Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c0911f1-01b0-4492-b92f-9915d315647d.roa
File: 5c0911f1-01b0-4492-b92f-9915d315647d.roa (raw, json)
Hash identifier: dfW1ATzJI4KZt7PVm2bl2zZOlUbchfx6sq49bkhpC9o=
Subject key identifier: 59:FB:F8:AF:A5:6B:0C:85:3C:88:11:93:9B:FB:4B:52:C9:0A:C0:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28B79C613880848767CB779915731E7B122C5148
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c0911f1-01b0-4492-b92f-9915d315647d.roa
Signing time: Fri 16 May 2025 17:30:33 +0000
ROA not before: Fri 16 May 2025 17:30:33 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:880::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:b7:9c:61:38:80:84:87:67:cb:77:99:15:73:1e:7b:12:2c:51:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:30:33 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=1c57fc04bd030918c77ae42e81396deb6a1a35eb56f35dade6afe77a0364fa87, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e6:3c:53:90:5b:df:d2:e8:34:9b:a0:c2:5a:
29:58:f9:f3:58:dd:9c:28:c5:73:6e:c2:5f:9d:e3:
35:19:25:25:0e:3a:a7:a0:74:f3:b0:51:33:ff:7d:
be:ee:8e:04:3d:88:d2:cf:54:c4:5e:af:82:7a:b7:
1c:42:78:e5:37:ee:66:0f:11:4e:96:36:b1:7c:8f:
b8:e9:85:14:23:b7:48:82:ca:22:b3:fa:60:53:f3:
7a:41:fa:b0:b3:4f:05:d3:2b:0a:6e:ff:3e:e8:b1:
ea:ed:b0:cb:03:35:9f:7d:ae:5e:3c:c2:f4:da:01:
bf:78:6c:89:9d:e2:96:da:ad:e7:b7:ec:b9:f8:52:
d3:63:57:04:8c:4b:dd:6c:3e:9b:40:0b:a6:c1:ad:
ba:98:87:2d:eb:16:98:54:a6:25:1d:dd:17:d4:61:
e6:81:53:9f:a1:29:08:2f:ba:e5:1f:1f:02:2c:17:
2b:0d:ca:61:7b:77:71:0a:e6:7f:45:aa:30:79:ba:
fe:c1:39:14:9a:89:72:bd:56:b2:66:89:c6:f9:69:
99:d7:88:4b:e3:3c:7c:f1:f7:75:fe:7d:00:9b:69:
18:18:9c:ef:9e:b8:07:1b:a3:b5:11:39:98:1c:d8:
a4:37:b2:f9:71:2c:8e:61:f7:ad:68:0a:eb:1c:50:
38:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:FB:F8:AF:A5:6B:0C:85:3C:88:11:93:9B:FB:4B:52:C9:0A:C0:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c0911f1-01b0-4492-b92f-9915d315647d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:880::/48
Signature Algorithm: sha256WithRSAEncryption
5d:52:a9:1f:43:87:00:81:68:cd:69:2b:fe:81:c6:f9:2f:2b:
d1:31:ba:cc:7e:e5:ee:a8:8a:0a:3f:9d:ce:3d:45:87:85:7e:
ba:91:fb:1b:29:d9:eb:4b:11:81:9e:06:0b:90:ba:02:56:25:
b1:aa:64:49:29:69:e1:be:b8:3d:2f:7d:0a:ea:3d:ea:1e:72:
b8:7a:7b:90:2b:77:5b:ee:71:a3:87:73:eb:49:e1:ee:39:b1:
05:e9:5e:c0:87:19:60:7d:09:57:6e:37:7d:d5:a1:da:62:00:
a7:ce:6f:27:d4:cd:5d:03:52:94:cc:6e:10:0e:5c:60:68:4d:
af:10:a7:94:ab:21:72:fe:0c:f3:2b:19:2f:60:53:fa:07:91:
76:95:92:79:c7:60:3a:1c:60:db:77:a6:51:df:57:4c:bb:f7:
af:49:72:60:23:a9:26:52:66:56:b0:35:72:42:10:88:5b:cd:
42:d1:ac:5f:2a:e5:68:4e:9b:c6:56:3f:dd:be:fc:fe:43:42:
d9:bb:6d:93:0c:72:de:a6:77:76:f3:ca:34:50:18:d7:df:c8:
8b:f6:51:41:6b:65:d8:bf:a0:8a:4c:f7:63:31:b9:36:39:cf:
1d:2c:f9:8b:c0:5e:4b:c8:ac:05:6c:49:5c:b0:d7:5a:b3:85:
c4:1f:02:23
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKLecYTiAhIdny3eZFXMeexIsUUgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzMwMzNaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjNTdmYzA0YmQwMzA5MThjNzdhZTQyZTgxMzk2ZGViNmExYTM1ZWI1NmYz
NWRhZGU2YWZlNzdhMDM2NGZhODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrmPFOQW9/S6DSboMJaKVj581jdnCjFc27CX53jNRklJQ46p6B087BRM/99
vu6OBD2I0s9UxF6vgnq3HEJ45TfuZg8RTpY2sXyPuOmFFCO3SILKIrP6YFPzekH6
sLNPBdMrCm7/Puix6u2wywM1n32uXjzC9NoBv3hsiZ3iltqt57fsufhS02NXBIxL
3Ww+m0ALpsGtupiHLesWmFSmJR3dF9Rh5oFTn6EpCC+65R8fAiwXKw3KYXt3cQrm
f0WqMHm6/sE5FJqJcr1WsmaJxvlpmdeIS+M8fPH3df59AJtpGBic7564BxujtRE5
mBzYpDey+XEsjmH3rWgK6xxQONECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRZ+/iv
pWsMhTyIEZOb+0tSyQrAdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWMwOTExZjEtMDFiMC00NDkyLWI5MmYtOTkxNWQzMTU2NDdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQI
gDANBgkqhkiG9w0BAQsFAAOCAQEAXVKpH0OHAIFozWkr/oHG+S8r0TG6zH7l7qiK
Cj+dzj1Fh4V+upH7GynZ60sRgZ4GC5C6AlYlsapkSSlp4b64PS99Cuo96h5yuHp7
kCt3W+5xo4dz60nh7jmxBelewIcZYH0JV243fdWh2mIAp85vJ9TNXQNSlMxuEA5c
YGhNrxCnlKshcv4M8ysZL2BT+geRdpWSecdgOhxg23emUd9XTLv3r0lyYCOpJlJm
VrA1ckIQiFvNQtGsXyrlaE6bxlY/3b78/kNC2bttkwxy3qZ3dvPKNFAY19/Ii/ZR
QWtl2L+gikz3YzG5NjnPHSz5i8BeS8isBWxJXLDXWrOFxB8CIw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:41 2025 by rpki-client