Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7258ab8a-d51b-4c5a-b45a-d1e7d93c1d05.roa
File: 7258ab8a-d51b-4c5a-b45a-d1e7d93c1d05.roa (raw, json)
Hash identifier: S+pDNm4jxEEn3fo/Y8N8vwgHJyYQcF9hv/wRvtCEOGA=
Subject key identifier: F2:25:E2:DA:CC:CE:6E:3C:ED:6E:AC:CB:B0:88:8F:79:BD:E8:A0:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 340C49F4516A5EE0F09BB97D4E073233238D6E7A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7258ab8a-d51b-4c5a-b45a-d1e7d93c1d05.roa
Signing time: Tue 20 May 2025 18:20:43 +0000
ROA not before: Tue 20 May 2025 18:20:43 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:a040::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:0c:49:f4:51:6a:5e:e0:f0:9b:b9:7d:4e:07:32:33:23:8d:6e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:43 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ae4a90f76508b6009495648cf0c1e00c956909106ee83ff661d7d219640f2b84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2c:a0:c4:b4:5e:16:b8:58:9d:d5:9f:59:8b:
13:42:68:fb:7a:09:3e:6f:ac:f7:1c:2a:f3:ab:36:
7b:07:3e:41:ef:a7:05:23:d0:d5:50:49:4f:00:f8:
9e:ec:79:d4:94:ad:25:fd:f4:e2:0b:cd:04:60:41:
b4:39:d0:c7:91:6c:98:59:76:df:fc:e1:f6:9c:f8:
b9:e5:a5:48:54:f8:08:12:e6:53:56:32:e2:4a:86:
94:54:e0:13:8b:80:ac:60:30:50:02:48:03:9d:35:
b9:00:1e:e8:74:7d:33:67:d3:b5:29:d3:b4:4f:90:
4d:60:c5:19:31:e3:e0:df:0a:a6:e5:49:7c:34:4c:
96:d9:c9:23:02:dc:ec:54:3d:07:7b:16:b2:47:24:
f5:20:2c:3e:c6:c7:23:f8:a0:bf:bf:9c:71:4b:0c:
44:2a:f0:17:be:c3:10:30:59:bc:77:25:d7:bb:95:
e5:88:06:3a:4e:63:50:03:5e:41:5a:ef:48:48:c4:
3f:b5:dd:5f:3b:0c:08:fc:96:b0:87:30:26:36:fe:
8c:bd:aa:83:37:9e:21:ef:a2:4b:7c:54:5a:f4:3d:
34:35:91:3d:92:a6:60:67:ae:e1:87:04:9d:10:c7:
16:40:a0:d8:ef:d3:8c:a4:42:39:ce:8e:14:26:67:
c8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:25:E2:DA:CC:CE:6E:3C:ED:6E:AC:CB:B0:88:8F:79:BD:E8:A0:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7258ab8a-d51b-4c5a-b45a-d1e7d93c1d05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:a040::/48
Signature Algorithm: sha256WithRSAEncryption
7a:d7:b4:7c:ee:0b:62:e0:a9:50:8f:55:32:e6:e5:61:4a:1d:
b2:8c:1b:ed:5f:fd:3c:3a:b0:ba:30:46:f0:bc:6b:cd:9b:14:
0f:ab:7e:eb:48:04:6f:0b:8a:49:a6:fe:cd:be:69:eb:5d:33:
6a:62:2d:20:4e:63:e8:5a:a5:83:5d:94:31:3d:e1:b2:5c:30:
96:0d:bc:c3:6a:17:e9:94:8b:62:c8:ec:e0:2f:62:df:29:d5:
27:1a:45:de:73:87:51:0b:a8:8b:32:34:f3:47:8c:a8:45:4f:
80:b7:23:ad:1a:80:2c:c4:35:0a:8f:8d:b0:81:84:e3:db:23:
82:e9:bd:c6:5d:ac:f2:7e:24:48:7c:db:a7:45:6d:db:8c:ae:
15:c7:4e:15:4c:9c:de:62:36:63:41:a2:0f:d4:00:9d:50:43:
b3:60:f8:62:fe:56:a4:ba:5f:aa:bd:5e:4c:f6:51:7e:8b:04:
a7:7b:fe:d9:ef:61:89:2f:a7:d9:c4:d0:5a:59:11:5f:07:82:
b1:0c:d5:7f:30:ee:c5:18:7c:92:14:e0:2c:ec:07:06:49:37:
35:39:9a:56:99:f0:4e:f4:0f:f9:58:95:e1:2d:db:e3:8f:08:
81:c2:67:d9:30:ec:43:b4:6c:8f:95:a3:d4:aa:0e:a8:b8:d6:
af:fb:76:d1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNAxJ9FFqXuDwm7l9TgcyMyONbnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwNDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlNGE5MGY3NjUwOGI2MDA5NDk1NjQ4Y2YwYzFlMDBjOTU2OTA5MTA2ZWU4
M2ZmNjYxZDdkMjE5NjQwZjJiODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8soMS0Xha4WJ3Vn1mLE0Jo+3oJPm+s9xwq86s2ewc+Qe+nBSPQ1VBJTwD4
nux51JStJf304gvNBGBBtDnQx5FsmFl23/zh9pz4ueWlSFT4CBLmU1Yy4kqGlFTg
E4uArGAwUAJIA501uQAe6HR9M2fTtSnTtE+QTWDFGTHj4N8KpuVJfDRMltnJIwLc
7FQ9B3sWskck9SAsPsbHI/igv7+ccUsMRCrwF77DEDBZvHcl17uV5YgGOk5jUANe
QVrvSEjEP7XdXzsMCPyWsIcwJjb+jL2qgzeeIe+iS3xUWvQ9NDWRPZKmYGeu4YcE
nRDHFkCg2O/TjKRCOc6OFCZnyLECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTyJeLa
zM5uPO1urMuwiI95veigTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzI1OGFiOGEtZDUxYi00YzVhLWI0NWEtZDFlN2Q5M2MxZDA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSg
QDANBgkqhkiG9w0BAQsFAAOCAQEAete0fO4LYuCpUI9VMublYUodsowb7V/9PDqw
ujBG8LxrzZsUD6t+60gEbwuKSab+zb5p610zamItIE5j6Fqlg12UMT3hslwwlg28
w2oX6ZSLYsjs4C9i3ynVJxpF3nOHUQuoizI080eMqEVPgLcjrRqALMQ1Co+NsIGE
49sjgum9xl2s8n4kSHzbp0Vt24yuFcdOFUyc3mI2Y0GiD9QAnVBDs2D4Yv5WpLpf
qr1eTPZRfosEp3v+2e9hiS+n2cTQWlkRXweCsQzVfzDuxRh8khTgLOwHBkk3NTma
VpnwTvQP+ViV4S3b448IgcJn2TDsQ7Rsj5Wj1KoOqLjWr/t20Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:21 2025 by rpki-client