EF:5A:F3:BF:A1:2E:7D:78:43:4E:6B:F8:0E:E3:8B:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/095ced86-de90-41a5-ae3e-b04468b93e6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
00:3d:01:af:f6:8c:b2:36:37:2d:02:77:01:6c:cb:e6:d6:ce:
5b:ec:98:c8:97:9f:c3:99:9e:86:16:63:d4:08:9e:cf:24:8a:
b3:43:82:5e:cc:01:8f:61:c6:7d:b9:c4:26:9e:9f:02:3e:68:
93:71:0d:d0:c0:f5:a2:58:84:bd:2b:85:41:cf:91:10:35:b7:
5d:86:39:02:d2:bd:57:ec:26:cf:d8:42:27:b0:f4:4a:e2:5c:
db:be:03:02:e3:da:55:37:db:23:2d:73:d1:32:ae:62:7a:37:
24:d6:21:b6:c1:d3:00:e8:a6:7b:4f:6b:80:a1:66:61:34:cd:
c2:5c:e6:e0:30:ad:14:91:ec:77:eb:e3:62:33:b6:4c:98:05:
bc:18:b4:70:0a:a1:59:b4:12:4f:68:a5:a4:da:bd:13:34:17:
9f:ec:ad:30:b1:da:2e:e9:14:56:85:be:aa:d2:6c:c0:02:7a:
a3:9b:be:88:1f:0d:c9:c8:cb:b5:02:8e:8d:09:25:bc:21:16:
21:e2:1f:71:5a:38:68:b9:80:c8:33:1e:df:a3:92:9b:8d:71:
7a:8e:e4:27:44:5d:b6:3d:6e:ff:cb:83:62:65:c5:79:66:37:
af:e7:fb:bf:fb:d7:4b:a1:3f:d7:c1:77:0f:cb:96:66:08:2b:
14:a8:69:0f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNzeV5K8M04JR9sJZQ1IQcjkjw04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM3MDhaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMGQxNmYzNTQyMWNjNmUyY2JmOGIxOTY5MzgxNGNlODI2NTIxN2M0NTFm
NzBlMzM1MTI4MWZjMDhlYThiZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtApwqiMGOeIK3ZjO1YkgA8J2quLaiFdOzjomH73TK9g9EFJe3c43h+7PHn
GgHhZz0ih5y5qL1Zl2wUNKywieQ4FTUmk0B1P+yEMb4gD+fq/A/Kg0h5S2SzunVY
Zsx8q7LHDkXPRFEteoWT0r2CnC82AKdympvNCuxRhAlZxRbaqioXllBKVFbjSNjj
QIYtcm+wP0us9fWYX/8cmO6R1517lKtr7xg/S66VufiXHjPTBt+1EjvKVmDF776q
rJnqfbHkvazuViDmgN2T4J5sFAh3b0HTQjx+GZuNcnQF50yVLXUosIiGXfR+zCPW
NbMyfggobG9yLSXagw2nNPS3T1sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTjxTLl
71rzv6EufXhDTmv4DuOLdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDk1Y2VkODYtZGU5MC00MWE1LWFlM2UtYjA0NDY4YjkzZTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fsg
MA0GCSqGSIb3DQEBCwUAA4IBAQAAPQGv9oyyNjctAncBbMvm1s5b7JjIl5/DmZ6G
FmPUCJ7PJIqzQ4JezAGPYcZ9ucQmnp8CPmiTcQ3QwPWiWIS9K4VBz5EQNbddhjkC
0r1X7CbP2EInsPRK4lzbvgMC49pVN9sjLXPRMq5iejck1iG2wdMA6KZ7T2uAoWZh
NM3CXObgMK0Ukex36+NiM7ZMmAW8GLRwCqFZtBJPaKWk2r0TNBef7K0wsdou6RRW
hb6q0mzAAnqjm76IHw3JyMu1Ao6NCSW8IRYh4h9xWjhouYDIMx7fo5KbjXF6juQn
RF22PW7/y4NiZcV5Zjev5/u/+9dLoT/XwXcPy5ZmCCsUqGkP
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:47 2025 by rpki-client