Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/13f72f71-4de3-4393-8780-fc36160a7882.roa
File: 13f72f71-4de3-4393-8780-fc36160a7882.roa (raw, json)
Hash identifier: HJf5SBfOOzwIphPXknUDrnGV3q/xRWJIeL7t+GUdR7M=
Subject key identifier: 5D:E9:D1:7A:15:AF:41:4B:F2:BF:AF:77:DC:93:D3:10:AD:9E:8F:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5A76F864DADFB86D0BD96A7722DC5687440C962A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/13f72f71-4de3-4393-8780-fc36160a7882.roa
Signing time: Thu 22 May 2025 01:23:55 +0000
ROA not before: Thu 22 May 2025 01:23:55 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:60c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:76:f8:64:da:df:b8:6d:0b:d9:6a:77:22:dc:56:87:44:0c:96:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:23:55 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=b5ff1cb132a2980281013b8971ff7036f4dca28c915c1105ac3f2edba9678c07, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:35:ab:41:82:37:70:18:24:2c:26:51:4f:8d:
56:1e:cf:ee:74:e0:c4:2e:4c:1a:cc:58:1b:d1:31:
89:72:73:54:f2:12:86:7b:a4:29:e3:9e:04:9e:93:
99:d3:51:cb:fb:b4:7e:ed:87:b0:5d:9c:51:fa:6f:
8e:ee:87:47:36:f7:69:31:84:02:93:bf:df:94:79:
38:f7:19:91:68:b1:28:99:71:d1:17:fb:5f:23:c7:
f8:e4:05:ed:9b:75:53:9b:ee:43:04:51:46:36:65:
b5:77:40:7a:10:17:33:fd:b4:fe:68:02:c5:f2:65:
8a:be:ad:66:81:b2:74:71:5e:5d:0c:19:b2:5f:95:
74:91:7e:3d:f2:6c:a2:a7:6a:cb:d5:ee:22:a5:14:
20:68:b5:43:66:18:06:cc:8c:bd:97:a4:a3:a6:f5:
bd:9e:43:5d:2b:37:d7:7e:b6:ec:a5:51:4c:67:1f:
89:96:7d:cb:a2:29:e8:2c:e4:ee:95:56:ca:bc:64:
3c:07:b6:4f:aa:9c:67:6a:b8:50:d1:5a:d4:97:46:
57:01:80:6b:3d:e6:01:3b:63:e0:26:87:53:15:47:
96:e9:4c:9d:4e:06:30:8c:c1:e9:ee:ac:aa:fd:84:
5b:8b:87:d4:b7:51:22:18:2c:f6:ec:65:15:d1:5b:
7a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E9:D1:7A:15:AF:41:4B:F2:BF:AF:77:DC:93:D3:10:AD:9E:8F:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/13f72f71-4de3-4393-8780-fc36160a7882.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
7f:30:27:9c:5b:b2:9e:96:43:04:30:8b:02:1f:1f:9b:a9:19:
da:b5:da:50:a0:14:72:ce:49:df:e4:7c:8c:f8:a3:59:fc:1e:
96:6a:4b:86:0a:1f:ca:1a:0e:12:04:6d:3a:9d:a7:0e:2c:01:
af:a9:7c:95:3e:ee:31:c2:b8:b6:ee:39:6e:84:b5:95:88:23:
a1:25:ec:16:08:84:d3:e2:bb:ac:36:5e:03:b4:c6:11:cd:16:
a0:da:f6:69:3d:00:c8:51:b6:f7:f1:ea:3c:ab:e5:db:9e:36:
51:63:9f:7a:63:d7:f2:25:b7:cb:d9:33:24:e5:58:20:8f:45:
c8:8e:c6:61:71:23:d5:a7:e9:84:47:db:8e:8b:8d:37:1c:8c:
b6:e3:fc:ad:68:ef:d4:15:fa:33:94:da:21:69:59:e5:8b:e6:
13:31:62:dc:39:39:85:92:d5:6c:d0:44:ac:26:63:cc:ad:a6:
fb:ce:60:4c:12:cf:21:71:61:c0:b7:4e:d2:82:02:d9:c4:75:
9a:d4:45:95:23:e5:38:dc:7c:4c:de:11:aa:64:94:f2:d0:8d:
33:e4:46:c3:f2:53:76:39:c6:35:d7:23:5e:c4:5b:df:5a:da:
c2:f9:6f:22:5b:2c:f3:33:97:66:2a:fa:78:9f:63:89:f4:a8:
70:fc:99:2a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWnb4ZNrfuG0L2Wp3ItxWh0QMliowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIzNTVaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1ZmYxY2IxMzJhMjk4MDI4MTAxM2I4OTcxZmY3MDM2ZjRkY2EyOGM5MTVj
MTEwNWFjM2YyZWRiYTk2NzhjMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJY1q0GCN3AYJCwmUU+NVh7P7nTgxC5MGsxYG9ExiXJzVPIShnukKeOeBJ6T
mdNRy/u0fu2HsF2cUfpvju6HRzb3aTGEApO/35R5OPcZkWixKJlx0Rf7XyPH+OQF
7Zt1U5vuQwRRRjZltXdAehAXM/20/mgCxfJlir6tZoGydHFeXQwZsl+VdJF+PfJs
oqdqy9XuIqUUIGi1Q2YYBsyMvZeko6b1vZ5DXSs313627KVRTGcfiZZ9y6Ip6Czk
7pVWyrxkPAe2T6qcZ2q4UNFa1JdGVwGAaz3mATtj4CaHUxVHlulMnU4GMIzB6e6s
qv2EW4uH1LdRIhgs9uxlFdFbei0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRd6dF6
Fa9BS/K/r3fck9MQrZ6P4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTNmNzJmNzEtNGRlMy00MzkzLTg3ODAtZmMzNjE2MGE3ODgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Flg
wDANBgkqhkiG9w0BAQsFAAOCAQEAfzAnnFuynpZDBDCLAh8fm6kZ2rXaUKAUcs5J
3+R8jPijWfwelmpLhgofyhoOEgRtOp2nDiwBr6l8lT7uMcK4tu45boS1lYgjoSXs
FgiE0+K7rDZeA7TGEc0WoNr2aT0AyFG29/HqPKvl2542UWOfemPX8iW3y9kzJOVY
II9FyI7GYXEj1afphEfbjouNNxyMtuP8rWjv1BX6M5TaIWlZ5YvmEzFi3Dk5hZLV
bNBErCZjzK2m+85gTBLPIXFhwLdO0oIC2cR1mtRFlSPlONx8TN4RqmSU8tCNM+RG
w/JTdjnGNdcjXsRb31rawvlvIlss8zOXZir6eJ9jifSocPyZKg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:09:16 2025 by rpki-client