Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e2b690d-f31c-40a8-ab0c-dce5cc8dd858.roa
File: 0e2b690d-f31c-40a8-ab0c-dce5cc8dd858.roa (raw, json)
Hash identifier: tx+Izc1bOWbsKuTaXiaYwD3bSdOtlfpYWUXunTF4GYM=
Subject key identifier: AE:9D:A1:0A:0B:7B:79:24:1D:33:F8:25:72:34:A2:39:3E:31:99:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D94A0F4D4BEA63B6F9FE4991F0F8CBA8730E87A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e2b690d-f31c-40a8-ab0c-dce5cc8dd858.roa
Signing time: Mon 12 May 2025 16:20:17 +0000
ROA not before: Mon 12 May 2025 16:20:17 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:2000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:94:a0:f4:d4:be:a6:3b:6f:9f:e4:99:1f:0f:8c:ba:87:30:e8:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:17 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=aaa429d5068114b724f544b18af52064f898ba2dff30a4e94808146affb4e784, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f0:79:1c:d2:1d:b0:0e:6e:83:c5:55:4d:93:
07:38:c5:60:10:a5:56:02:77:c3:f4:7b:f2:00:f2:
c2:21:f9:6d:a1:16:ce:db:52:8e:4a:b6:77:58:b5:
ac:cb:a8:0c:cf:c5:fc:60:ce:6d:40:44:28:08:c8:
5a:4d:4f:05:ea:02:18:36:3f:b8:c5:2e:dd:cd:f5:
1a:ee:6d:29:fe:ce:da:a0:17:c1:1e:21:64:2b:ba:
c4:1b:bc:10:8a:a4:a3:b4:a3:e1:1e:82:03:c5:d8:
ef:18:04:88:96:5a:82:0e:1c:48:80:02:af:13:bb:
40:41:e9:f9:4c:d1:0f:be:13:a4:2f:fc:25:ef:2e:
78:66:37:d8:8c:d2:94:23:f3:7a:b6:68:27:e5:17:
b1:ef:7d:0a:79:05:f7:8e:e0:4d:98:08:96:2b:d3:
98:fd:f9:42:c4:b7:3c:1e:dd:a8:a1:fc:09:12:f9:
29:9a:7b:27:9c:00:42:55:7a:18:69:70:78:0f:a5:
a8:33:c6:3f:31:ae:ff:74:9c:bc:0a:9c:e4:52:2f:
9e:a5:2b:81:54:f0:e2:ce:f2:66:d8:24:3e:9b:cf:
95:39:d7:14:0a:a1:37:13:81:8e:a5:77:b9:d2:d1:
64:28:91:ec:ae:aa:51:7d:9a:41:35:07:77:b1:1b:
75:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:9D:A1:0A:0B:7B:79:24:1D:33:F8:25:72:34:A2:39:3E:31:99:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e2b690d-f31c-40a8-ab0c-dce5cc8dd858.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:d6:0d:3f:56:92:1e:15:1e:1d:23:db:05:3a:f6:35:ef:cd:
b9:6d:c0:11:fc:f1:e2:a5:af:3b:fe:11:4e:0d:47:d2:7a:fd:
d1:65:39:4e:67:5f:a4:eb:39:10:50:a6:dd:42:d6:37:df:f4:
20:64:05:fc:70:74:b6:46:39:df:b8:0d:01:cd:28:20:eb:c2:
0c:28:a5:fb:13:ad:d7:cb:54:17:e3:82:31:83:ee:3c:f0:db:
59:97:46:10:bf:7a:26:42:bf:74:07:61:3b:26:a9:33:b2:2c:
50:42:e7:04:ec:fb:c0:88:fe:06:8a:e2:c6:b3:56:b9:42:54:
7d:17:48:28:04:42:b7:7f:50:62:51:f2:be:d1:8d:85:9c:1b:
da:34:fe:b9:3d:87:d4:1f:e0:b2:d4:3b:16:e4:9b:ae:a8:9b:
c6:9e:4f:58:67:7b:ad:58:21:10:34:50:fa:30:cc:4b:54:2a:
f9:69:3d:01:af:ab:17:e0:26:db:22:bb:54:09:0e:89:50:6b:
5b:be:88:ae:09:0a:14:dd:da:a6:16:3e:54:fb:6b:69:8f:dc:
26:05:ae:59:c4:68:80:09:b3:68:ae:76:4e:00:52:9f:6a:a4:
2c:96:73:c2:82:30:40:c4:d4:0d:af:31:78:5e:f6:41:ec:0f:
9b:ad:d0:b4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbZSg9NS+pjtvn+SZHw+Muocw6HowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMTdaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhYTQyOWQ1MDY4MTE0YjcyNGY1NDRiMThhZjUyMDY0Zjg5OGJhMmRmZjMw
YTRlOTQ4MDgxNDZhZmZiNGU3ODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbweRzSHbAOboPFVU2TBzjFYBClVgJ3w/R78gDywiH5baEWzttSjkq2d1i1
rMuoDM/F/GDObUBEKAjIWk1PBeoCGDY/uMUu3c31Gu5tKf7O2qAXwR4hZCu6xBu8
EIqko7Sj4R6CA8XY7xgEiJZagg4cSIACrxO7QEHp+UzRD74TpC/8Je8ueGY32IzS
lCPzerZoJ+UXse99CnkF947gTZgIlivTmP35QsS3PB7dqKH8CRL5KZp7J5wAQlV6
GGlweA+lqDPGPzGu/3ScvAqc5FIvnqUrgVTw4s7yZtgkPpvPlTnXFAqhNxOBjqV3
udLRZCiR7K6qUX2aQTUHd7EbdUkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSunaEK
C3t5JB0z+CVyNKI5PjGZrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUyYjY5MGQtZjMxYy00MGE4LWFiMGMtZGNlNWNjOGRkODU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fsg
MA0GCSqGSIb3DQEBCwUAA4IBAQA+1g0/VpIeFR4dI9sFOvY17825bcAR/PHipa87
/hFODUfSev3RZTlOZ1+k6zkQUKbdQtY33/QgZAX8cHS2RjnfuA0BzSgg68IMKKX7
E63Xy1QX44Ixg+488NtZl0YQv3omQr90B2E7JqkzsixQQucE7PvAiP4GiuLGs1a5
QlR9F0goBEK3f1BiUfK+0Y2FnBvaNP65PYfUH+Cy1DsW5JuuqJvGnk9YZ3utWCEQ
NFD6MMxLVCr5aT0Br6sX4CbbIrtUCQ6JUGtbvoiuCQoU3dqmFj5U+2tpj9wmBa5Z
xGiACbNornZOAFKfaqQslnPCgjBAxNQNrzF4XvZB7A+brdC0
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:28 2025 by rpki-client