Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72ef8dd0-6820-429d-9dd5-d75f593bc729.roa
File: 72ef8dd0-6820-429d-9dd5-d75f593bc729.roa (raw, json)
Hash identifier: ved86kbRy7RcokNtJShCMNIoFeIgmwAqfANPoNAamlY=
Subject key identifier: B1:A3:40:23:3F:66:72:39:D5:60:DA:B2:0B:7E:C0:8D:24:82:6D:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: AE4318694447C0382B0216E3DD97BA08D6996F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72ef8dd0-6820-429d-9dd5-d75f593bc729.roa
Signing time: Tue 20 May 2025 18:20:54 +0000
ROA not before: Tue 20 May 2025 18:20:54 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:5080::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ae:43:18:69:44:47:c0:38:2b:02:16:e3:dd:97:ba:08:d6:99:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:20:54 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=263c3e0fd9005d1d2cca3148312fd0d32243a00fd8467e5d9c2dc7ec30ea94b9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5f:d3:e9:83:27:02:53:78:54:06:d7:6b:ee:
8c:fc:54:f9:f9:0f:6d:d3:a6:41:87:ae:7f:2f:3e:
8d:22:30:e4:85:c2:07:42:b1:c3:fd:c6:3b:8e:8a:
48:b5:3b:e7:58:65:67:a6:e4:49:a2:1d:57:dd:28:
4c:57:90:1c:ca:f9:51:45:a8:16:ee:7e:31:15:65:
6a:7f:04:cf:af:7c:23:b1:0a:bb:7e:71:6c:7a:b5:
0d:36:b3:60:1f:ee:ad:b3:19:d9:b7:a0:48:4e:fb:
9f:f7:55:53:2f:35:62:e8:73:1f:b1:30:39:79:70:
24:aa:d2:7a:82:40:e2:9c:aa:47:4c:af:ba:40:76:
bb:43:fb:18:db:04:15:59:d2:7f:1f:01:5d:0e:b2:
86:0f:66:09:98:dd:4a:f5:60:8c:79:da:9d:25:46:
29:16:ca:8d:a1:82:a3:9d:e2:32:72:85:aa:3f:00:
42:05:14:36:1c:1c:89:53:41:ed:ce:a8:74:fa:0d:
a7:12:25:0d:2b:03:db:39:9d:3e:a2:f8:76:19:47:
3c:36:df:13:6d:e4:cc:a9:10:5a:0d:94:91:d7:33:
bb:68:2a:a5:f4:fb:4a:5a:54:37:c9:95:bb:bc:b6:
df:6f:57:fb:49:db:a8:86:89:2b:7b:c7:62:ff:57:
14:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A3:40:23:3F:66:72:39:D5:60:DA:B2:0B:7E:C0:8D:24:82:6D:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/72ef8dd0-6820-429d-9dd5-d75f593bc729.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:5080::/48
Signature Algorithm: sha256WithRSAEncryption
c3:06:d1:68:58:87:7d:23:f4:d2:63:99:d2:75:56:ab:eb:de:
59:18:2d:ea:d8:7b:a4:94:b7:73:6c:20:56:cd:fb:96:70:90:
e7:d5:30:98:20:a6:eb:4d:9e:ea:8a:a3:f8:0a:d6:36:ca:90:
50:b4:1f:8d:c9:4b:4c:8d:ce:ca:a4:04:f0:71:0d:34:65:55:
04:4e:13:7c:f4:2f:2d:52:8b:c4:1d:b5:35:33:f3:c1:2d:e3:
be:f8:25:fa:48:55:df:73:7b:d8:8b:2b:f1:fb:6d:69:35:ac:
92:8b:4a:4d:99:1f:6c:11:3b:74:b5:5c:23:a3:ff:db:be:1a:
48:a0:61:aa:79:0b:66:2e:a6:45:11:d6:97:45:d7:5f:d0:68:
94:aa:82:8c:89:81:3a:75:22:c4:bc:92:b1:f6:bf:0b:62:76:
b3:1c:9d:ee:48:df:e5:6f:a1:dd:9e:21:49:ec:0e:78:f0:85:
b7:68:75:0c:35:87:db:46:39:2a:63:4d:5d:34:d9:05:53:f4:
1d:1a:1e:9d:69:ef:fe:68:3b:d8:f2:b9:ac:93:6e:0c:61:27:
42:9d:fe:9e:34:b5:c6:6c:a5:a6:60:b4:b0:63:6a:a5:1a:f4:
dc:17:ed:87:2d:e2:a6:ef:c7:20:91:c1:c1:e0:22:e6:38:19:
f6:65:94:a2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAK5DGGlER8A4KwIW492XugjWmW8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODIwNTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2M2MzZTBmZDkwMDVkMWQyY2NhMzE0ODMxMmZkMGQzMjI0M2EwMGZkODQ2
N2U1ZDljMmRjN2VjMzBlYTk0YjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxf0+mDJwJTeFQG12vujPxU+fkPbdOmQYeufy8+jSIw5IXCB0Kxw/3GO46K
SLU751hlZ6bkSaIdV90oTFeQHMr5UUWoFu5+MRVlan8Ez698I7EKu35xbHq1DTaz
YB/urbMZ2begSE77n/dVUy81YuhzH7EwOXlwJKrSeoJA4pyqR0yvukB2u0P7GNsE
FVnSfx8BXQ6yhg9mCZjdSvVgjHnanSVGKRbKjaGCo53iMnKFqj8AQgUUNhwciVNB
7c6odPoNpxIlDSsD2zmdPqL4dhlHPDbfE23kzKkQWg2Ukdczu2gqpfT7SlpUN8mV
u7y2329X+0nbqIaJK3vHYv9XFOsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSxo0Aj
P2ZyOdVg2rILfsCNJIJtxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzJlZjhkZDAtNjgyMC00MjlkLTlkZDUtZDc1ZjU5M2JjNzI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HRQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAwwbRaFiHfSP00mOZ0nVWq+veWRgt6th7pJS3
c2wgVs37lnCQ59UwmCCm602e6oqj+ArWNsqQULQfjclLTI3OyqQE8HENNGVVBE4T
fPQvLVKLxB21NTPzwS3jvvgl+khV33N72Isr8fttaTWskotKTZkfbBE7dLVcI6P/
274aSKBhqnkLZi6mRRHWl0XXX9BolKqCjImBOnUixLySsfa/C2J2sxyd7kjf5W+h
3Z4hSewOePCFt2h1DDWH20Y5KmNNXTTZBVP0HRoenWnv/mg72PK5rJNuDGEnQp3+
njS1xmylpmC0sGNqpRr03Bfthy3ipu/HIJHBweAi5jgZ9mWUog==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:48 2025 by rpki-client