Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cb31e0d-b014-41fb-b9bc-681b27340ffe.roa
File: 6cb31e0d-b014-41fb-b9bc-681b27340ffe.roa (raw, json)
Hash identifier: h9TSaEWLDPv7ke1OuCaB32swgj/iRPdhybE0s669hfs=
Subject key identifier: B8:E2:E3:DD:23:D4:45:34:F0:B0:2A:F9:10:7B:2F:1D:E2:E8:73:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 737E63B6D94A8B31F8199BA17AC0BC6CE9F67552
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cb31e0d-b014-41fb-b9bc-681b27340ffe.roa
Signing time: Mon 12 May 2025 16:20:14 +0000
ROA not before: Mon 12 May 2025 16:20:14 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:c000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:7e:63:b6:d9:4a:8b:31:f8:19:9b:a1:7a:c0:bc:6c:e9:f6:75:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:14 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=c4d8121d0c4e2642801fbfb4956e28af9de291b00f4cca117e2fddbeb8002bad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:bc:65:dd:61:ab:4c:ed:df:07:40:3e:92:48:
74:db:c9:10:c5:f1:1b:f4:ef:09:ed:2d:1b:c5:20:
08:f0:75:ac:eb:b8:8a:79:4d:d5:5c:1d:6f:89:48:
87:5f:df:a2:5b:f5:64:fb:11:7e:80:b0:ff:87:0c:
20:f8:26:2d:1d:52:a3:a2:b4:3f:6c:bb:a6:8f:57:
37:30:69:3d:62:76:6e:9b:8c:13:04:6e:6e:89:3d:
f9:8c:e7:c3:dd:ae:5e:ef:43:3e:b9:1b:cc:90:c3:
65:35:0d:a9:24:63:05:8d:ee:f3:14:04:3f:78:ec:
b2:a8:dd:98:aa:46:c5:10:87:b5:b8:9d:dc:28:42:
d3:2e:23:32:81:d0:51:2b:88:8f:ca:13:82:42:a6:
18:96:d4:bd:0e:59:e1:4d:49:6f:78:a7:53:03:72:
84:0f:8d:4e:5d:ba:55:70:3c:6b:3c:19:a3:9b:ac:
79:a6:33:5d:b8:da:40:12:61:3d:47:97:82:ca:a5:
a7:c6:ce:6e:70:50:68:8b:c1:41:2d:89:e3:06:4a:
f4:2e:37:3b:7a:7c:e8:cb:79:59:5a:e5:d6:6e:be:
ec:b0:f5:b7:56:d9:30:04:d6:59:a7:e6:9b:55:2f:
c5:5c:84:02:c5:03:ce:63:4f:2a:f8:d4:8b:70:4f:
13:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E2:E3:DD:23:D4:45:34:F0:B0:2A:F9:10:7B:2F:1D:E2:E8:73:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6cb31e0d-b014-41fb-b9bc-681b27340ffe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:c000::/40
Signature Algorithm: sha256WithRSAEncryption
95:d5:39:0c:eb:7a:f5:1e:ea:b6:c0:6f:1f:91:ea:65:db:35:
50:9c:b0:1e:9a:c3:11:ba:e5:61:1f:70:52:2b:01:c9:9a:84:
23:20:16:c0:62:96:c3:80:89:07:28:7c:32:22:f6:d5:33:ae:
fc:dc:fc:92:32:d2:e4:f9:0b:8b:03:8a:25:0f:49:f9:77:4d:
b5:a9:4c:2f:3b:45:6d:8e:cc:fa:c3:47:9a:ae:93:b5:1f:55:
64:01:e2:56:5b:8b:45:ff:3b:67:af:e0:a7:8d:4b:5f:59:53:
22:93:67:0b:29:9e:2f:d5:5a:e1:f8:31:68:21:40:d8:b6:ca:
6b:58:a8:00:37:02:33:99:23:14:4f:21:31:dc:94:64:85:dc:
94:78:c0:87:5d:46:2f:02:ac:51:fa:08:c9:e8:52:7a:0c:53:
f4:d8:cc:43:b2:04:be:dc:0d:72:bb:ec:40:5b:de:46:ab:a2:
25:89:3a:b0:78:55:8e:68:ba:8d:f5:9e:a1:7a:7c:90:13:a1:
e8:c3:ca:eb:62:9b:fe:de:f3:c6:91:ed:b3:3d:f7:af:fb:0b:
ff:11:4c:0c:3c:55:a0:f6:1f:2b:f2:c4:77:79:cf:bb:6a:f5:
7e:9d:43:5a:94:2b:b8:86:67:95:5f:87:1a:3f:ad:53:bd:23:
5a:c4:75:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc35jttlKizH4GZuhesC8bOn2dVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMTRaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0ZDgxMjFkMGM0ZTI2NDI4MDFmYmZiNDk1NmUyOGFmOWRlMjkxYjAwZjRj
Y2ExMTdlMmZkZGJlYjgwMDJiYWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOS8Zd1hq0zt3wdAPpJIdNvJEMXxG/TvCe0tG8UgCPB1rOu4inlN1Vwdb4lI
h1/folv1ZPsRfoCw/4cMIPgmLR1So6K0P2y7po9XNzBpPWJ2bpuMEwRubok9+Yzn
w92uXu9DPrkbzJDDZTUNqSRjBY3u8xQEP3jssqjdmKpGxRCHtbid3ChC0y4jMoHQ
USuIj8oTgkKmGJbUvQ5Z4U1Jb3inUwNyhA+NTl26VXA8azwZo5useaYzXbjaQBJh
PUeXgsqlp8bObnBQaIvBQS2J4wZK9C43O3p86Mt5WVrl1m6+7LD1t1bZMATWWafm
m1UvxVyEAsUDzmNPKvjUi3BPEyUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS44uPd
I9RFNPCwKvkQey8d4uhzZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmNiMzFlMGQtYjAxNC00MWZiLWI5YmMtNjgxYjI3MzQwZmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FvA
MA0GCSqGSIb3DQEBCwUAA4IBAQCV1TkM63r1Huq2wG8fkepl2zVQnLAemsMRuuVh
H3BSKwHJmoQjIBbAYpbDgIkHKHwyIvbVM6783PySMtLk+QuLA4olD0n5d021qUwv
O0Vtjsz6w0earpO1H1VkAeJWW4tF/ztnr+CnjUtfWVMik2cLKZ4v1Vrh+DFoIUDY
tsprWKgANwIzmSMUTyEx3JRkhdyUeMCHXUYvAqxR+gjJ6FJ6DFP02MxDsgS+3A1y
u+xAW95Gq6IliTqweFWOaLqN9Z6henyQE6How8rrYpv+3vPGke2zPfev+wv/EUwM
PFWg9h8r8sR3ec+7avV+nUNalCu4hmeVX4caP61TvSNaxHUS
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:41 2025 by rpki-client