Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa
File: 4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa (raw, json)
Hash identifier: XAjQgKCe+qOVsgvMweUXccAxKv69zvEi13zj/yMjQr0=
Subject key identifier: 39:8C:A3:A5:79:FB:5A:57:00:4C:AA:02:AA:CA:2F:D7:45:7D:86:F5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 646B9124ECAD639326C2C8EF6B981B41F4268E29
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa
Signing time: Tue 20 May 2025 18:20:50 +0000
ROA not before: Tue 20 May 2025 18:20:50 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:9080::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:6b:91:24:ec:ad:63:93:26:c2:c8:ef:6b:98:1b:41:f4:26:8e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:50 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d5094c85e5a4c22b4bdd7c87ed7708f8e4f083620f01c4499506d2c57016fe3d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:38:1d:93:7c:31:1b:5b:d1:84:1d:0a:42:65:
84:67:0d:47:12:1f:6b:49:a4:b6:2a:07:83:b8:77:
c3:10:d2:a2:7e:9f:68:86:ae:67:17:8b:fb:f5:65:
0b:3a:de:10:22:f1:af:ea:1e:e3:b6:aa:2f:17:fe:
59:af:00:1e:5b:16:cc:73:1f:3a:70:28:a4:1a:98:
e7:56:a6:c5:ed:62:13:dc:1c:25:b2:dc:bd:00:b8:
d9:fb:44:b6:38:95:f9:64:99:1e:88:f5:ec:ff:8f:
28:7d:cb:38:43:1d:9b:14:a7:6b:1a:7e:7e:bc:2a:
ed:2a:4b:26:1e:09:6c:c8:a0:e5:de:7d:2b:b7:8a:
ec:e1:d6:3f:f1:a6:21:57:f2:54:a1:0e:2a:66:a0:
ff:f3:74:fa:97:de:0a:0e:01:f3:e6:df:1e:37:3a:
26:83:8f:60:f7:95:4d:81:ce:da:57:19:6b:69:96:
a1:9f:c8:53:56:1c:38:9e:22:af:41:01:83:4e:f0:
c2:8d:f2:a2:6a:62:9c:49:15:e2:94:11:f4:d1:76:
e3:03:d3:70:3d:31:bb:f1:49:fb:34:e7:bc:4e:d1:
fd:f2:24:82:c3:1d:ba:96:e9:7e:41:50:a0:36:01:
bc:69:f7:6d:cc:e7:67:5f:ff:eb:90:25:7c:a8:1e:
0c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8C:A3:A5:79:FB:5A:57:00:4C:AA:02:AA:CA:2F:D7:45:7D:86:F5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4e3b6523-075f-4fd7-96be-d01c2c779ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9080::/48
Signature Algorithm: sha256WithRSAEncryption
1e:d3:1e:99:b5:7f:cf:a5:59:7a:b0:f3:12:1d:04:b9:ed:ff:
cf:fa:53:4e:77:22:e5:d8:c9:96:cc:9a:39:db:88:f2:fc:37:
c5:4f:70:c2:0a:fe:76:1b:1f:ac:0d:9c:63:15:5a:e5:5a:7f:
d1:11:86:f3:87:58:02:01:a5:34:60:ae:f2:6b:bd:40:75:c0:
ff:d2:bd:db:67:83:a1:d4:c6:9d:d9:de:09:c8:5b:fe:28:7f:
56:71:50:27:7a:2b:86:e7:54:50:8d:93:cb:50:6d:ac:c3:8d:
b4:d8:e4:b3:55:f1:10:5f:60:39:30:d0:91:d4:a3:6d:6d:3f:
c2:df:5f:07:b9:04:ed:3e:92:3c:27:ef:1f:fa:6e:7e:80:e9:
7f:47:41:79:e6:57:83:3b:c5:46:b0:05:96:05:7b:75:d7:eb:
e8:08:08:cf:b2:f7:de:d5:4d:a2:ea:73:69:b1:5d:cd:56:df:
14:a0:e5:77:94:f3:8d:db:9a:31:c5:ac:f7:60:e3:b3:cd:5d:
65:6a:ed:1a:2b:01:b2:72:98:44:60:c1:1f:ec:8e:03:f8:5e:
a8:55:5c:06:b7:01:5d:11:d6:51:bf:b5:a9:71:df:b2:c8:df:
e0:91:b3:53:c0:c5:3b:9f:fb:06:94:b9:ee:68:0b:75:70:65:
84:e2:f7:59
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZGuRJOytY5Mmwsjva5gbQfQmjikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwNTBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1MDk0Yzg1ZTVhNGMyMmI0YmRkN2M4N2VkNzcwOGY4ZTRmMDgzNjIwZjAx
YzQ0OTk1MDZkMmM1NzAxNmZlM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKk4HZN8MRtb0YQdCkJlhGcNRxIfa0mktioHg7h3wxDSon6faIauZxeL+/Vl
CzreECLxr+oe47aqLxf+Wa8AHlsWzHMfOnAopBqY51amxe1iE9wcJbLcvQC42ftE
tjiV+WSZHoj17P+PKH3LOEMdmxSnaxp+frwq7SpLJh4JbMig5d59K7eK7OHWP/Gm
IVfyVKEOKmag//N0+pfeCg4B8+bfHjc6JoOPYPeVTYHO2lcZa2mWoZ/IU1YcOJ4i
r0EBg07wwo3yompinEkV4pQR9NF24wPTcD0xu/FJ+zTnvE7R/fIkgsMdupbpfkFQ
oDYBvGn3bcznZ1//65AlfKgeDHsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ5jKOl
eftaVwBMqgKqyi/XRX2G9TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGUzYjY1MjMtMDc1Zi00ZmQ3LTk2YmUtZDAxYzJjNzc5ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAHtMembV/z6VZerDzEh0Eue3/z/pTTnci5djJ
lsyaOduI8vw3xU9wwgr+dhsfrA2cYxVa5Vp/0RGG84dYAgGlNGCu8mu9QHXA/9K9
22eDodTGndneCchb/ih/VnFQJ3orhudUUI2Ty1BtrMONtNjks1XxEF9gOTDQkdSj
bW0/wt9fB7kE7T6SPCfvH/pufoDpf0dBeeZXgzvFRrAFlgV7ddfr6AgIz7L33tVN
oupzabFdzVbfFKDld5TzjduaMcWs92Djs81dZWrtGisBsnKYRGDBH+yOA/heqFVc
BrcBXRHWUb+1qXHfssjf4JGzU8DFO5/7BpS57mgLdXBlhOL3WQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:41 2025 by rpki-client