Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79a70a6e-e108-4a5d-bd72-204a2d6b52e5.roa
File: 79a70a6e-e108-4a5d-bd72-204a2d6b52e5.roa (raw, json)
Hash identifier: IyshPeKiytsMhpr49MNALmwQPdvINFev+Cyj7DIzjng=
Subject key identifier: 32:DC:99:94:12:30:95:E8:15:E6:85:ED:32:31:27:2A:EF:A5:FB:D7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29B8C6E840BEA84D39A8B5FE7A8F8D6F6E7687A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79a70a6e-e108-4a5d-bd72-204a2d6b52e5.roa
Signing time: Thu 17 Apr 2025 16:37:14 +0000
ROA not before: Thu 17 Apr 2025 16:37:14 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:a000::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 17 Apr 2025 20:37:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:b8:c6:e8:40:be:a8:4d:39:a8:b5:fe:7a:8f:8d:6f:6e:76:87:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:37:14 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=9310714efcab2512710b1069d22d2fc512db8f7fff1481f2b10e3fd7e8b75271, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c3:06:43:7d:95:21:38:a7:56:5a:32:b6:5c:
fa:e6:d1:d8:6b:d3:d4:b1:32:27:5a:93:c4:90:a4:
61:0e:1c:3d:b1:60:4d:59:05:45:eb:4e:d9:b8:21:
3d:7c:73:7e:69:ac:df:a2:1d:63:03:21:0a:57:63:
c7:e6:93:3a:a6:4e:90:85:b4:37:1d:d7:d9:91:b6:
12:98:0c:64:a3:48:a2:5a:27:5f:b7:d0:bc:bb:57:
ac:99:48:4f:4e:c3:7d:7f:7c:40:74:fe:cd:d6:08:
55:bb:e4:69:99:3b:ed:57:97:b6:8e:9f:51:8f:d0:
de:9a:ca:43:ee:80:38:97:5b:9c:8a:08:fd:dd:84:
fe:f3:c1:74:30:6b:43:b3:c6:e7:b6:0a:a9:dc:6b:
30:90:7a:f0:e4:67:b2:92:a9:3d:12:c3:dc:f2:10:
a4:08:1e:f9:0b:3f:44:a4:6b:fd:e9:63:0b:0c:ba:
ae:f8:c8:32:5c:93:a4:aa:d1:7c:96:f1:a2:11:bd:
27:b7:85:90:ef:8f:56:fa:01:20:95:1b:59:c2:cc:
5c:76:b1:23:cb:5c:5d:fe:2d:81:71:59:27:20:da:
5a:dd:02:87:c3:ed:5a:ed:d1:79:df:04:8e:56:01:
6e:dc:18:b6:d4:53:ab:4b:95:9a:bd:7e:90:99:a1:
e5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DC:99:94:12:30:95:E8:15:E6:85:ED:32:31:27:2A:EF:A5:FB:D7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79a70a6e-e108-4a5d-bd72-204a2d6b52e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:a000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:1f:89:17:36:ec:28:a4:44:2d:7a:cd:61:e3:14:60:f0:21:
b3:e2:b5:8d:10:10:e2:35:a8:b4:ba:8a:1d:09:db:5e:1f:9d:
13:94:d2:09:1f:84:2c:1c:ee:9a:a5:58:73:af:b8:05:29:30:
fd:eb:88:77:b2:68:50:d6:9a:3e:51:f3:25:3c:b2:cf:66:09:
4e:aa:25:27:d4:d1:60:e0:9b:26:8e:08:ce:90:5c:ba:7b:b7:
e3:8e:51:bf:37:65:0a:b9:79:8c:8e:9d:ef:a8:1b:da:c4:4a:
f5:0a:d8:7e:f1:1a:1c:cd:f2:7f:78:ec:96:d4:99:ec:dd:c7:
f6:ae:3d:4a:c8:bc:b9:c9:50:05:5e:0a:c8:04:ef:27:e0:b4:
07:ab:03:f1:10:15:af:a6:29:6d:31:cf:1e:e1:52:b1:2a:78:
7b:43:af:9a:c3:a4:8f:ae:d8:b0:83:2f:38:ca:8a:73:d9:0a:
1d:04:62:b1:67:6d:2e:d1:42:8f:d7:27:cd:bc:37:6c:16:64:
c5:e2:85:53:17:41:38:65:5e:94:de:06:a2:a1:bf:10:04:c3:
df:b1:80:92:d9:cd:f2:d8:04:ea:4f:be:38:09:40:c9:39:bf:
89:2c:f5:17:37:21:da:8b:ec:af:2b:8a:25:d9:06:34:14:8e:
2f:5d:11:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKbjG6EC+qE05qLX+eo+Nb252h6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM3MTRaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzMTA3MTRlZmNhYjI1MTI3MTBiMTA2OWQyMmQyZmM1MTJkYjhmN2ZmZjE0
ODFmMmIxMGUzZmQ3ZThiNzUyNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLDBkN9lSE4p1ZaMrZc+ubR2GvT1LEyJ1qTxJCkYQ4cPbFgTVkFRetO2bgh
PXxzfmms36IdYwMhCldjx+aTOqZOkIW0Nx3X2ZG2EpgMZKNIolonX7fQvLtXrJlI
T07DfX98QHT+zdYIVbvkaZk77VeXto6fUY/Q3prKQ+6AOJdbnIoI/d2E/vPBdDBr
Q7PG57YKqdxrMJB68ORnspKpPRLD3PIQpAge+Qs/RKRr/eljCwy6rvjIMlyTpKrR
fJbxohG9J7eFkO+PVvoBIJUbWcLMXHaxI8tcXf4tgXFZJyDaWt0Ch8PtWu3Red8E
jlYBbtwYttRTq0uVmr1+kJmh5RUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQy3JmU
EjCV6BXmhe0yMScq76X71zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzlhNzBhNmUtZTEwOC00YTVkLWJkNzItMjA0YTJkNmI1MmU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fug
MA0GCSqGSIb3DQEBCwUAA4IBAQCqH4kXNuwopEQtes1h4xRg8CGz4rWNEBDiNai0
uoodCdteH50TlNIJH4QsHO6apVhzr7gFKTD964h3smhQ1po+UfMlPLLPZglOqiUn
1NFg4JsmjgjOkFy6e7fjjlG/N2UKuXmMjp3vqBvaxEr1Cth+8RoczfJ/eOyW1Jns
3cf2rj1KyLy5yVAFXgrIBO8n4LQHqwPxEBWvpiltMc8e4VKxKnh7Q6+aw6SPrtiw
gy84yopz2QodBGKxZ20u0UKP1yfNvDdsFmTF4oVTF0E4ZV6U3gaiob8QBMPfsYCS
2c3y2ATqT744CUDJOb+JLPUXNyHai+yvK4ol2QY0FI4vXRGV
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:50:03 2025 by rpki-client