Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
File: 1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa (raw, json)
Hash identifier: 6oUVyEKbgkB5Te/wV66YFpzBBtxFxTGxaQXcLwlBVA0=
Subject key identifier: 50:61:EE:3F:1D:30:E0:43:B5:15:26:CC:FA:57:62:1A:4B:10:46:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F7550919050B23FC41DBFBB33EA275618C57571
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
Signing time: Tue 20 May 2025 18:20:52 +0000
ROA not before: Tue 20 May 2025 18:20:52 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c080::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:22:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:75:50:91:90:50:b2:3f:c4:1d:bf:bb:33:ea:27:56:18:c5:75:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:52 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=9995a96007615b83471f16a94c2e56293355143f03b9414f943aadc63fbe7c0d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7a:35:9c:7a:e7:c2:39:57:bc:51:01:ae:bb:
8d:57:ea:a1:c3:36:18:7d:84:5c:a3:06:ad:21:bf:
3a:27:16:59:4e:b5:ac:e1:40:8c:2a:f3:9b:f0:8a:
d1:88:49:7c:86:17:fa:9f:37:46:7f:ce:2d:65:1e:
f7:57:db:40:01:5f:8d:40:ce:a9:b1:ec:70:94:5a:
b9:11:a7:04:fa:24:e8:bc:e8:a2:0a:1d:f9:c9:89:
1a:a7:2f:6b:12:7e:e6:b9:53:3c:61:e0:70:67:80:
4f:a9:fa:15:56:0b:64:78:00:e6:66:16:1d:5a:47:
cb:59:5d:53:6d:39:03:dc:92:09:b2:00:3e:1a:ff:
3c:c8:91:07:36:20:7d:d6:b0:19:ac:b4:0f:cd:30:
46:a2:c9:1d:7e:3d:78:00:9c:91:6a:32:a8:7c:12:
a0:05:f5:07:eb:f6:d3:f1:d9:e6:3e:92:e3:25:4c:
33:49:af:ae:e1:6c:db:61:0d:a2:61:f7:d0:6b:61:
f0:d5:df:6e:fe:3f:0d:f0:0f:fe:d7:00:db:21:73:
79:4b:a0:20:f8:a6:3c:74:60:b6:2b:6d:dd:f4:98:
db:bf:19:ae:da:01:ad:e1:a6:a9:83:00:08:44:a6:
3e:79:84:29:a2:2f:f4:3e:d9:d1:9f:4b:54:1a:f5:
15:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:61:EE:3F:1D:30:E0:43:B5:15:26:CC:FA:57:62:1A:4B:10:46:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ecc8db5-41b6-42fc-9e2e-98540aadd80f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c080::/48
Signature Algorithm: sha256WithRSAEncryption
a6:13:d2:27:18:1e:4b:16:b6:33:db:94:4f:9d:a3:e2:67:44:
e1:bd:2a:32:85:ea:62:2c:2d:b3:f2:eb:4c:b8:55:ab:26:63:
e8:be:19:7d:d4:72:7a:c8:cb:05:8b:76:eb:98:08:40:dd:1f:
57:65:c7:e4:e9:aa:7b:ed:d6:65:e8:a2:2b:cd:21:78:7d:ae:
fa:66:12:50:41:88:af:09:d3:a5:a4:b5:d0:5a:70:e1:71:5f:
a0:13:e9:37:6b:ea:9f:6d:c6:42:eb:ee:e0:9c:bd:02:73:25:
ad:9c:07:8f:74:bf:c0:2a:b2:73:4b:9b:30:13:24:59:cb:14:
7d:de:34:94:05:96:16:e4:60:5d:90:d7:47:d8:36:a4:b2:79:
0d:12:29:76:c2:8b:cc:7f:b1:03:da:81:57:33:1a:4d:4c:d7:
93:8a:76:12:fa:e8:e9:e3:23:64:09:3d:bd:4d:21:04:32:42:
48:90:10:88:c5:9a:bf:b1:ed:53:77:a3:e8:b1:35:61:10:00:
7b:87:0e:4e:49:c8:c2:1c:91:33:0c:f6:ec:d7:69:18:f9:19:
6f:95:c8:e8:36:a0:c4:4d:ea:f9:dc:74:fa:5a:29:5f:0c:54:
a4:9d:0b:b0:df:31:bd:4f:d4:72:e2:59:e4:d5:29:de:f2:40:
1f:f9:d3:db
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUX3VQkZBQsj/EHb+7M+onVhjFdXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwNTJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5OTVhOTYwMDc2MTViODM0NzFmMTZhOTRjMmU1NjI5MzM1NTE0M2YwM2I5
NDE0Zjk0M2FhZGM2M2ZiZTdjMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN56NZx658I5V7xRAa67jVfqocM2GH2EXKMGrSG/OicWWU61rOFAjCrzm/CK
0YhJfIYX+p83Rn/OLWUe91fbQAFfjUDOqbHscJRauRGnBPok6Lzoogod+cmJGqcv
axJ+5rlTPGHgcGeAT6n6FVYLZHgA5mYWHVpHy1ldU205A9ySCbIAPhr/PMiRBzYg
fdawGay0D80wRqLJHX49eACckWoyqHwSoAX1B+v20/HZ5j6S4yVMM0mvruFs22EN
omH30Gth8NXfbv4/DfAP/tcA2yFzeUugIPimPHRgtitt3fSY278ZrtoBreGmqYMA
CESmPnmEKaIv9D7Z0Z9LVBr1FScCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRQYe4/
HTDgQ7UVJsz6V2IaSxBGrDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVjYzhkYjUtNDFiNi00MmZjLTllMmUtOTg1NDBhYWRkODBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTA
gDANBgkqhkiG9w0BAQsFAAOCAQEAphPSJxgeSxa2M9uUT52j4mdE4b0qMoXqYiwt
s/LrTLhVqyZj6L4ZfdRyesjLBYt265gIQN0fV2XH5Omqe+3WZeiiK80heH2u+mYS
UEGIrwnTpaS10Fpw4XFfoBPpN2vqn23GQuvu4Jy9AnMlrZwHj3S/wCqyc0ubMBMk
WcsUfd40lAWWFuRgXZDXR9g2pLJ5DRIpdsKLzH+xA9qBVzMaTUzXk4p2Evro6eMj
ZAk9vU0hBDJCSJAQiMWav7HtU3ej6LE1YRAAe4cOTknIwhyRMwz27NdpGPkZb5XI
6DagxE3q+dx0+lopXwxUpJ0LsN8xvU/UcuJZ5NUp3vJAH/nT2w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:41 2025 by rpki-client