Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/238151b8-1527-4e3f-a1d3-da02d03534a8.roa
File: 238151b8-1527-4e3f-a1d3-da02d03534a8.roa (raw, json)
Hash identifier: 6G+SXgmtCIXzjrrn0aULQS99i8GySr63lwl8nVDD3vA=
Subject key identifier: 3C:2C:B5:51:43:53:15:AB:C2:55:59:8E:29:23:DD:29:C1:47:B8:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C9C19C7B7C2AF6AEB6E65DD3F60D6AC931BF4AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/238151b8-1527-4e3f-a1d3-da02d03534a8.roa
Signing time: Tue 20 May 2025 19:00:59 +0000
ROA not before: Tue 20 May 2025 19:00:59 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:10c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:9c:19:c7:b7:c2:af:6a:eb:6e:65:dd:3f:60:d6:ac:93:1b:f4:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:59 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d2724f5ca99665ea2bd0d242f9865fc83423358318a14f3eb7b90f6c691fa02c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:b7:68:3c:77:4d:96:5c:1e:e4:9a:31:99:8f:
c8:61:6e:95:4a:d8:1d:d6:60:a3:61:1c:b9:88:c6:
d9:34:a2:3c:6c:90:4f:86:ec:1a:5f:b9:02:30:fe:
f8:f7:fe:64:e6:31:89:2c:68:48:d0:52:18:de:82:
7e:04:2f:92:03:d7:69:2a:b3:ca:70:84:7e:a8:ab:
6b:d4:70:4f:f2:82:b9:bd:d0:9d:0d:56:8a:f3:fd:
2e:0b:0c:ce:df:51:61:df:a4:1b:d5:87:e2:49:e3:
f9:d0:4d:f7:b6:45:42:b9:84:d2:23:c0:9f:b7:40:
59:c0:3f:5f:23:50:4a:4e:ef:c5:fd:e4:ea:b1:70:
3d:8a:3a:39:76:d2:ae:b6:0c:71:34:be:51:2c:d1:
94:58:43:2a:6b:eb:15:06:02:40:e1:4d:14:e9:e1:
cf:0f:07:ec:b0:ac:cf:42:70:57:e0:3d:0e:c1:4d:
9f:c1:f9:ac:52:af:06:50:89:80:0d:81:74:5e:ec:
6f:e8:13:c3:e5:99:bb:3a:0e:34:e2:51:1f:19:ab:
ab:e3:35:b5:42:fb:d8:46:9d:41:92:4f:bb:22:86:
56:25:14:66:7f:57:5c:36:bb:6b:fb:97:85:5c:ca:
f1:71:af:cb:f4:6c:02:07:a3:10:eb:d6:5a:9e:16:
7d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:2C:B5:51:43:53:15:AB:C2:55:59:8E:29:23:DD:29:C1:47:B8:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/238151b8-1527-4e3f-a1d3-da02d03534a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
ac:35:9d:98:11:1f:27:1d:a7:4a:f5:4f:4d:8d:ec:8b:38:5b:
e3:36:7b:5f:1b:8d:4a:59:45:a3:32:5f:f6:ca:42:4b:8f:aa:
52:e3:fb:6a:2b:df:05:e6:8b:d2:51:c5:39:f0:dd:1b:89:f1:
02:f5:90:a3:cf:8c:2c:88:3d:57:a8:ce:7d:26:b4:b0:ec:34:
ce:68:3d:46:3b:7d:5d:80:9c:2d:a8:bd:63:04:83:65:cc:94:
55:6c:4d:84:41:79:84:4a:d7:d2:3a:88:4c:35:ed:f0:d2:5f:
56:90:59:29:90:bd:19:24:05:05:78:99:ff:cf:6f:3e:cd:12:
85:60:cc:4a:2c:16:bb:4d:78:11:95:23:11:0c:1e:2a:4f:2d:
33:41:86:90:85:f7:77:09:4a:a1:a1:da:30:94:9f:6e:94:a5:
f7:67:72:52:2d:6a:d4:ce:7f:13:88:d1:43:a3:77:ce:17:a2:
28:ae:16:b6:2b:28:2a:b8:a2:b8:ab:9a:11:57:12:1f:38:51:
ff:65:81:32:1d:de:15:f5:9e:02:dd:45:84:51:6b:72:b6:76:
5a:e3:9d:66:41:88:b1:0a:fc:2b:55:28:17:89:01:6c:70:60:
d9:5f:24:c7:68:1b:ff:1e:09:67:a0:cb:05:55:29:73:8a:bf:
1c:d4:82:ba
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXJwZx7fCr2rrbmXdP2DWrJMb9K0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwNTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyNzI0ZjVjYTk5NjY1ZWEyYmQwZDI0MmY5ODY1ZmM4MzQyMzM1ODMxOGEx
NGYzZWI3YjkwZjZjNjkxZmEwMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOq3aDx3TZZcHuSaMZmPyGFulUrYHdZgo2EcuYjG2TSiPGyQT4bsGl+5AjD+
+Pf+ZOYxiSxoSNBSGN6CfgQvkgPXaSqzynCEfqira9RwT/KCub3QnQ1WivP9LgsM
zt9RYd+kG9WH4knj+dBN97ZFQrmE0iPAn7dAWcA/XyNQSk7vxf3k6rFwPYo6OXbS
rrYMcTS+USzRlFhDKmvrFQYCQOFNFOnhzw8H7LCsz0JwV+A9DsFNn8H5rFKvBlCJ
gA2BdF7sb+gTw+WZuzoONOJRHxmrq+M1tUL72EadQZJPuyKGViUUZn9XXDa7a/uX
hVzK8XGvy/RsAgejEOvWWp4WfUkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ8LLVR
Q1MVq8JVWY4pI90pwUe4KDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjM4MTUxYjgtMTUyNy00ZTNmLWExZDMtZGEwMmQwMzUzNGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQQ
wDANBgkqhkiG9w0BAQsFAAOCAQEArDWdmBEfJx2nSvVPTY3sizhb4zZ7XxuNSllF
ozJf9spCS4+qUuP7aivfBeaL0lHFOfDdG4nxAvWQo8+MLIg9V6jOfSa0sOw0zmg9
Rjt9XYCcLai9YwSDZcyUVWxNhEF5hErX0jqITDXt8NJfVpBZKZC9GSQFBXiZ/89v
Ps0ShWDMSiwWu014EZUjEQweKk8tM0GGkIX3dwlKoaHaMJSfbpSl92dyUi1q1M5/
E4jRQ6N3zheiKK4WtisoKriiuKuaEVcSHzhR/2WBMh3eFfWeAt1FhFFrcrZ2WuOd
ZkGIsQr8K1UoF4kBbHBg2V8kx2gb/x4JZ6DLBVUpc4q/HNSCug==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:35 2025 by rpki-client