Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09ac55e2-65a4-4ea5-afb1-d5c11fdc944b.roa
File: 09ac55e2-65a4-4ea5-afb1-d5c11fdc944b.roa (raw, json)
Hash identifier: VX7jJzrdfJZVY9L0Oc4Puk1YOfjJgskD06yScUFNQGc=
Subject key identifier: 35:D2:8D:20:1E:D3:A6:64:4D:D4:A4:D5:59:30:85:87:29:DA:7D:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 142D887532C47F8D45FD865C7355706054EB72E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09ac55e2-65a4-4ea5-afb1-d5c11fdc944b.roa
Signing time: Mon 12 May 2025 16:20:23 +0000
ROA not before: Mon 12 May 2025 16:20:23 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:e000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:53:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:2d:88:75:32:c4:7f:8d:45:fd:86:5c:73:55:70:60:54:eb:72:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:23 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=5274ddcd95ae2152ac62eab1958e36113c184986822cf8e4d34bc6ac4f6670e7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:10:b4:20:2f:70:50:86:28:17:59:ef:2b:c7:
f0:e4:2d:87:60:c8:4a:09:c5:e1:ff:c5:14:4d:2a:
8c:34:f1:14:ac:ef:19:1d:59:bf:99:a2:3e:d9:b2:
79:c4:8b:da:be:c9:00:87:b9:96:ca:d7:77:9b:5c:
49:c5:d0:02:8d:90:56:ab:5a:01:45:3a:3b:49:95:
5b:18:f6:92:23:16:b8:10:99:f3:e8:f9:25:72:46:
77:47:c4:87:43:e7:9f:bd:b4:ce:ac:c6:21:d0:3f:
cf:ab:16:6b:7f:d6:66:28:14:07:27:6c:b7:b5:4c:
05:ad:51:96:a8:d8:a6:9d:71:ca:5f:3f:4b:ec:ba:
6f:97:e3:55:ed:f0:c7:84:07:2f:eb:03:c9:38:06:
9f:38:69:5c:c4:be:83:02:5f:0b:48:8c:c0:a1:55:
11:f8:6a:3b:a9:18:bd:75:43:f6:8f:d8:54:f1:c4:
c8:4a:36:31:80:79:79:e8:d5:d1:93:e5:c6:f2:35:
39:4f:4f:11:1a:45:55:78:cb:94:34:b2:ee:79:51:
64:c4:67:df:58:c7:cd:27:4b:c0:02:94:0e:29:82:
f6:77:bb:c5:bb:f1:d6:34:c5:02:15:b0:e0:34:22:
4b:42:5d:33:5c:56:54:f5:af:12:5c:67:24:3b:ff:
f1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D2:8D:20:1E:D3:A6:64:4D:D4:A4:D5:59:30:85:87:29:DA:7D:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09ac55e2-65a4-4ea5-afb1-d5c11fdc944b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:e000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:3b:af:6f:8d:c1:ce:25:59:7e:17:31:65:e6:b9:6f:77:e1:
df:9a:44:1b:6f:5d:27:72:fd:dd:74:44:0e:37:fe:1f:75:56:
f1:c2:03:6f:f7:5e:cd:ef:74:35:13:fa:2a:02:cc:60:e4:2a:
70:3b:4b:f1:3e:95:4a:ef:1f:9b:79:77:d4:2c:04:64:d9:9e:
93:4d:93:16:b8:12:88:37:87:67:34:9f:bc:14:17:6d:ab:cd:
e6:e6:55:a1:30:e8:4e:11:66:58:9f:e1:9c:44:8f:84:a7:3c:
a2:47:ce:61:25:9c:00:17:a5:d9:9e:4c:6b:f3:e0:be:f0:c1:
ba:2b:4c:5d:32:fa:6f:1d:df:92:86:1d:5a:f0:2f:97:e2:eb:
eb:84:24:b0:d0:58:32:5b:d3:c3:d4:a1:18:81:5d:a3:d6:9b:
27:c6:e2:7e:5e:41:73:09:bb:23:f5:1e:57:87:8e:6b:0c:cb:
ab:f3:ee:74:e3:b0:b0:a1:be:cb:42:b8:78:e2:17:48:db:1c:
f1:b5:74:70:4a:15:ae:a6:13:4e:9d:50:17:38:f2:6a:2f:f7:
0a:d8:ff:ae:45:ad:07:b8:5f:09:17:e1:26:72:5e:69:6c:70:
8e:76:9a:b0:36:18:ab:58:88:37:46:a4:c5:06:3a:31:29:87:
49:f9:5e:d8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFC2IdTLEf41F/YZcc1VwYFTrcuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMjNaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyNzRkZGNkOTVhZTIxNTJhYzYyZWFiMTk1OGUzNjExM2MxODQ5ODY4MjJj
ZjhlNGQzNGJjNmFjNGY2NjcwZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIkQtCAvcFCGKBdZ7yvH8OQth2DISgnF4f/FFE0qjDTxFKzvGR1Zv5miPtmy
ecSL2r7JAIe5lsrXd5tcScXQAo2QVqtaAUU6O0mVWxj2kiMWuBCZ8+j5JXJGd0fE
h0Pnn720zqzGIdA/z6sWa3/WZigUBydst7VMBa1RlqjYpp1xyl8/S+y6b5fjVe3w
x4QHL+sDyTgGnzhpXMS+gwJfC0iMwKFVEfhqO6kYvXVD9o/YVPHEyEo2MYB5eejV
0ZPlxvI1OU9PERpFVXjLlDSy7nlRZMRn31jHzSdLwAKUDimC9ne7xbvx1jTFAhWw
4DQiS0JdM1xWVPWvElxnJDv/8eECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ10o0g
HtOmZE3UpNVZMIWHKdp9cDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlhYzU1ZTItNjVhNC00ZWE1LWFmYjEtZDVjMTFmZGM5NDRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G7g
MA0GCSqGSIb3DQEBCwUAA4IBAQCsO69vjcHOJVl+FzFl5rlvd+HfmkQbb10ncv3d
dEQON/4fdVbxwgNv917N73Q1E/oqAsxg5CpwO0vxPpVK7x+beXfULARk2Z6TTZMW
uBKIN4dnNJ+8FBdtq83m5lWhMOhOEWZYn+GcRI+EpzyiR85hJZwAF6XZnkxr8+C+
8MG6K0xdMvpvHd+Shh1a8C+X4uvrhCSw0FgyW9PD1KEYgV2j1psnxuJ+XkFzCbsj
9R5Xh45rDMur8+5047Cwob7LQrh44hdI2xzxtXRwShWuphNOnVAXOPJqL/cK2P+u
Ra0HuF8JF+Emcl5pbHCOdpqwNhirWIg3RqTFBjoxKYdJ+V7Y
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:57 2025 by rpki-client