Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/744e2cbf-f92a-426a-8e44-641c50910adf.roa
File: 744e2cbf-f92a-426a-8e44-641c50910adf.roa (raw, json)
Hash identifier: JnJk/7aV/rS2kGfi8hWfVtYgXYGpUbW+6JRU1O2yZJk=
Subject key identifier: AC:32:DA:76:2D:CC:0F:F9:48:7D:27:BD:F5:D2:87:EF:10:64:9A:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42DFFECDF2C4F8032C93172B433CEF115CD0A656
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/744e2cbf-f92a-426a-8e44-641c50910adf.roa
Signing time: Wed 02 Apr 2025 18:52:10 +0000
ROA not before: Wed 02 Apr 2025 18:52:10 +0000
ROA not after: Wed 07 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 07 Apr 2025 23:37:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:df:fe:cd:f2:c4:f8:03:2c:93:17:2b:43:3c:ef:11:5c:d0:a6:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 18:52:10 2025 GMT
Not After : May 7 23:59:59 2025 GMT
Subject: serialNumber=d080c6b4dbc12ef5993e4a80b0edba9ee0c584a0bbdb144df2a2bae552f87213, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3b:2f:e3:85:c1:31:b3:53:fa:70:36:cc:0f:
bf:ea:9d:fe:6e:63:49:7e:3e:c1:a5:5f:a8:2c:d8:
09:71:c1:0f:81:ab:df:16:6c:e4:b5:88:f5:21:35:
f9:17:ae:b6:78:60:b7:06:d2:13:e2:97:f6:00:0a:
32:b5:d7:6e:ca:9f:6c:76:00:24:c3:eb:33:7b:e7:
5a:d1:fb:9c:e6:cc:56:55:47:99:01:fd:2b:a7:bf:
25:56:60:1d:87:ea:35:e1:22:23:68:ee:f0:e1:e9:
0b:99:cc:18:aa:5b:f3:b8:07:70:57:30:87:ab:21:
b7:9d:c8:3a:88:f2:d5:b7:5f:f5:8b:69:5e:be:c2:
33:1f:b3:c9:f7:37:36:28:89:d1:38:76:02:22:c1:
db:b1:cf:f0:63:11:e7:eb:fa:b8:97:9d:bb:92:65:
c7:8b:77:e4:06:7c:f1:0a:39:bf:2f:ab:36:29:9e:
d0:04:52:fd:0b:52:b3:84:cb:9f:8a:b3:b8:15:b3:
a8:aa:51:2f:e8:c2:f9:ba:b8:c8:d6:69:6e:45:cd:
25:a9:b2:cd:07:61:5c:21:f3:6b:d9:e0:7b:f1:a0:
5b:8a:35:e3:3d:c6:ba:6c:2c:a3:06:dc:ef:db:bd:
b2:30:8b:37:94:4a:c7:b6:ba:9d:66:c8:8f:90:99:
0a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:32:DA:76:2D:CC:0F:F9:48:7D:27:BD:F5:D2:87:EF:10:64:9A:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/744e2cbf-f92a-426a-8e44-641c50910adf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:800::/40
Signature Algorithm: sha256WithRSAEncryption
c6:f9:6e:6f:e3:55:9e:b2:4e:79:3a:0a:44:79:02:d9:d7:5a:
eb:4f:1a:69:2e:8e:4b:be:5b:fd:c0:84:0f:1b:45:c7:6d:8f:
e5:e7:2d:57:b8:3b:e9:e8:23:ca:83:3c:f1:03:48:fc:fd:0d:
6a:45:6e:7d:ec:ca:08:6a:27:de:da:e5:31:ef:2a:cd:50:b2:
0d:98:2b:a7:84:2e:48:4b:83:54:91:76:a5:79:10:8a:fa:03:
33:f7:0c:34:34:21:1d:29:74:56:ec:7a:64:ec:4f:59:ae:7d:
ea:2b:1c:1d:c0:41:3b:b7:0a:6f:c0:de:0e:9d:ff:cd:76:08:
a8:4d:6f:f4:93:84:75:11:92:36:5c:0e:7e:27:51:da:d4:98:
42:9c:9e:5e:30:61:72:8e:b5:d0:24:6c:90:33:13:8c:d8:e8:
61:00:e3:17:30:85:b4:08:c0:1e:2f:a0:8a:be:40:a5:d1:3e:
b7:87:a1:51:06:6e:17:63:4f:9f:89:99:cf:79:d8:e8:6a:97:
a3:49:56:6a:cb:c6:6a:49:b7:83:5f:87:b8:c9:32:2f:7b:fa:
16:04:9d:51:9d:11:e3:72:8c:13:76:13:08:fd:7a:03:3d:cc:
a2:48:ac:af:67:27:7d:02:48:fa:98:51:c1:49:fd:7b:44:2f:
4a:d1:35:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQt/+zfLE+AMskxcrQzzvEVzQplYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDIxODUyMTBaFw0yNTA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwODBjNmI0ZGJjMTJlZjU5OTNlNGE4MGIwZWRiYTllZTBjNTg0YTBiYmRi
MTQ0ZGYyYTJiYWU1NTJmODcyMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMg7L+OFwTGzU/pwNswPv+qd/m5jSX4+waVfqCzYCXHBD4Gr3xZs5LWI9SE1
+ReutnhgtwbSE+KX9gAKMrXXbsqfbHYAJMPrM3vnWtH7nObMVlVHmQH9K6e/JVZg
HYfqNeEiI2ju8OHpC5nMGKpb87gHcFcwh6sht53IOojy1bdf9YtpXr7CMx+zyfc3
NiiJ0Th2AiLB27HP8GMR5+v6uJedu5Jlx4t35AZ88Qo5vy+rNime0ARS/QtSs4TL
n4qzuBWzqKpRL+jC+bq4yNZpbkXNJamyzQdhXCHza9nge/GgW4o14z3Gumwsowbc
79u9sjCLN5RKx7a6nWbIj5CZCqMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSsMtp2
LcwP+Uh9J7310ofvEGSaNTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzQ0ZTJjYmYtZjkyYS00MjZhLThlNDQtNjQxYzUwOTEwYWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAI
MA0GCSqGSIb3DQEBCwUAA4IBAQDG+W5v41Wesk55OgpEeQLZ11rrTxppLo5Lvlv9
wIQPG0XHbY/l5y1XuDvp6CPKgzzxA0j8/Q1qRW597MoIaife2uUx7yrNULINmCun
hC5IS4NUkXaleRCK+gMz9ww0NCEdKXRW7Hpk7E9Zrn3qKxwdwEE7twpvwN4Onf/N
dgioTW/0k4R1EZI2XA5+J1Ha1JhCnJ5eMGFyjrXQJGyQMxOM2OhhAOMXMIW0CMAe
L6CKvkCl0T63h6FRBm4XY0+fiZnPedjoapejSVZqy8ZqSbeDX4e4yTIve/oWBJ1R
nRHjcowTdhMI/XoDPcyiSKyvZyd9Akj6mFHBSf17RC9K0TWz
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:48:15 2025 by rpki-client