Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8369e3-7a1d-4e37-8db7-c71339526d79.roa
File: 2e8369e3-7a1d-4e37-8db7-c71339526d79.roa (raw, json)
Hash identifier: WCMld0SLeEg7EQKonWncWjPGZe2B2YEBH9frk0DRQsA=
Subject key identifier: 35:50:26:E5:8C:08:42:9F:7A:F8:DE:46:BD:20:AE:4E:94:21:84:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4AEC651F580AE797558E6D337FAD71E4AC22DEE7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8369e3-7a1d-4e37-8db7-c71339526d79.roa
Signing time: Tue 20 May 2025 19:10:41 +0000
ROA not before: Tue 20 May 2025 19:10:41 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:6000::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:ec:65:1f:58:0a:e7:97:55:8e:6d:33:7f:ad:71:e4:ac:22:de:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:10:41 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ca4c40dec0951e26ad3bd32d2bb4234edeb487f5114a45de18f63d4b9cf086f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f5:06:98:97:a2:1f:fe:a7:97:38:f0:ff:6f:
a5:c1:66:41:6c:3f:3d:a1:47:e5:aa:f2:f7:9f:4d:
f9:73:11:21:85:ba:f0:61:3e:55:ad:b1:bb:fc:17:
94:58:d1:34:27:4c:2e:72:2b:e2:f0:62:90:a6:6c:
1f:7e:50:cb:79:49:86:83:97:5e:e3:26:d6:87:23:
73:4d:09:f0:09:8f:96:a8:62:24:ff:38:7d:a8:7d:
4d:bd:75:cc:e1:56:7c:b7:ce:42:2c:a0:64:4f:de:
51:43:07:24:52:22:d5:75:92:e8:f8:cc:9a:90:e5:
7c:8a:e9:0a:9b:f0:2a:14:8f:8f:cf:a9:c0:14:9e:
72:57:c1:3e:18:4e:c3:ed:51:7c:d4:a4:9b:4b:a5:
be:27:4b:55:22:8d:d2:ed:00:cf:4d:c8:8e:63:26:
e6:12:ce:98:0c:45:7b:90:35:68:d0:d1:16:27:1f:
c9:fa:c5:e4:55:22:72:b0:00:98:99:76:e3:3b:93:
eb:73:2f:7e:6c:03:55:65:75:12:ad:a0:c2:5d:45:
25:f9:7f:31:83:71:f5:67:61:77:09:bf:9a:96:04:
1a:eb:a6:8d:3c:e2:18:01:79:b5:7a:bd:53:cb:a3:
bb:3f:a5:27:ae:00:ce:85:a6:ad:21:1f:af:b0:5c:
fc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:50:26:E5:8C:08:42:9F:7A:F8:DE:46:BD:20:AE:4E:94:21:84:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8369e3-7a1d-4e37-8db7-c71339526d79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a3:32:6a:1d:77:9a:88:43:37:80:2c:1f:46:a9:6c:72:9d:07:
df:a5:1d:bb:8d:27:ba:f0:e4:31:f8:07:52:cc:94:46:cd:85:
7a:91:68:74:94:81:dd:ea:5d:e5:84:55:89:b5:82:04:62:65:
fb:6d:7c:dd:e7:4c:8c:1b:54:2f:aa:14:46:1c:1c:de:2c:da:
75:d9:08:c5:73:f1:d7:27:5d:cf:ba:59:23:86:8f:73:c4:5a:
34:cf:fb:10:72:03:bb:a3:29:d6:59:3c:fc:ec:49:26:a3:91:
af:6a:f9:12:cf:c7:a9:c4:84:69:fe:76:b8:0f:36:22:29:37:
8e:04:cc:ab:53:4a:bd:d7:ed:88:29:b5:2e:13:a6:e9:57:b7:
3f:4d:f1:75:36:0e:07:7a:d3:78:33:b1:ea:9c:e7:63:a3:a4:
74:26:27:06:f6:62:c9:c0:95:90:03:40:11:e7:42:c9:f0:6c:
75:42:8c:7b:02:e3:93:98:2a:c4:d9:aa:09:49:e9:61:1c:3c:
60:07:7e:02:36:43:99:2f:45:8e:80:d5:c5:10:8e:3e:bd:64:
e6:8b:4d:76:bd:f5:f9:aa:90:43:c1:05:ac:35:80:81:ac:45:
24:d3:02:ae:30:38:70:65:03:f3:21:23:54:84:33:da:ea:9b:
58:d5:de:88
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSuxlH1gK55dVjm0zf61x5Kwi3ucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTEwNDFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhNGM0MGRlYzA5NTFlMjZhZDNiZDMyZDJiYjQyMzRlZGViNDg3ZjUxMTRh
NDVkZTE4ZjYzZDRiOWNmMDg2ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIv1BpiXoh/+p5c48P9vpcFmQWw/PaFH5ary959N+XMRIYW68GE+Va2xu/wX
lFjRNCdMLnIr4vBikKZsH35Qy3lJhoOXXuMm1ocjc00J8AmPlqhiJP84fah9Tb11
zOFWfLfOQiygZE/eUUMHJFIi1XWS6PjMmpDlfIrpCpvwKhSPj8+pwBSeclfBPhhO
w+1RfNSkm0ulvidLVSKN0u0Az03IjmMm5hLOmAxFe5A1aNDRFicfyfrF5FUicrAA
mJl24zuT63MvfmwDVWV1Eq2gwl1FJfl/MYNx9Wdhdwm/mpYEGuumjTziGAF5tXq9
U8ujuz+lJ64AzoWmrSEfr7Bc/GsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1UCbl
jAhCn3r43ka9IK5OlCGEiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmU4MzY5ZTMtN2ExZC00ZTM3LThkYjctYzcxMzM5NTI2ZDc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRg
MA0GCSqGSIb3DQEBCwUAA4IBAQCjMmodd5qIQzeALB9GqWxynQffpR27jSe68OQx
+AdSzJRGzYV6kWh0lIHd6l3lhFWJtYIEYmX7bXzd50yMG1QvqhRGHBzeLNp12QjF
c/HXJ13Pulkjho9zxFo0z/sQcgO7oynWWTz87Ekmo5GvavkSz8epxIRp/na4DzYi
KTeOBMyrU0q91+2IKbUuE6bpV7c/TfF1Ng4HetN4M7HqnOdjo6R0JicG9mLJwJWQ
A0AR50LJ8Gx1Qox7AuOTmCrE2aoJSelhHDxgB34CNkOZL0WOgNXFEI4+vWTmi012
vfX5qpBDwQWsNYCBrEUk0wKuMDhwZQPzISNUhDPa6ptY1d6I
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:00:18 2025 by rpki-client