Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a39a3a1-5826-4186-8007-887aa5c6a88e.roa
File: 6a39a3a1-5826-4186-8007-887aa5c6a88e.roa (raw, json)
Hash identifier: CsGg+Q7hTR6qhy3QDx0xgLqJqgSmF6ORi1+hsAKqCjw=
Subject key identifier: 4E:E4:B7:0A:BB:AF:B3:4A:26:99:27:BD:E9:5D:0A:F0:D2:96:2F:EE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 047AE4BBDD924C021BB36AC8D6CDBF0ED0E2EB78
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a39a3a1-5826-4186-8007-887aa5c6a88e.roa
Signing time: Wed 02 Apr 2025 18:52:13 +0000
ROA not before: Wed 02 Apr 2025 18:52:13 +0000
ROA not after: Wed 07 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Apr 2025 23:37:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:7a:e4:bb:dd:92:4c:02:1b:b3:6a:c8:d6:cd:bf:0e:d0:e2:eb:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 18:52:13 2025 GMT
Not After : May 7 23:59:59 2025 GMT
Subject: serialNumber=25a445da5f72636a8c40d9f1a639909c4b4aa71b6a8ee3b5eb1e804deb637d03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1d:0a:5a:48:b0:06:7c:57:7b:4a:53:65:39:
27:0d:32:d0:1a:51:db:45:48:ff:dc:67:0e:64:3d:
3a:c6:2e:ae:86:60:5d:94:78:f1:7d:e3:54:a0:83:
ba:e8:f5:7b:92:7e:0f:dd:f5:c0:51:a1:53:aa:27:
3f:8b:45:c9:50:c5:7c:30:e7:90:f7:04:2f:07:d5:
f0:fa:89:3d:fe:c0:17:60:eb:f6:b1:10:85:97:0d:
a7:46:a9:11:b5:e6:ac:37:5e:34:47:bd:dd:c5:74:
fc:7d:56:b1:6c:c8:2f:5e:65:f5:98:85:31:1f:a4:
ab:64:6a:e6:7d:71:67:2c:df:df:98:49:29:69:7a:
5c:b2:13:62:c3:41:94:00:4a:0d:dc:28:d6:ee:38:
62:2d:33:e3:ce:fd:f5:38:92:05:6d:02:87:f3:f4:
4b:6a:00:d3:50:4c:49:39:4b:68:1f:32:5b:23:f4:
7c:b0:b9:b8:56:50:49:05:ec:da:a2:e8:9d:bb:ac:
9b:d9:71:6e:29:f3:ad:ad:33:2f:84:61:22:5d:9a:
94:f7:fe:98:17:7a:71:c5:f6:ea:83:cd:87:d3:49:
0f:d4:99:59:e3:48:2c:f6:b7:78:c1:fb:7f:f2:41:
fc:ab:4c:7b:92:65:24:26:ae:96:58:98:34:f4:79:
2e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:E4:B7:0A:BB:AF:B3:4A:26:99:27:BD:E9:5D:0A:F0:D2:96:2F:EE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a39a3a1-5826-4186-8007-887aa5c6a88e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030::/32
Signature Algorithm: sha256WithRSAEncryption
5f:88:06:26:9e:3d:e5:db:aa:2e:f9:29:88:f8:ec:ae:91:f4:
b5:d8:63:e8:50:15:47:e9:b5:bf:57:95:db:af:7d:ec:e3:b3:
aa:d7:df:d3:78:50:79:6b:02:2e:08:c7:8d:e3:71:2b:e9:ed:
3a:6f:7d:43:9e:12:fe:44:79:4b:ad:a9:75:e2:51:d5:1f:90:
ed:b4:86:25:56:db:83:83:d6:5c:ef:40:65:b6:98:b2:40:95:
9c:60:a8:a4:ff:44:b7:ce:d6:9e:6e:d7:d8:6c:5e:05:4c:7e:
7d:98:6b:ec:2b:73:26:6c:f7:a5:66:58:b8:22:59:ca:e9:24:
ce:cf:c0:ac:d4:35:d2:c6:6c:50:95:f4:a6:59:c2:e8:c3:d7:
5f:71:9a:aa:03:26:7e:20:4f:e0:1a:3f:e8:80:80:c7:e0:b6:
6c:b6:69:94:05:d6:ee:dc:8b:05:ce:1d:3e:75:73:0f:60:81:
02:73:04:7d:cd:c5:45:b3:04:c2:02:b5:b3:b2:87:b6:f1:32:
42:66:02:ce:f0:db:bc:9a:00:5e:f7:5b:f1:ce:da:89:6d:b2:
fe:6f:c2:06:8f:b0:14:12:09:d9:68:1a:26:5a:ee:ed:1e:3e:
f0:c1:fa:79:b9:53:c6:78:da:33:6e:97:19:47:f5:30:0e:86:
9a:d4:17:39
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUBHrku92STAIbs2rI1s2/DtDi63gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDIxODUyMTNaFw0yNTA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1YTQ0NWRhNWY3MjYzNmE4YzQwZDlmMWE2Mzk5MDljNGI0YWE3MWI2YThl
ZTNiNWViMWU4MDRkZWI2MzdkMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAdClpIsAZ8V3tKU2U5Jw0y0BpR20VI/9xnDmQ9OsYuroZgXZR48X3jVKCD
uuj1e5J+D931wFGhU6onP4tFyVDFfDDnkPcELwfV8PqJPf7AF2Dr9rEQhZcNp0ap
EbXmrDdeNEe93cV0/H1WsWzIL15l9ZiFMR+kq2Rq5n1xZyzf35hJKWl6XLITYsNB
lABKDdwo1u44Yi0z48799TiSBW0Ch/P0S2oA01BMSTlLaB8yWyP0fLC5uFZQSQXs
2qLonbusm9lxbinzra0zL4RhIl2alPf+mBd6ccX26oPNh9NJD9SZWeNILPa3eMH7
f/JB/KtMe5JlJCaulliYNPR5LqcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRO5LcK
u6+zSiaZJ73pXQrw0pYv7jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmEzOWEzYTEtNTgyNi00MTg2LTgwMDctODg3YWE1YzZhODhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DAw
DQYJKoZIhvcNAQELBQADggEBAF+IBiaePeXbqi75KYj47K6R9LXYY+hQFUfptb9X
lduvfezjs6rX39N4UHlrAi4Ix43jcSvp7TpvfUOeEv5EeUutqXXiUdUfkO20hiVW
24OD1lzvQGW2mLJAlZxgqKT/RLfO1p5u19hsXgVMfn2Ya+wrcyZs96VmWLgiWcrp
JM7PwKzUNdLGbFCV9KZZwujD119xmqoDJn4gT+AaP+iAgMfgtmy2aZQF1u7ciwXO
HT51cw9ggQJzBH3NxUWzBMICtbOyh7bxMkJmAs7w27yaAF73W/HO2oltsv5vwgaP
sBQSCdloGiZa7u0ePvDB+nm5U8Z42jNulxlH9TAOhprUFzk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:28 2025 by rpki-client