Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77f9f7cb-d06f-4d75-b196-805a7498f7a2.roa
File: 77f9f7cb-d06f-4d75-b196-805a7498f7a2.roa (raw, json)
Hash identifier: HaPjCUheYKjFSqm9RN2RP9IvEXMTDSaVJJqXPDfzOdw=
Subject key identifier: B8:F8:91:9F:0B:42:A3:5D:93:C8:EF:B9:C0:8C:B1:68:FA:3B:2D:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47A2D156F172474091A4083CD30B80E813D6645F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77f9f7cb-d06f-4d75-b196-805a7498f7a2.roa
Signing time: Mon 12 May 2025 16:20:41 +0000
ROA not before: Mon 12 May 2025 16:20:41 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:5000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:a2:d1:56:f1:72:47:40:91:a4:08:3c:d3:0b:80:e8:13:d6:64:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:41 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=92d9aac204ba0f0b527ac272a3698ddcd59ebf49f807795b5cb0e07887c3bffb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:19:e4:dc:8c:4d:f8:5b:61:ee:d2:fe:4c:b9:
e5:53:13:97:da:f8:18:19:a9:60:65:3d:0b:ad:70:
19:68:e7:1d:43:22:9a:55:49:5f:20:38:89:16:92:
3e:48:f7:5d:82:e0:7d:27:b9:50:d4:f7:48:5b:a2:
9e:eb:48:73:95:aa:c2:bf:4a:65:df:1c:cd:16:6e:
ca:09:98:83:eb:f3:00:43:0f:0e:62:17:f5:45:22:
f1:e8:fb:d7:d8:39:0a:35:ca:13:25:0f:70:75:87:
de:51:2b:c7:da:13:49:88:40:52:74:d9:67:51:00:
51:ac:a2:8b:c7:7c:be:82:c0:39:70:71:5c:95:d6:
9f:53:c4:8d:9c:df:e0:aa:10:88:47:9f:de:a6:5b:
79:a7:b8:50:35:9c:86:76:ef:ea:8a:25:83:23:3a:
df:20:88:07:8f:32:74:77:66:16:54:5f:9f:f6:63:
31:4f:31:86:3b:b0:19:7f:01:5a:77:45:77:80:8c:
bd:08:ef:7d:72:cc:98:22:27:b5:b7:a7:b8:b2:11:
31:e3:01:9f:90:4a:a5:14:af:57:9e:ee:9f:3e:8b:
ca:d6:ed:80:00:a2:ac:fd:f2:0f:32:46:75:06:00:
93:e0:58:60:11:f0:d8:d6:c2:e1:1e:c5:69:76:67:
7c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F8:91:9F:0B:42:A3:5D:93:C8:EF:B9:C0:8C:B1:68:FA:3B:2D:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77f9f7cb-d06f-4d75-b196-805a7498f7a2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:5000::/40
Signature Algorithm: sha256WithRSAEncryption
5f:28:8f:74:c1:d5:75:15:6e:e9:b1:34:bf:2a:83:60:13:9e:
03:f4:67:72:aa:64:cd:14:da:00:2f:eb:47:8d:67:eb:f1:89:
39:e2:27:aa:6d:76:1a:36:8d:a4:6d:05:01:61:0f:d9:23:86:
7d:5f:07:a3:f4:eb:fc:5f:0a:bb:8b:3f:ee:2f:43:00:ae:da:
1e:bf:be:b4:fa:3f:23:d0:f8:a4:1a:aa:66:87:9f:f0:bf:e0:
00:3d:65:f6:8c:de:b0:6c:10:11:3f:cd:0b:96:c9:19:2a:5f:
e8:15:2d:cc:7f:44:c3:79:b8:c4:91:27:0f:24:ae:48:78:93:
c1:a1:19:b1:bf:82:51:b5:23:20:12:fd:35:78:17:20:29:67:
39:e5:d1:3a:cb:31:e5:18:70:9e:94:ed:08:64:72:62:70:24:
4a:a5:cb:8b:d8:84:6a:bb:c9:08:06:d5:0e:bf:3d:90:d1:53:
4e:2a:bf:3c:0d:cb:15:7b:f2:cd:7a:40:24:54:46:35:9e:65:
01:62:4f:6a:50:ea:7d:b5:2c:96:0d:e3:24:23:6c:55:4a:70:
82:d3:40:28:e7:89:8c:73:aa:9a:ae:97:17:b2:89:ac:f2:51:
64:6f:00:54:78:26:ec:d7:df:ae:ad:78:c3:e8:45:7c:8d:34:
b5:69:0a:d9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR6LRVvFyR0CRpAg80wuA6BPWZF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwNDFaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyZDlhYWMyMDRiYTBmMGI1MjdhYzI3MmEzNjk4ZGRjZDU5ZWJmNDlmODA3
Nzk1YjVjYjBlMDc4ODdjM2JmZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0Z5NyMTfhbYe7S/ky55VMTl9r4GBmpYGU9C61wGWjnHUMimlVJXyA4iRaS
Pkj3XYLgfSe5UNT3SFuinutIc5Wqwr9KZd8czRZuygmYg+vzAEMPDmIX9UUi8ej7
19g5CjXKEyUPcHWH3lErx9oTSYhAUnTZZ1EAUayii8d8voLAOXBxXJXWn1PEjZzf
4KoQiEef3qZbeae4UDWchnbv6oolgyM63yCIB48ydHdmFlRfn/ZjMU8xhjuwGX8B
WndFd4CMvQjvfXLMmCIntbenuLIRMeMBn5BKpRSvV57unz6LytbtgACirP3yDzJG
dQYAk+BYYBHw2NbC4R7FaXZnfA0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS4+JGf
C0KjXZPI77nAjLFo+jstFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzdmOWY3Y2ItZDA2Zi00ZDc1LWIxOTYtODA1YTc0OThmN2EyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FtQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBfKI90wdV1FW7psTS/KoNgE54D9GdyqmTNFNoA
L+tHjWfr8Yk54ieqbXYaNo2kbQUBYQ/ZI4Z9Xwej9Ov8Xwq7iz/uL0MArtoev760
+j8j0PikGqpmh5/wv+AAPWX2jN6wbBARP80LlskZKl/oFS3Mf0TDebjEkScPJK5I
eJPBoRmxv4JRtSMgEv01eBcgKWc55dE6yzHlGHCelO0IZHJicCRKpcuL2IRqu8kI
BtUOvz2Q0VNOKr88DcsVe/LNekAkVEY1nmUBYk9qUOp9tSyWDeMkI2xVSnCC00Ao
54mMc6qarpcXsoms8lFkbwBUeCbs19+urXjD6EV8jTS1aQrZ
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:38:31 2025 by rpki-client