Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23514bfa-3f26-4364-92b0-0fa30aef5665.roa
File: 23514bfa-3f26-4364-92b0-0fa30aef5665.roa (raw, json)
Hash identifier: fRE6kOYK/QlsDEHrpX1UNnYnQrdEJ9df82tDjqWpeFg=
Subject key identifier: 67:1E:70:55:75:C0:E2:DC:2E:53:CF:96:FA:0E:64:2F:A4:F1:B4:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 49DC8A88FE4CBD5294FDC6EF988D950428F6938F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23514bfa-3f26-4364-92b0-0fa30aef5665.roa
Signing time: Thu 22 May 2025 01:22:28 +0000
ROA not before: Thu 22 May 2025 01:22:28 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:6080::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:dc:8a:88:fe:4c:bd:52:94:fd:c6:ef:98:8d:95:04:28:f6:93:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:28 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=43798f7cbfe89cd1ce14c15fff3fe4d77fff6648a96147884f6eeaabdb57f576, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e7:a3:bf:84:ef:c6:bf:db:4e:3f:45:3c:5a:
39:71:c6:43:8f:ad:67:34:f6:92:fa:87:64:89:f6:
f3:b3:1c:61:48:34:df:d8:8e:70:52:5b:4c:8f:57:
bc:a3:ba:64:c9:34:0c:34:7b:de:a6:6a:c6:66:26:
75:3f:38:9f:69:40:af:25:a5:be:d9:e4:7a:f7:9a:
28:9c:c1:58:7a:4b:49:ff:41:28:9c:2a:7f:b3:31:
28:f3:a0:09:20:35:7f:73:de:96:f6:d3:dd:63:c1:
f8:4d:8b:66:64:77:ed:d4:c3:a6:1c:ae:d5:24:62:
87:d9:34:1e:60:90:05:a4:74:f1:86:a0:a1:cc:14:
26:22:62:c4:b0:83:0c:18:f0:8f:e6:0b:9d:8f:04:
99:3a:8e:38:82:f0:68:4e:8b:0c:86:7a:9c:d4:03:
3b:70:78:a7:34:e5:6a:7a:5a:79:12:a8:77:76:ff:
40:80:84:32:62:cf:79:05:15:6c:4b:23:03:0d:09:
a0:c7:26:b2:39:e1:db:83:36:04:32:39:fc:97:14:
31:69:cd:10:1b:c0:80:f5:0d:cd:b5:93:35:f6:f8:
3c:31:15:b9:be:d0:3d:78:96:42:18:f3:fc:c5:26:
42:fb:db:2a:b5:2d:5b:d7:c1:d7:2d:67:10:d8:32:
7e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1E:70:55:75:C0:E2:DC:2E:53:CF:96:FA:0E:64:2F:A4:F1:B4:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23514bfa-3f26-4364-92b0-0fa30aef5665.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:6080::/48
Signature Algorithm: sha256WithRSAEncryption
41:03:10:a3:f6:d5:2b:f8:04:85:14:36:4b:99:5b:2b:02:40:
c4:98:07:d2:9f:cd:c4:5c:b1:62:e8:71:f0:37:69:f5:45:2a:
2c:65:56:76:06:ff:e6:6c:1b:aa:9e:ee:b5:fe:91:dd:95:a7:
78:97:97:1a:39:20:e1:02:72:d3:57:41:a0:6b:d2:b6:ff:45:
d5:9d:b0:00:03:43:09:1a:49:b7:5e:d9:21:69:1f:e2:3c:96:
a4:fa:2e:8a:40:ba:ed:bb:13:6a:1c:14:e3:8a:24:9e:ab:95:
6b:0f:11:fe:ef:c1:8c:11:f8:86:ba:03:ee:2f:a5:47:4c:22:
0a:22:8d:13:4b:f9:aa:78:e5:b0:15:65:6d:7f:1b:cc:02:8d:
3c:93:0c:f6:c1:b7:4b:0d:dc:3d:52:da:eb:08:33:79:31:77:
74:c4:af:1d:39:c7:d4:6d:14:80:cb:d3:62:a5:00:c1:81:75:
46:4e:f9:51:a9:1e:34:96:f2:08:30:67:42:79:ce:60:12:8a:
4f:79:c5:8c:a4:5b:94:00:3d:58:09:0b:2a:5f:f5:6b:29:9f:
80:58:c0:d7:3d:39:1c:5f:87:23:b7:4a:2b:81:1f:df:26:79:
15:9d:bf:f9:cb:72:31:c2:98:a7:31:56:98:38:19:42:ab:62:
6a:8e:f7:ac
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSdyKiP5MvVKU/cbvmI2VBCj2k48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMjhaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzNzk4ZjdjYmZlODljZDFjZTE0YzE1ZmZmM2ZlNGQ3N2ZmZjY2NDhhOTYx
NDc4ODRmNmVlYWFiZGI1N2Y1NzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfno7+E78a/204/RTxaOXHGQ4+tZzT2kvqHZIn287McYUg039iOcFJbTI9X
vKO6ZMk0DDR73qZqxmYmdT84n2lAryWlvtnkeveaKJzBWHpLSf9BKJwqf7MxKPOg
CSA1f3PelvbT3WPB+E2LZmR37dTDphyu1SRih9k0HmCQBaR08YagocwUJiJixLCD
DBjwj+YLnY8EmTqOOILwaE6LDIZ6nNQDO3B4pzTlanpaeRKod3b/QICEMmLPeQUV
bEsjAw0JoMcmsjnh24M2BDI5/JcUMWnNEBvAgPUNzbWTNfb4PDEVub7QPXiWQhjz
/MUmQvvbKrUtW9fB1y1nENgyfncCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRnHnBV
dcDi3C5Tz5b6DmQvpPG0RDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjM1MTRiZmEtM2YyNi00MzY0LTkyYjAtMGZhMzBhZWY1NjY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Flg
gDANBgkqhkiG9w0BAQsFAAOCAQEAQQMQo/bVK/gEhRQ2S5lbKwJAxJgH0p/NxFyx
Yuhx8Ddp9UUqLGVWdgb/5mwbqp7utf6R3ZWneJeXGjkg4QJy01dBoGvStv9F1Z2w
AANDCRpJt17ZIWkf4jyWpPouikC67bsTahwU44oknquVaw8R/u/BjBH4hroD7i+l
R0wiCiKNE0v5qnjlsBVlbX8bzAKNPJMM9sG3Sw3cPVLa6wgzeTF3dMSvHTnH1G0U
gMvTYqUAwYF1Rk75UakeNJbyCDBnQnnOYBKKT3nFjKRblAA9WAkLKl/1aymfgFjA
1z05HF+HI7dKK4Ef3yZ5FZ2/+ctyMcKYpzFWmDgZQqtiao73rA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:37 2025 by rpki-client