Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1214f6bc-ac91-4e1b-ac85-14db120d0303.roa
File: 1214f6bc-ac91-4e1b-ac85-14db120d0303.roa (raw, json)
Hash identifier: 1W31vm+QPvuFZFOVKzGEx5N673Mirk40XW7Rf6agJ48=
Subject key identifier: 15:E6:4E:27:C5:8E:C1:62:4D:C5:54:00:5F:D6:33:8B:04:B2:58:F7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10C84FD59E3E6F6E0BD2A57B017CBBE16E648B34
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1214f6bc-ac91-4e1b-ac85-14db120d0303.roa
Signing time: Tue 20 May 2025 18:30:55 +0000
ROA not before: Tue 20 May 2025 18:30:55 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:a080::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:c8:4f:d5:9e:3e:6f:6e:0b:d2:a5:7b:01:7c:bb:e1:6e:64:8b:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:30:55 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=7f48968f4364d131f27d2395ccd49b6d238d1edb39ff7e244fd02027077e3429, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9d:25:5d:74:6f:81:f8:63:90:99:76:67:71:
cc:13:e4:5f:94:05:52:58:80:96:28:72:9c:eb:30:
70:a2:86:2c:73:c9:c0:3f:4d:d6:21:e9:4a:8a:36:
bb:43:29:0f:cf:b3:12:e7:78:98:66:3d:a2:ba:49:
e1:a3:27:e5:4c:74:41:3c:11:6f:54:3f:27:02:6c:
68:33:83:6a:44:9a:ec:e9:52:50:9c:b4:81:a6:e4:
06:b6:5e:24:b4:68:34:cb:ac:8e:ca:49:5d:5f:74:
46:a9:13:16:7a:69:c7:d2:4a:bb:82:57:7b:4a:58:
21:e1:f7:53:08:50:d5:88:39:e0:61:24:24:28:09:
a6:a6:6e:28:11:60:c6:40:80:99:a7:4b:a9:f2:9d:
aa:72:77:1e:9a:f2:de:71:ee:5b:13:d5:e9:b7:b3:
7d:b9:c4:1c:57:e8:db:99:a9:38:0e:62:5c:79:da:
44:3b:e3:c1:41:4f:16:dc:ae:4b:c4:67:2a:9c:fd:
d9:1b:1c:ab:ad:0e:25:bf:a6:82:63:dc:65:3a:65:
44:f6:59:3a:19:60:90:d5:53:cf:1c:85:25:cd:db:
2b:98:2a:bf:c7:83:be:58:f3:40:66:a2:09:86:cb:
b1:44:74:a2:f5:9c:9b:87:85:26:82:21:56:fb:db:
6e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:E6:4E:27:C5:8E:C1:62:4D:C5:54:00:5F:D6:33:8B:04:B2:58:F7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1214f6bc-ac91-4e1b-ac85-14db120d0303.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:a080::/48
Signature Algorithm: sha256WithRSAEncryption
51:d2:59:a5:1d:ab:05:11:0d:fe:e7:28:59:47:2a:86:f5:ba:
63:b2:2c:cf:e6:ae:5b:af:69:4d:8d:32:3f:1d:ad:70:f7:3a:
4d:38:6a:88:2e:94:1b:b1:40:d8:93:a1:6b:44:45:04:bd:e3:
76:c4:64:66:f8:50:7d:e1:5b:9d:9d:32:b4:ef:2c:ab:7e:b5:
f8:1f:b1:a5:af:fc:0f:47:84:cb:a3:3b:c2:9c:f8:d9:bb:66:
33:02:4b:fd:1d:d8:ec:be:16:48:aa:49:70:aa:8b:5c:17:86:
76:9f:14:f3:82:7a:b6:e8:8e:0c:77:a5:41:cf:e4:20:cf:ec:
1a:b6:d8:3c:91:ce:5b:e6:e3:b0:96:d8:8f:ba:fd:77:d1:f5:
1c:13:53:aa:5d:12:bd:1e:14:0a:91:7a:51:dc:0e:85:53:e1:
fe:27:dc:52:4f:33:c4:cc:2f:40:08:40:3b:b7:ea:a5:af:1b:
c6:3f:71:da:2a:56:80:4c:55:37:80:f1:8d:24:f0:89:e9:41:
a2:10:3b:62:6c:20:b0:9e:d1:b4:2d:e7:54:9b:f9:2c:42:b9:
fc:ed:2f:09:f3:e2:91:41:13:31:a0:58:7b:93:f0:4b:7d:08:
41:0f:78:68:8e:42:cd:fe:46:96:aa:63:ed:d1:a4:e6:9a:6e:
8f:56:94:96
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEMhP1Z4+b24L0qV7AXy74W5kizQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMwNTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNDg5NjhmNDM2NGQxMzFmMjdkMjM5NWNjZDQ5YjZkMjM4ZDFlZGIzOWZm
N2UyNDRmZDAyMDI3MDc3ZTM0MjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2dJV10b4H4Y5CZdmdxzBPkX5QFUliAlihynOswcKKGLHPJwD9N1iHpSoo2
u0MpD8+zEud4mGY9orpJ4aMn5Ux0QTwRb1Q/JwJsaDODakSa7OlSUJy0gabkBrZe
JLRoNMusjspJXV90RqkTFnppx9JKu4JXe0pYIeH3UwhQ1Yg54GEkJCgJpqZuKBFg
xkCAmadLqfKdqnJ3Hpry3nHuWxPV6bezfbnEHFfo25mpOA5iXHnaRDvjwUFPFtyu
S8RnKpz92Rscq60OJb+mgmPcZTplRPZZOhlgkNVTzxyFJc3bK5gqv8eDvljzQGai
CYbLsUR0ovWcm4eFJoIhVvvbbvUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQV5k4n
xY7BYk3FVABf1jOLBLJY9zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIxNGY2YmMtYWM5MS00ZTFiLWFjODUtMTRkYjEyMGQwMzAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSg
gDANBgkqhkiG9w0BAQsFAAOCAQEAUdJZpR2rBREN/ucoWUcqhvW6Y7Isz+auW69p
TY0yPx2tcPc6TThqiC6UG7FA2JOha0RFBL3jdsRkZvhQfeFbnZ0ytO8sq361+B+x
pa/8D0eEy6M7wpz42btmMwJL/R3Y7L4WSKpJcKqLXBeGdp8U84J6tuiODHelQc/k
IM/sGrbYPJHOW+bjsJbYj7r9d9H1HBNTql0SvR4UCpF6UdwOhVPh/ifcUk8zxMwv
QAhAO7fqpa8bxj9x2ipWgExVN4DxjSTwielBohA7YmwgsJ7RtC3nVJv5LEK5/O0v
CfPikUETMaBYe5PwS30IQQ94aI5Czf5Glqpj7dGk5ppuj1aUlg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:02:33 2025 by rpki-client