Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33d7d0d8-ed13-4bde-b4f6-2b6730ba5d51.roa
File: 33d7d0d8-ed13-4bde-b4f6-2b6730ba5d51.roa (raw, json)
Hash identifier: 05sqq7EjF7ibEGr4I6rHlCMkbUOIaaglLuqkn4NViqI=
Subject key identifier: 57:FC:0D:61:7F:A4:8A:37:8D:6B:2E:28:64:0E:92:D7:A0:CA:50:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CD4C8EC2181BF1FB7CD99DE7915BB95C3B332D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33d7d0d8-ed13-4bde-b4f6-2b6730ba5d51.roa
Signing time: Fri 16 May 2025 17:30:22 +0000
ROA not before: Fri 16 May 2025 17:30:22 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:800::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:d4:c8:ec:21:81:bf:1f:b7:cd:99:de:79:15:bb:95:c3:b3:32:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:30:22 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=e52cfaa16e405cd040525ce68a1c531ead6649a2a975a953f662684e530fec84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5a:67:6e:4c:03:04:76:aa:7d:5e:41:48:1b:
df:9a:e4:2a:db:36:b3:bc:6c:04:79:9a:98:10:d5:
02:c0:9e:c1:e4:15:c6:50:ce:8f:96:8a:bc:af:3e:
b6:a0:f0:8c:e0:10:ed:17:7f:5c:3b:97:ca:8a:d4:
61:ce:71:6b:45:40:48:93:ad:82:5d:7d:5f:34:50:
e0:e9:51:d9:f9:70:d6:67:10:fb:ad:3b:c5:21:13:
aa:ca:c9:14:82:0b:79:da:9c:6c:a7:ab:14:e5:59:
80:10:56:2e:b7:95:e7:4b:97:1f:9c:bf:fd:af:59:
91:14:fb:2f:23:5d:9d:83:5a:db:56:85:d2:31:01:
66:de:a9:31:e0:59:f9:3c:82:f3:ad:c4:e4:62:d0:
c6:cc:83:a9:83:c8:99:69:86:14:1a:8a:63:2c:b7:
79:dc:65:fe:9e:a8:ff:b6:19:2a:02:39:0d:7e:bc:
14:c7:c7:85:72:84:5a:f5:6c:c6:3d:19:e7:9f:58:
ee:d6:fe:f7:99:56:89:32:90:38:e2:5b:b8:9c:15:
fd:17:3d:55:f7:30:c2:76:92:f6:9b:8a:ac:0b:b7:
28:b0:93:b5:27:13:96:d1:ab:93:c3:48:94:6c:4d:
4e:39:91:97:e1:f2:b3:14:43:c6:5f:16:c8:e9:80:
09:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:FC:0D:61:7F:A4:8A:37:8D:6B:2E:28:64:0E:92:D7:A0:CA:50:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/33d7d0d8-ed13-4bde-b4f6-2b6730ba5d51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:800::/40
Signature Algorithm: sha256WithRSAEncryption
4a:47:fa:cc:fa:94:a9:85:54:6a:2f:69:6f:48:97:6a:18:ab:
86:b9:6b:9f:a8:2c:10:e2:af:94:c0:e9:dc:4f:84:15:c8:a6:
b5:7e:d4:50:fd:7b:ae:f1:fd:99:2f:c5:cf:20:91:10:b2:98:
ad:d7:4a:79:9d:35:e3:39:4e:ad:4a:d1:b4:98:bc:8d:37:e9:
1f:e0:0d:9c:d4:98:88:5c:5a:12:5c:4f:cc:63:93:7e:39:8b:
30:eb:c6:01:4e:aa:c6:fc:e7:05:94:94:47:38:66:88:12:24:
24:62:fc:64:ac:9f:cc:ac:93:92:70:be:67:2f:ae:29:45:e2:
e3:b0:2d:26:e6:14:0a:dc:20:a6:18:d5:12:d4:a3:4f:51:29:
f0:28:01:04:0f:6f:1f:3d:d0:49:6a:39:56:94:63:ec:a3:b9:
65:a5:27:24:4c:68:e7:fb:92:f4:ec:5e:82:80:f8:df:77:94:
30:05:f4:e7:cb:c8:1c:2a:5c:84:1c:52:99:df:5e:82:76:6d:
25:63:51:4b:ef:ed:be:68:77:9c:94:27:60:96:11:2c:2d:85:
4c:45:10:fd:ac:e2:e3:5b:31:f5:d4:56:c4:b4:7a:e7:08:dc:
fe:4d:fa:fa:14:bd:c7:7a:5e:58:c5:d1:d4:43:aa:7f:69:bc:
a5:f1:44:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPNTI7CGBvx+3zZneeRW7lcOzMtEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzMwMjJaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1MmNmYWExNmU0MDVjZDA0MDUyNWNlNjhhMWM1MzFlYWQ2NjQ5YTJhOTc1
YTk1M2Y2NjI2ODRlNTMwZmVjODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZaZ25MAwR2qn1eQUgb35rkKts2s7xsBHmamBDVAsCeweQVxlDOj5aKvK8+
tqDwjOAQ7Rd/XDuXyorUYc5xa0VASJOtgl19XzRQ4OlR2flw1mcQ+607xSETqsrJ
FIILedqcbKerFOVZgBBWLreV50uXH5y//a9ZkRT7LyNdnYNa21aF0jEBZt6pMeBZ
+TyC863E5GLQxsyDqYPImWmGFBqKYyy3edxl/p6o/7YZKgI5DX68FMfHhXKEWvVs
xj0Z559Y7tb+95lWiTKQOOJbuJwV/Rc9VfcwwnaS9puKrAu3KLCTtScTltGrk8NI
lGxNTjmRl+HysxRDxl8WyOmACY8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRX/A1h
f6SKN41rLihkDpLXoMpQjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzNkN2QwZDgtZWQxMy00YmRlLWI0ZjYtMmI2NzMwYmE1ZDUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQI
MA0GCSqGSIb3DQEBCwUAA4IBAQBKR/rM+pSphVRqL2lvSJdqGKuGuWufqCwQ4q+U
wOncT4QVyKa1ftRQ/Xuu8f2ZL8XPIJEQspit10p5nTXjOU6tStG0mLyNN+kf4A2c
1JiIXFoSXE/MY5N+OYsw68YBTqrG/OcFlJRHOGaIEiQkYvxkrJ/MrJOScL5nL64p
ReLjsC0m5hQK3CCmGNUS1KNPUSnwKAEED28fPdBJajlWlGPso7llpSckTGjn+5L0
7F6CgPjfd5QwBfTny8gcKlyEHFKZ316Cdm0lY1FL7+2+aHeclCdglhEsLYVMRRD9
rOLjWzH11FbEtHrnCNz+Tfr6FL3Hel5YxdHUQ6p/abyl8USk
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:09 2025 by rpki-client