Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ad80ae6-718d-4331-bc0a-ad31510cfa0f.roa
File: 2ad80ae6-718d-4331-bc0a-ad31510cfa0f.roa (raw, json)
Hash identifier: lvoSurdeWf+Cd+DujoX9VqiGie9DYNWYm6kdGHRsGjg=
Subject key identifier: 76:D9:4E:FF:2E:06:AA:8C:8E:76:0A:C0:64:DD:1D:FC:B1:89:6E:41
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2EEFB4EF6FBA75A0DD00EDC7F4CC7963DD16A475
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ad80ae6-718d-4331-bc0a-ad31510cfa0f.roa
Signing time: Tue 20 May 2025 19:00:13 +0000
ROA not before: Tue 20 May 2025 19:00:13 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:c040::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:22:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:ef:b4:ef:6f:ba:75:a0:dd:00:ed:c7:f4:cc:79:63:dd:16:a4:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:13 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b30675ffb7aec28bd285d97d0b262394a9068ae8dc4258b539255e643c06d8d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:91:08:5a:c5:7f:58:c9:5a:36:f1:1e:c9:b3:
78:33:00:8a:64:0e:09:5e:dc:80:57:ed:60:a2:78:
ff:8b:0b:61:cb:28:dd:dd:cf:86:e4:d0:f3:81:1b:
09:69:be:03:8b:70:73:2e:61:e0:8f:9f:46:df:c0:
24:32:00:20:70:8f:da:a4:51:ae:5b:c5:49:27:fb:
82:f9:44:e1:d6:1a:42:43:a6:e3:3c:d8:56:ec:b5:
8b:eb:b2:b0:e4:a2:21:73:0a:f3:98:59:ba:59:8a:
ce:6e:23:a3:1f:9f:08:76:57:1d:32:1c:a9:99:0c:
3e:94:58:d5:91:6c:4e:c6:34:9a:dd:8e:1b:26:a8:
94:1c:22:65:5f:2f:78:cf:0a:63:f6:c2:f7:4a:5a:
90:6f:f2:2e:dd:f5:2f:34:cc:e2:07:57:b4:18:08:
10:a7:aa:2a:a0:6d:fd:a2:c5:86:dd:fd:86:27:12:
e6:3e:14:6b:e7:ec:29:5a:db:dc:69:35:e0:8f:a1:
71:9b:ad:59:28:89:40:31:71:ea:b5:07:0d:b2:24:
c2:ed:f4:4b:2a:7b:a3:e2:ba:b4:1e:4c:8b:29:7e:
32:0b:ee:6f:8d:6a:16:97:19:6d:33:93:07:d0:10:
88:a1:a0:8d:d9:ca:1f:bd:ab:67:60:23:96:7b:5b:
80:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D9:4E:FF:2E:06:AA:8C:8E:76:0A:C0:64:DD:1D:FC:B1:89:6E:41
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ad80ae6-718d-4331-bc0a-ad31510cfa0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:c040::/48
Signature Algorithm: sha256WithRSAEncryption
49:e5:24:dd:34:04:d6:08:c4:b8:de:4e:d9:70:1b:82:4e:3a:
d7:49:8a:37:b1:6c:34:9c:ec:39:9b:a3:72:19:ee:70:61:b5:
ff:b1:71:ec:79:5e:97:bd:24:bb:41:70:a6:a9:a2:b7:87:f4:
b0:7c:4e:f3:d6:78:24:f6:ad:d0:3c:08:80:16:5b:e6:8c:3b:
d2:81:ce:4e:b5:5c:d8:b2:4c:29:44:d1:34:03:e2:2f:08:39:
f3:49:50:27:bd:a4:88:be:00:ea:97:cd:9f:53:c1:32:4b:f5:
e9:67:16:a1:8c:16:43:87:7e:6f:98:bb:bc:a7:d4:12:a9:a7:
ec:52:f1:84:59:63:92:bf:a5:3e:73:27:09:df:3f:82:09:c6:
2a:3f:be:6e:ad:12:75:39:cd:17:f9:a4:16:03:53:0f:27:1e:
85:39:2b:fd:ea:14:cf:30:82:a5:d1:9a:d1:37:ae:6f:05:9b:
4b:40:9d:39:51:c0:40:a5:39:6a:76:84:e6:3d:cd:ec:82:d5:
57:7a:70:01:4c:b6:ee:7d:58:54:c8:fc:bd:da:74:7f:f6:ee:
48:77:92:85:45:e4:2d:67:a0:ba:d0:ce:b4:fe:75:6f:28:48:
04:fc:98:0c:a8:52:30:b8:00:f8:c3:52:89:7e:9a:d8:b7:5a:
f1:8e:a3:aa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULu+072+6daDdAO3H9Mx5Y90WpHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwMTNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzMDY3NWZmYjdhZWMyOGJkMjg1ZDk3ZDBiMjYyMzk0YTkwNjhhZThkYzQy
NThiNTM5MjU1ZTY0M2MwNmQ4ZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMORCFrFf1jJWjbxHsmzeDMAimQOCV7cgFftYKJ4/4sLYcso3d3PhuTQ84Eb
CWm+A4twcy5h4I+fRt/AJDIAIHCP2qRRrlvFSSf7gvlE4dYaQkOm4zzYVuy1i+uy
sOSiIXMK85hZulmKzm4jox+fCHZXHTIcqZkMPpRY1ZFsTsY0mt2OGyaolBwiZV8v
eM8KY/bC90pakG/yLt31LzTM4gdXtBgIEKeqKqBt/aLFht39hicS5j4Ua+fsKVrb
3Gk14I+hcZutWSiJQDFx6rUHDbIkwu30Syp7o+K6tB5Miyl+Mgvub41qFpcZbTOT
B9AQiKGgjdnKH72rZ2AjlntbgEUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR22U7/
LgaqjI52CsBk3R38sYluQTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmFkODBhZTYtNzE4ZC00MzMxLWJjMGEtYWQzMTUxMGNmYTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HTA
QDANBgkqhkiG9w0BAQsFAAOCAQEASeUk3TQE1gjEuN5O2XAbgk4610mKN7FsNJzs
OZujchnucGG1/7Fx7Hlel70ku0Fwpqmit4f0sHxO89Z4JPat0DwIgBZb5ow70oHO
TrVc2LJMKUTRNAPiLwg580lQJ72kiL4A6pfNn1PBMkv16WcWoYwWQ4d+b5i7vKfU
Eqmn7FLxhFljkr+lPnMnCd8/ggnGKj++bq0SdTnNF/mkFgNTDycehTkr/eoUzzCC
pdGa0TeubwWbS0CdOVHAQKU5anaE5j3N7ILVV3pwAUy27n1YVMj8vdp0f/buSHeS
hUXkLWegutDOtP51byhIBPyYDKhSMLgA+MNSiX6a2Lda8Y6jqg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:07 2025 by rpki-client