Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1227050a-b689-4008-9742-9fbfc8bc271d.roa
File: 1227050a-b689-4008-9742-9fbfc8bc271d.roa (raw, json)
Hash identifier: p4NCSN2bY+E3AoiY4R0T/6ze8OPOFwR4Q2b9LDbaMHQ=
Subject key identifier: A0:05:FA:4E:3E:0A:DC:C0:C9:6A:BE:5B:91:42:BB:F7:4D:CF:58:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D064417C07A56AD7B152B42C63A590A27C6DDCA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1227050a-b689-4008-9742-9fbfc8bc271d.roa
Signing time: Fri 16 May 2025 17:30:20 +0000
ROA not before: Fri 16 May 2025 17:30:20 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:840::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:06:44:17:c0:7a:56:ad:7b:15:2b:42:c6:3a:59:0a:27:c6:dd:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:30:20 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=aa3dd11cf4d5a7dc99953df364820509e601b2ff12878ed7a2f88631275a0abd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:55:2b:59:a9:02:c8:81:75:55:45:6f:db:3e:
99:a1:9b:79:14:47:41:7f:f0:76:9f:1e:b9:7b:90:
b2:d5:1c:38:b4:41:9a:03:9f:d0:3d:dc:0e:c3:0f:
1b:15:15:d7:5b:63:14:da:15:b0:5b:03:71:1f:fa:
c9:8d:be:5d:5f:18:fc:ec:1e:04:32:ed:33:b4:9b:
8a:bc:2c:63:be:53:d5:fd:15:27:bc:0a:36:fc:95:
50:ff:29:09:08:43:e1:4c:ea:83:65:5f:4f:57:d0:
bf:56:b2:2b:55:73:4a:38:fb:a9:40:1d:8b:6b:a5:
91:cf:9c:f0:d3:c7:a4:3e:82:8f:26:1a:1c:e6:0e:
6d:10:d4:89:c3:c3:91:ec:25:bc:ce:81:69:44:74:
94:5f:a0:5c:b6:16:3b:1d:cf:37:4e:a8:79:8a:71:
55:91:ab:b5:7e:cf:68:f3:f9:ae:31:a4:5e:16:ce:
23:1e:8d:09:8b:46:54:4a:eb:63:b4:c4:c3:66:e4:
b3:ac:b4:60:91:ea:d2:e6:92:16:32:98:71:9c:01:
da:38:ee:c3:b0:b0:5d:ec:85:da:0e:af:62:ca:5a:
ad:ef:2b:a4:ce:bc:ab:f1:34:21:80:b5:a0:1c:a6:
a1:50:57:63:99:2a:57:71:eb:cd:c8:22:fc:ed:58:
f7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:05:FA:4E:3E:0A:DC:C0:C9:6A:BE:5B:91:42:BB:F7:4D:CF:58:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1227050a-b689-4008-9742-9fbfc8bc271d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:840::/48
Signature Algorithm: sha256WithRSAEncryption
3c:c5:2a:49:61:5e:3f:c4:db:87:9b:f1:61:a8:24:96:6c:c6:
36:6f:9e:34:1c:e4:51:e1:b4:64:4f:10:2f:c7:18:c2:b3:f4:
12:a0:0e:72:9f:f3:42:07:49:2e:76:59:e3:d3:06:23:b5:f7:
09:60:03:c4:b7:14:b5:6f:99:5b:73:42:2a:88:de:79:25:96:
b2:98:64:be:c2:6a:66:f7:35:9c:36:8c:be:57:44:6c:cf:2a:
09:f1:3e:53:b5:c7:a9:fe:7c:a2:bc:58:d3:e7:3b:28:ae:62:
b6:33:33:11:eb:8d:bc:cb:b1:5c:67:95:6b:19:d8:71:b3:6d:
37:b4:f2:46:b6:1f:05:8c:cb:74:b5:87:f2:d4:22:80:ba:9c:
69:eb:ec:93:11:6a:59:c6:4a:bc:b8:a2:be:83:9d:b9:af:b3:
83:56:86:0a:6f:12:09:9f:23:58:98:75:d0:4e:f7:e2:68:06:
69:b5:7c:5f:43:b7:34:4e:98:50:f8:29:51:fa:8f:bb:ee:ec:
59:f4:60:38:b2:fd:e7:a4:6b:02:c3:c4:8e:4d:5b:f5:aa:0e:
6f:ec:a7:3e:4f:2b:fc:36:f2:54:5b:05:62:f7:f6:14:1f:a6:
18:1d:03:b3:85:3d:75:53:9f:c7:1c:0f:e6:be:1c:89:d1:ba:
24:70:68:8d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfQZEF8B6Vq17FStCxjpZCifG3cowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzMwMjBaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhM2RkMTFjZjRkNWE3ZGM5OTk1M2RmMzY0ODIwNTA5ZTYwMWIyZmYxMjg3
OGVkN2EyZjg4NjMxMjc1YTBhYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJVVK1mpAsiBdVVFb9s+maGbeRRHQX/wdp8euXuQstUcOLRBmgOf0D3cDsMP
GxUV11tjFNoVsFsDcR/6yY2+XV8Y/OweBDLtM7SbirwsY75T1f0VJ7wKNvyVUP8p
CQhD4Uzqg2VfT1fQv1ayK1VzSjj7qUAdi2ulkc+c8NPHpD6CjyYaHOYObRDUicPD
kewlvM6BaUR0lF+gXLYWOx3PN06oeYpxVZGrtX7PaPP5rjGkXhbOIx6NCYtGVErr
Y7TEw2bks6y0YJHq0uaSFjKYcZwB2jjuw7CwXeyF2g6vYspare8rpM68q/E0IYC1
oBymoVBXY5kqV3Hrzcgi/O1Y9y0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSgBfpO
PgrcwMlqvluRQrv3Tc9YBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIyNzA1MGEtYjY4OS00MDA4LTk3NDItOWZiZmM4YmMyNzFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQI
QDANBgkqhkiG9w0BAQsFAAOCAQEAPMUqSWFeP8Tbh5vxYagklmzGNm+eNBzkUeG0
ZE8QL8cYwrP0EqAOcp/zQgdJLnZZ49MGI7X3CWADxLcUtW+ZW3NCKojeeSWWsphk
vsJqZvc1nDaMvldEbM8qCfE+U7XHqf58orxY0+c7KK5itjMzEeuNvMuxXGeVaxnY
cbNtN7TyRrYfBYzLdLWH8tQigLqcaevskxFqWcZKvLiivoOdua+zg1aGCm8SCZ8j
WJh10E734mgGabV8X0O3NE6YUPgpUfqPu+7sWfRgOLL956RrAsPEjk1b9aoOb+yn
Pk8r/DbyVFsFYvf2FB+mGB0Ds4U9dVOfxxwP5r4cidG6JHBojQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:04:06 2025 by rpki-client