Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7257d2cb-d200-46f8-a39c-b44d198d0849.roa
File: 7257d2cb-d200-46f8-a39c-b44d198d0849.roa (raw, json)
Hash identifier: fHWFDUnaimGIvaYGaGj+bOxTO69EIhEcwd7pT+9s4YE=
Subject key identifier: A7:5D:51:13:C8:15:DD:6A:15:C4:ED:82:80:6C:22:65:57:0F:2A:D0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A25682A60670362042985C53E798B9158EE6038
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7257d2cb-d200-46f8-a39c-b44d198d0849.roa
Signing time: Thu 22 May 2025 01:24:00 +0000
ROA not before: Thu 22 May 2025 01:24:00 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:9040::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:25:68:2a:60:67:03:62:04:29:85:c5:3e:79:8b:91:58:ee:60:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:24:00 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=b917ad28c16a06dd25c7333f55254f8d8e0e013f3605c4888d9cd249f47e4f59, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e2:a2:1a:0d:d4:bb:ad:29:9a:7b:3e:e2:c7:
6a:5f:8c:aa:2e:43:93:e5:52:52:de:97:ca:59:d9:
c3:2d:d1:a9:f5:9e:f2:29:8f:98:37:ae:0a:f2:06:
90:3a:27:e2:71:3e:0b:8e:a2:da:ba:0f:46:f4:4e:
6e:f9:b6:8b:51:30:64:16:b4:d6:5d:a5:2b:dd:40:
83:84:70:c5:b1:e8:64:e1:5b:48:ea:87:a4:af:cf:
2c:51:15:b9:6a:c1:56:52:2b:fd:80:f0:76:f4:19:
ce:4f:6a:b6:fa:ee:a2:54:8d:05:05:76:fe:9f:df:
3d:5f:32:02:a5:9f:7a:86:2f:69:b0:d9:17:6f:b1:
d4:67:8c:44:a5:65:a3:b8:b5:16:98:96:ea:b2:23:
d3:05:24:3f:9c:28:83:57:7a:af:db:36:32:8e:70:
ce:ac:95:c0:0a:7e:07:29:d9:0e:c7:75:68:ab:1f:
a9:77:51:51:69:d8:bb:bb:4e:3c:36:4e:da:a3:01:
d9:b6:ee:2e:ef:92:38:0c:71:2e:d6:8e:f7:ae:29:
b6:ed:9a:ad:99:05:51:44:c2:ef:c9:38:8a:70:1c:
97:e5:07:35:a1:b3:12:44:ed:50:d4:9b:24:75:42:
da:7d:87:2b:cd:73:a6:e0:15:28:69:7e:50:b1:d9:
50:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5D:51:13:C8:15:DD:6A:15:C4:ED:82:80:6C:22:65:57:0F:2A:D0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7257d2cb-d200-46f8-a39c-b44d198d0849.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:9040::/48
Signature Algorithm: sha256WithRSAEncryption
b5:cc:54:0e:14:09:77:5c:04:7a:7a:e9:c1:da:06:54:82:5c:
26:d8:07:75:6f:0d:78:7b:4e:f6:56:e9:91:ec:4f:34:15:6f:
43:38:05:b8:0e:fc:ca:ac:27:9a:0a:ff:70:82:21:2d:d8:dc:
c8:98:27:e4:e2:33:79:a4:a9:cd:35:43:ce:81:bc:03:fa:bb:
8d:4e:79:ea:04:10:e0:8d:ac:6d:d1:74:5b:35:42:f8:4d:97:
0e:1e:69:9a:37:56:11:84:97:a6:ea:16:d7:80:34:0b:84:bf:
03:01:d9:c9:03:8d:1e:b6:4c:77:5c:e2:bf:4b:d8:76:db:d5:
c1:63:0b:f5:e2:ab:63:2e:15:ee:97:70:b3:ff:27:a1:43:c9:
02:9c:d9:5d:1c:85:1a:10:2b:cb:25:e3:d4:61:e9:63:fc:93:
1b:dd:53:d0:ac:2c:c3:a7:53:6c:b0:ff:81:b7:d5:39:43:b4:
36:42:8c:7f:a5:7e:1c:60:5d:fe:a0:99:7f:0c:4d:3d:36:0b:
5b:e3:57:67:2a:e4:a4:9c:4d:da:b6:bf:7e:6e:42:4b:6a:47:
75:c3:a9:59:5c:91:96:a0:a7:00:77:b8:6a:10:2a:d4:9f:c7:
33:6b:d4:aa:9f:19:6d:7d:2b:54:5a:81:eb:ed:6b:78:35:9d:
c2:ab:08:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKiVoKmBnA2IEKYXFPnmLkVjuYDgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTI0MDBaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MTdhZDI4YzE2YTA2ZGQyNWM3MzMzZjU1MjU0ZjhkOGUwZTAxM2YzNjA1
YzQ4ODhkOWNkMjQ5ZjQ3ZTRmNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbiohoN1LutKZp7PuLHal+Mqi5Dk+VSUt6XylnZwy3RqfWe8imPmDeuCvIG
kDon4nE+C46i2roPRvRObvm2i1EwZBa01l2lK91Ag4RwxbHoZOFbSOqHpK/PLFEV
uWrBVlIr/YDwdvQZzk9qtvruolSNBQV2/p/fPV8yAqWfeoYvabDZF2+x1GeMRKVl
o7i1FpiW6rIj0wUkP5wog1d6r9s2Mo5wzqyVwAp+BynZDsd1aKsfqXdRUWnYu7tO
PDZO2qMB2bbuLu+SOAxxLtaO964ptu2arZkFUUTC78k4inAcl+UHNaGzEkTtUNSb
JHVC2n2HK81zpuAVKGl+ULHZUJUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSnXVET
yBXdahXE7YKAbCJlVw8q0DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzI1N2QyY2ItZDIwMC00NmY4LWEzOWMtYjQ0ZDE5OGQwODQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FmQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAtcxUDhQJd1wEenrpwdoGVIJcJtgHdW8NeHtO
9lbpkexPNBVvQzgFuA78yqwnmgr/cIIhLdjcyJgn5OIzeaSpzTVDzoG8A/q7jU55
6gQQ4I2sbdF0WzVC+E2XDh5pmjdWEYSXpuoW14A0C4S/AwHZyQONHrZMd1ziv0vY
dtvVwWML9eKrYy4V7pdws/8noUPJApzZXRyFGhAryyXj1GHpY/yTG91T0Kwsw6dT
bLD/gbfVOUO0NkKMf6V+HGBd/qCZfwxNPTYLW+NXZyrkpJxN2ra/fm5CS2pHdcOp
WVyRlqCnAHe4ahAq1J/HM2vUqp8ZbX0rVFqB6+1reDWdwqsIVg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:00 2025 by rpki-client