Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a5b2678-5fa1-4938-8da0-12d2395c11ee.roa
File: 2a5b2678-5fa1-4938-8da0-12d2395c11ee.roa (raw, json)
Hash identifier: hZpWckDCgZp4iYHB06hFu/xFU0LHBhXjA+TKbefUjyA=
Subject key identifier: 3D:0D:C5:17:8E:65:5C:0B:2E:D1:D4:B9:B5:1B:E7:01:91:F9:82:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 670C3D97CA45B02876D79E955A951808CBE54F15
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a5b2678-5fa1-4938-8da0-12d2395c11ee.roa
Signing time: Mon 12 May 2025 16:20:16 +0000
ROA not before: Mon 12 May 2025 16:20:16 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:4000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:0c:3d:97:ca:45:b0:28:76:d7:9e:95:5a:95:18:08:cb:e5:4f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:16 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=89dd8e13085248dc6e48bb075923c600c0cd0daef7f463960226d57bfe17157c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b4:67:d9:65:49:b7:75:6d:d6:7f:06:e0:cb:
d3:6e:b1:22:2f:27:6a:3d:fb:86:92:1c:87:fe:44:
cb:31:8b:36:4c:26:56:98:8f:90:a2:92:2b:08:7c:
5c:57:c8:b2:75:71:6d:e8:da:2a:e9:d4:7b:0b:60:
fc:a7:4c:5c:bb:92:18:7e:dc:9a:d1:c4:a1:c0:12:
8d:f4:8b:68:65:e1:0d:70:fa:e2:b4:50:96:8a:02:
a4:3b:bc:04:70:42:a5:a2:8c:2c:c6:bb:23:7c:96:
1e:7b:e3:d9:44:42:45:24:ff:96:51:a0:97:4f:29:
f7:e2:a6:b8:97:cc:8b:06:9b:48:61:db:e1:eb:9e:
e7:3f:63:2a:31:11:e9:29:b1:e2:1d:87:b4:cf:38:
d7:c1:ba:ea:45:47:ed:f4:88:a0:f7:8c:06:d5:e2:
2a:b0:20:6e:4a:bb:9f:0d:9a:86:5b:3e:3b:37:d4:
b8:bc:3a:2f:d9:97:1d:2e:52:fe:9e:36:c4:70:77:
e9:c0:59:8e:b4:e2:24:dc:cf:73:32:e3:1e:d1:a9:
7f:16:8f:e9:64:f9:0f:69:b1:af:25:cd:37:41:79:
70:48:9a:c1:e1:aa:cc:d5:2f:6e:8a:0d:a3:6f:f1:
1b:6b:cd:93:86:ce:42:50:a8:ad:8c:dc:de:01:7d:
39:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0D:C5:17:8E:65:5C:0B:2E:D1:D4:B9:B5:1B:E7:01:91:F9:82:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a5b2678-5fa1-4938-8da0-12d2395c11ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:4000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:8f:04:c6:6e:17:da:30:a1:6e:5a:07:ef:1a:ac:5f:79:6e:
b8:9a:4f:ab:0a:21:63:58:5b:1d:91:66:62:9b:75:62:89:89:
2a:10:20:20:15:cc:2b:1c:f1:5a:de:66:e5:e0:ee:08:d7:d3:
54:76:b6:d0:ce:c5:d4:93:02:aa:b9:cd:ee:ed:ea:91:b7:88:
d1:a5:8e:7d:ae:e1:5a:b7:1e:98:fa:1e:0b:07:fd:98:cc:f2:
16:94:3d:9d:15:76:93:66:1b:1a:83:a1:ce:4a:96:92:8c:06:
90:21:a4:c3:a3:ed:5a:5c:cc:0e:d8:e2:88:2f:8f:ad:ce:c8:
45:fe:94:a4:ed:f4:58:76:82:99:24:10:23:fa:23:9d:cc:f3:
e0:51:49:61:f8:c3:de:f1:13:fb:ed:b7:43:60:ba:73:ea:69:
13:81:43:14:1d:12:75:63:ee:6f:ad:49:bb:40:62:f6:3b:d8:
e3:e6:26:52:49:50:6a:39:96:4a:63:69:2e:12:fc:0b:96:a5:
01:a1:3d:1c:9b:a1:e0:fe:c9:cc:07:35:cd:0a:de:8a:64:db:
d2:35:89:5c:af:18:9c:4f:18:64:3e:70:c0:dc:3d:23:93:4f:
5c:9e:af:84:96:d7:8f:d8:e2:a1:e4:e2:56:8e:b8:91:1c:ba:
3e:4c:48:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZww9l8pFsCh2156VWpUYCMvlTxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMTZaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5ZGQ4ZTEzMDg1MjQ4ZGM2ZTQ4YmIwNzU5MjNjNjAwYzBjZDBkYWVmN2Y0
NjM5NjAyMjZkNTdiZmUxNzE1N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+0Z9llSbd1bdZ/BuDL026xIi8naj37hpIch/5EyzGLNkwmVpiPkKKSKwh8
XFfIsnVxbejaKunUewtg/KdMXLuSGH7cmtHEocASjfSLaGXhDXD64rRQlooCpDu8
BHBCpaKMLMa7I3yWHnvj2URCRST/llGgl08p9+KmuJfMiwabSGHb4eue5z9jKjER
6Smx4h2HtM8418G66kVH7fSIoPeMBtXiKrAgbkq7nw2ahls+OzfUuLw6L9mXHS5S
/p42xHB36cBZjrTiJNzPczLjHtGpfxaP6WT5D2mxryXNN0F5cEiaweGqzNUvbooN
o2/xG2vNk4bOQlCorYzc3gF9Of0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9DcUX
jmVcCy7R1Lm1G+cBkfmCazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmE1YjI2NzgtNWZhMS00OTM4LThkYTAtMTJkMjM5NWMxMWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G5A
MA0GCSqGSIb3DQEBCwUAA4IBAQDHjwTGbhfaMKFuWgfvGqxfeW64mk+rCiFjWFsd
kWZim3ViiYkqECAgFcwrHPFa3mbl4O4I19NUdrbQzsXUkwKquc3u7eqRt4jRpY59
ruFatx6Y+h4LB/2YzPIWlD2dFXaTZhsag6HOSpaSjAaQIaTDo+1aXMwO2OKIL4+t
zshF/pSk7fRYdoKZJBAj+iOdzPPgUUlh+MPe8RP77bdDYLpz6mkTgUMUHRJ1Y+5v
rUm7QGL2O9jj5iZSSVBqOZZKY2kuEvwLlqUBoT0cm6Hg/snMBzXNCt6KZNvSNYlc
rxicTxhkPnDA3D0jk09cnq+ElteP2OKh5OJWjriRHLo+TEiO
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:59:19 2025 by rpki-client