Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7024c0c3-7170-422e-9714-29d292a6dc44.roa
File: 7024c0c3-7170-422e-9714-29d292a6dc44.roa (raw, json)
Hash identifier: Xd77R9Fo3kqfgYXzajBCiogshuoI7cqPDQUffi71sP4=
Subject key identifier: 36:D0:70:83:C9:D1:C1:81:EB:60:9B:89:AD:36:56:2D:AC:27:7E:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 25AAE3E3C0C437D3F5F8BC9EE5863671E1F31991
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7024c0c3-7170-422e-9714-29d292a6dc44.roa
Signing time: Thu 22 May 2025 01:24:06 +0000
ROA not before: Thu 22 May 2025 01:24:06 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:c0c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:aa:e3:e3:c0:c4:37:d3:f5:f8:bc:9e:e5:86:36:71:e1:f3:19:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:24:06 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=1758e9af77f0b44b0f82dab144f764f5963125d5a4fe73b4a9139b4e4a85ce73, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:39:24:c1:4b:a5:65:a0:35:83:b0:41:f2:b7:
17:a7:e3:da:4e:8d:f2:2d:a3:d2:f2:43:46:21:8b:
b0:c4:08:9e:dc:95:53:ee:95:90:02:8d:cb:1c:6d:
51:70:c5:6f:25:21:c3:d1:e4:fd:b7:21:d4:22:3f:
99:4f:8d:0d:23:97:5e:87:60:6d:3e:f1:c1:48:9e:
b3:7a:98:9a:6a:36:a2:a8:3e:fc:a4:08:79:7e:1c:
88:d9:d8:4f:4c:a3:ad:78:d6:70:13:64:ca:80:e1:
fe:e2:0b:48:91:c7:1f:b2:17:be:97:d1:48:68:d4:
20:e2:fd:db:e4:7a:f1:65:b4:80:97:31:55:09:6b:
fb:ab:25:88:1e:dc:0b:24:ed:45:56:35:ad:6e:bf:
dc:4a:d3:ba:2f:2f:5c:7a:5f:8b:ce:1c:ff:67:3b:
9d:69:c8:28:28:bf:3c:6d:58:a9:86:b3:dc:b8:4b:
b8:e2:88:14:c4:17:ac:48:e8:30:dc:49:78:41:5b:
b3:ce:cd:1b:7a:39:d8:a5:8e:de:28:e9:ca:69:60:
78:5e:23:d2:e9:2a:70:8d:45:be:ec:19:90:3d:91:
b3:9a:c0:11:76:4d:3a:b9:62:1a:c9:58:08:e1:57:
93:9d:d1:61:18:26:1a:74:ee:2b:f5:7f:b9:d8:47:
e0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D0:70:83:C9:D1:C1:81:EB:60:9B:89:AD:36:56:2D:AC:27:7E:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7024c0c3-7170-422e-9714-29d292a6dc44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
0c:2c:11:70:fb:d9:a0:3c:0c:91:e8:a3:a3:5f:f9:1f:26:6c:
3f:4c:b5:13:2e:4c:b1:c9:3f:99:0d:d1:6f:75:a2:a4:d3:76:
40:c8:5c:ec:5b:d1:54:75:68:48:43:fc:38:5f:f1:60:9e:28:
0f:b7:68:28:17:38:43:45:a2:71:13:7d:e7:57:1f:f4:83:77:
2f:60:1b:58:6f:a1:bd:fb:f2:6d:71:29:07:64:c2:9d:b5:e1:
ec:ff:9c:ae:ed:f7:76:f0:99:5f:57:a5:14:10:13:a7:f0:ea:
58:d4:05:11:f0:e4:f1:61:b5:9a:9e:a5:59:bf:6a:af:5a:11:
44:73:f5:5f:e3:73:ad:06:3f:6a:b3:48:f4:59:5e:63:81:df:
0d:c9:7c:0f:ae:9e:d4:c6:06:33:16:7f:0d:44:4e:ec:1d:b4:
05:88:4d:3c:46:c1:d8:06:e8:55:9d:01:fd:fa:75:60:13:79:
bc:2b:11:5e:6b:b9:73:e6:32:95:88:ed:4f:0d:e6:70:d3:ff:
5c:73:4c:e8:8f:82:27:cf:11:06:f5:d1:c9:9d:b6:a2:6a:3f:
ae:82:98:ef:bf:e0:5b:02:a0:59:b4:cd:4f:66:55:c3:c9:b2:
c1:df:2f:1c:ed:a9:19:d0:87:71:85:d7:be:19:56:08:40:0d:
78:ff:ee:10
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJarj48DEN9P1+Lye5YY2ceHzGZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTI0MDZaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3NThlOWFmNzdmMGI0NGIwZjgyZGFiMTQ0Zjc2NGY1OTYzMTI1ZDVhNGZl
NzNiNGE5MTM5YjRlNGE4NWNlNzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJE5JMFLpWWgNYOwQfK3F6fj2k6N8i2j0vJDRiGLsMQIntyVU+6VkAKNyxxt
UXDFbyUhw9Hk/bch1CI/mU+NDSOXXodgbT7xwUies3qYmmo2oqg+/KQIeX4ciNnY
T0yjrXjWcBNkyoDh/uILSJHHH7IXvpfRSGjUIOL92+R68WW0gJcxVQlr+6sliB7c
CyTtRVY1rW6/3ErTui8vXHpfi84c/2c7nWnIKCi/PG1YqYaz3LhLuOKIFMQXrEjo
MNxJeEFbs87NG3o52KWO3ijpymlgeF4j0ukqcI1FvuwZkD2Rs5rAEXZNOrliGslY
COFXk53RYRgmGnTuK/V/udhH4JMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ20HCD
ydHBgetgm4mtNlYtrCd+hTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzAyNGMwYzMtNzE3MC00MjJlLTk3MTQtMjlkMjkyYTZkYzQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FnA
wDANBgkqhkiG9w0BAQsFAAOCAQEADCwRcPvZoDwMkeijo1/5HyZsP0y1Ey5Msck/
mQ3Rb3WipNN2QMhc7FvRVHVoSEP8OF/xYJ4oD7doKBc4Q0WicRN951cf9IN3L2Ab
WG+hvfvybXEpB2TCnbXh7P+cru33dvCZX1elFBATp/DqWNQFEfDk8WG1mp6lWb9q
r1oRRHP1X+NzrQY/arNI9FleY4HfDcl8D66e1MYGMxZ/DURO7B20BYhNPEbB2Abo
VZ0B/fp1YBN5vCsRXmu5c+YylYjtTw3mcNP/XHNM6I+CJ88RBvXRyZ22omo/roKY
77/gWwKgWbTNT2ZVw8mywd8vHO2pGdCHcYXXvhlWCEANeP/uEA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:04:21 2025 by rpki-client