Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25549665-200e-473b-9551-c975fa93985e.roa
File: 25549665-200e-473b-9551-c975fa93985e.roa (raw, json)
Hash identifier: d+9qdlT+p5BfoG08AZbS83/xGzAeyMR/0dEH5zKQ090=
Subject key identifier: 2D:67:2B:6C:04:66:11:7C:C5:22:F9:96:EE:1B:3C:58:17:2C:56:9C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 297D8ADA70CD726F89308BC0A827BFF9698B5423
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25549665-200e-473b-9551-c975fa93985e.roa
Signing time: Mon 12 May 2025 16:20:46 +0000
ROA not before: Mon 12 May 2025 16:20:46 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:6000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:7d:8a:da:70:cd:72:6f:89:30:8b:c0:a8:27:bf:f9:69:8b:54:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:46 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=9392bb00c5b14406bf6dd70a4c5892d548f5c90d980530dcccf12c05d8c41a2f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:de:66:ec:4f:d5:19:5a:a6:34:be:2e:72:73:
91:5c:6a:f7:2e:10:db:8b:e8:49:75:7c:5d:92:f6:
5b:d6:58:c3:35:ef:38:21:47:41:9d:b9:3f:1c:41:
f9:ad:e9:bd:80:55:5f:29:1f:83:c1:1a:e0:c6:0f:
8c:ab:c9:54:82:b7:47:6e:9c:86:49:1a:ed:b1:0b:
59:90:ee:0d:6b:9c:dd:e3:d2:f1:b1:85:20:eb:53:
9a:f2:27:c2:ee:c5:2a:13:85:60:8d:e6:6d:d2:47:
a3:e0:52:ee:83:cf:3f:6b:20:a1:f8:9c:35:2d:ec:
be:14:e6:1f:5d:1a:a7:4e:0e:84:e1:cf:8b:27:09:
ce:f5:d4:15:1d:32:c8:93:46:0b:d4:10:7c:00:94:
d4:23:44:02:cd:8a:67:6d:3f:2e:9d:28:7b:43:4d:
ff:c2:88:91:b6:f8:24:bc:30:50:ce:01:06:9c:1b:
b2:8c:68:9b:42:bd:b9:c1:94:bf:ba:b7:61:e1:df:
bc:f0:ad:97:63:61:8e:a6:98:f2:a0:4d:fb:92:26:
2f:06:64:3f:1d:e8:f1:70:2c:99:98:48:b7:88:15:
d1:10:34:a4:11:80:be:0e:c2:cb:88:75:26:ae:cc:
62:63:29:1f:07:f1:86:0d:b6:ad:8e:3c:80:85:1d:
87:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:67:2B:6C:04:66:11:7C:C5:22:F9:96:EE:1B:3C:58:17:2C:56:9C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25549665-200e-473b-9551-c975fa93985e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:6000::/40
Signature Algorithm: sha256WithRSAEncryption
22:3f:58:e9:51:92:62:ca:32:20:dd:62:15:c7:0a:0b:5f:49:
8d:de:f7:e9:ec:3d:93:cd:c0:96:f4:2a:e7:6d:7e:75:40:13:
58:3a:c9:be:33:91:77:8f:8e:e8:27:30:31:89:75:96:84:75:
20:d6:ec:62:1d:5e:50:f6:bc:7d:8d:8c:e6:79:51:b4:19:57:
01:82:9b:ee:ae:8d:47:d0:aa:d8:71:14:8c:b1:8b:65:59:60:
e2:41:ab:a0:5f:60:03:83:c5:6e:30:57:a1:19:db:1a:95:cc:
17:4a:5f:81:68:de:a2:79:f8:27:c8:57:90:1f:36:cd:78:9c:
6e:12:6f:bf:f4:44:3a:00:dc:ff:08:4a:cb:2a:6f:80:3d:a4:
f9:df:86:0e:c1:82:ba:b8:96:dc:ab:dd:a4:62:27:8f:ea:49:
55:d5:c2:8a:32:3a:b0:6e:28:3f:3b:01:9d:1f:cd:1f:90:a5:
f2:bf:c6:d5:8b:80:11:c7:27:ab:be:c4:10:9d:e2:60:cf:67:
0a:a4:40:42:2b:20:63:ff:f9:19:73:34:02:e5:77:4f:c0:85:
d6:83:d9:59:66:35:d9:b1:ff:17:b0:5d:36:be:ff:24:60:9f:
c0:38:9c:95:72:47:03:7f:41:cc:80:c8:95:a5:a0:c8:bc:9d:
5e:5c:b6:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKX2K2nDNcm+JMIvAqCe/+WmLVCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwNDZaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzOTJiYjAwYzViMTQ0MDZiZjZkZDcwYTRjNTg5MmQ1NDhmNWM5MGQ5ODA1
MzBkY2NjZjEyYzA1ZDhjNDFhMmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzeZuxP1RlapjS+LnJzkVxq9y4Q24voSXV8XZL2W9ZYwzXvOCFHQZ25PxxB
+a3pvYBVXykfg8Ea4MYPjKvJVIK3R26chkka7bELWZDuDWuc3ePS8bGFIOtTmvIn
wu7FKhOFYI3mbdJHo+BS7oPPP2sgoficNS3svhTmH10ap04OhOHPiycJzvXUFR0y
yJNGC9QQfACU1CNEAs2KZ20/Lp0oe0NN/8KIkbb4JLwwUM4BBpwbsoxom0K9ucGU
v7q3YeHfvPCtl2NhjqaY8qBN+5ImLwZkPx3o8XAsmZhIt4gV0RA0pBGAvg7Cy4h1
Jq7MYmMpHwfxhg22rY48gIUdh6cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQtZyts
BGYRfMUi+ZbuGzxYFyxWnDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjU1NDk2NjUtMjAwZS00NzNiLTk1NTEtYzk3NWZhOTM5ODVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Ftg
MA0GCSqGSIb3DQEBCwUAA4IBAQAiP1jpUZJiyjIg3WIVxwoLX0mN3vfp7D2TzcCW
9CrnbX51QBNYOsm+M5F3j47oJzAxiXWWhHUg1uxiHV5Q9rx9jYzmeVG0GVcBgpvu
ro1H0KrYcRSMsYtlWWDiQaugX2ADg8VuMFehGdsalcwXSl+BaN6iefgnyFeQHzbN
eJxuEm+/9EQ6ANz/CErLKm+APaT534YOwYK6uJbcq92kYieP6klV1cKKMjqwbig/
OwGdH80fkKXyv8bVi4ARxyervsQQneJgz2cKpEBCKyBj//kZczQC5XdPwIXWg9lZ
ZjXZsf8XsF02vv8kYJ/AOJyVckcDf0HMgMiVpaDIvJ1eXLZl
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:09:03 2025 by rpki-client