Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24fbce39-e1a6-41e1-b748-a2b2ffe4e457.roa
File: 24fbce39-e1a6-41e1-b748-a2b2ffe4e457.roa (raw, json)
Hash identifier: zQsbg/jFa1ehpXOmLLigJlMYw7aNSyg8/5xlDENhWz8=
Subject key identifier: 16:04:62:36:F2:B6:DD:B7:AE:0B:BC:B1:CB:04:4F:C1:59:7A:58:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E2F421A163B1B40D99FADFFDF46BC33B0365E62
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24fbce39-e1a6-41e1-b748-a2b2ffe4e457.roa
Signing time: Mon 12 May 2025 16:20:19 +0000
ROA not before: Mon 12 May 2025 16:20:19 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:8000::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:2f:42:1a:16:3b:1b:40:d9:9f:ad:ff:df:46:bc:33:b0:36:5e:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:19 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=6f3c46f7b61f9ffbffdb991209669ef74071409635063c4439d772e3cedb5554, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cf:54:9e:33:bf:07:f3:7b:3e:88:25:dc:64:
51:a4:eb:f7:d3:e4:af:70:1f:ae:0e:47:20:d1:47:
84:0b:9f:2c:be:7d:cc:4d:71:b7:14:cd:87:57:00:
eb:a8:9f:6b:e0:e2:29:e9:5c:e1:8b:dc:27:cc:1c:
03:52:22:d6:80:ce:c0:fe:dc:4b:f5:4d:98:18:27:
c9:34:91:b1:91:a3:28:b3:86:df:51:ca:e0:bd:99:
ca:0a:54:2e:21:8d:bd:45:7c:21:98:71:b1:f3:25:
74:d6:68:a3:0b:cb:7b:3f:79:8a:4b:9c:20:59:ac:
96:2b:84:f3:79:fa:c1:98:14:39:0d:44:4d:f6:23:
25:f5:18:ab:d2:5d:73:89:d5:f0:e6:6c:98:e7:a0:
d2:c2:56:aa:05:a8:80:f2:bd:19:38:a1:1d:93:fc:
1e:d2:3a:e0:59:e0:bd:ff:aa:8e:c2:5e:c3:33:41:
9f:14:30:52:07:71:97:0a:5b:8e:b2:21:bb:0d:2f:
2d:3a:b2:2f:5d:02:eb:a1:db:80:a5:4e:26:91:d3:
92:ca:c3:f9:ef:c8:5e:4c:0a:a9:97:85:de:cb:ac:
6c:99:2e:aa:36:d7:2c:b6:71:ab:75:19:dc:ca:46:
f8:02:09:3d:20:32:04:ea:79:92:aa:81:16:37:af:
da:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:04:62:36:F2:B6:DD:B7:AE:0B:BC:B1:CB:04:4F:C1:59:7A:58:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/24fbce39-e1a6-41e1-b748-a2b2ffe4e457.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:8000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:07:5a:72:44:be:13:81:49:85:28:1a:3e:23:cf:0a:54:fc:
f8:2c:3b:13:a6:80:c4:ee:62:61:ed:4a:29:1b:59:c8:49:96:
cf:26:ea:91:50:a1:0f:2c:df:4b:f2:78:c1:15:97:54:18:66:
c8:25:ad:73:6d:c9:ea:3b:6b:c9:34:de:ee:f8:3b:35:76:36:
5f:12:79:97:d8:60:c1:87:70:41:c5:1f:27:ae:78:08:89:f1:
a6:05:48:a5:c6:c3:96:ac:d8:e6:12:be:6c:a3:26:85:a6:8f:
25:5f:8f:de:e5:53:f1:4b:27:ac:6a:d0:f3:0f:13:87:34:bb:
50:13:ed:0a:7b:53:a2:62:dd:a1:21:58:df:ce:46:bc:36:de:
e6:5f:aa:14:1c:57:b4:68:df:df:f4:3e:1e:c4:dd:c9:25:4a:
8a:25:83:e8:45:95:34:79:c4:0c:eb:0f:c4:6c:7d:05:05:d9:
47:60:83:cf:bc:a0:10:c2:7b:77:37:c6:df:cc:b2:03:65:99:
83:e0:1c:14:1a:ba:87:e8:9c:df:0d:c5:d3:36:ee:cb:d6:6b:
36:53:45:a5:c3:7f:c5:c8:4f:6d:37:dc:87:68:20:80:d4:c3:
5b:17:94:90:d5:09:dd:e0:ea:b2:fe:cc:f1:96:78:4c:35:6b:
12:7f:2a:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfi9CGhY7G0DZn63/30a8M7A2XmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMTlaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmM2M0NmY3YjYxZjlmZmJmZmRiOTkxMjA5NjY5ZWY3NDA3MTQwOTYzNTA2
M2M0NDM5ZDc3MmUzY2VkYjU1NTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbPVJ4zvwfzez6IJdxkUaTr99Pkr3Afrg5HINFHhAufLL59zE1xtxTNh1cA
66ifa+DiKelc4YvcJ8wcA1Ii1oDOwP7cS/VNmBgnyTSRsZGjKLOG31HK4L2ZygpU
LiGNvUV8IZhxsfMldNZoowvLez95ikucIFmsliuE83n6wZgUOQ1ETfYjJfUYq9Jd
c4nV8OZsmOeg0sJWqgWogPK9GTihHZP8HtI64Fngvf+qjsJewzNBnxQwUgdxlwpb
jrIhuw0vLTqyL10C66HbgKVOJpHTksrD+e/IXkwKqZeF3susbJkuqjbXLLZxq3UZ
3MpG+AIJPSAyBOp5kqqBFjev2ikCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWBGI2
8rbdt64LvLHLBE/BWXpYUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjRmYmNlMzktZTFhNi00MWUxLWI3NDgtYTJiMmZmZTRlNDU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FuA
MA0GCSqGSIb3DQEBCwUAA4IBAQAaB1pyRL4TgUmFKBo+I88KVPz4LDsTpoDE7mJh
7UopG1nISZbPJuqRUKEPLN9L8njBFZdUGGbIJa1zbcnqO2vJNN7u+Ds1djZfEnmX
2GDBh3BBxR8nrngIifGmBUilxsOWrNjmEr5soyaFpo8lX4/e5VPxSyesatDzDxOH
NLtQE+0Ke1OiYt2hIVjfzka8Nt7mX6oUHFe0aN/f9D4exN3JJUqKJYPoRZU0ecQM
6w/EbH0FBdlHYIPPvKAQwnt3N8bfzLIDZZmD4BwUGrqH6JzfDcXTNu7L1ms2U0Wl
w3/FyE9tN9yHaCCA1MNbF5SQ1Qnd4Oqy/szxlnhMNWsSfyoQ
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:43 2025 by rpki-client