Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5838d1-c51a-45b3-b76d-8abcc02d039c.roa
File: 7d5838d1-c51a-45b3-b76d-8abcc02d039c.roa (raw, json)
Hash identifier: O3r928rKyuvHlHWFKHY6UXGsShaLZYmz8SmNFLSNoY8=
Subject key identifier: E0:18:A9:FE:D3:E2:12:0A:EF:8D:C3:E3:64:64:26:1B:71:C8:89:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 333A6BF297E9DB96117CB1AF284F52ED04052066
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5838d1-c51a-45b3-b76d-8abcc02d039c.roa
Signing time: Thu 22 May 2025 01:24:03 +0000
ROA not before: Thu 22 May 2025 01:24:03 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:a0c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:3a:6b:f2:97:e9:db:96:11:7c:b1:af:28:4f:52:ed:04:05:20:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:24:03 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=c6692e2adb42df102e854e8c95b48d12cb4c89f1cba2d11a87c3fe7316e02504, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1a:db:ca:45:18:0a:e9:bf:3b:ff:58:80:8b:
b6:02:90:2f:50:18:63:78:00:11:ed:5e:76:15:86:
5d:f9:4a:79:53:6f:f3:5b:42:d4:eb:f0:86:ab:f4:
dd:18:4d:3d:17:4b:da:bb:69:5c:3d:d1:a2:0b:b8:
a6:68:70:15:4c:2a:fb:c0:cf:b5:5b:27:ec:50:ac:
92:ae:84:09:ee:bf:0a:26:71:83:be:65:cb:8b:2f:
44:42:c0:4b:88:fb:8a:a6:ba:1c:dd:c8:d3:65:65:
aa:b6:ce:42:fd:1c:59:89:f2:20:d9:2d:96:64:a6:
6c:d2:c6:86:f5:ba:10:79:28:d1:81:a7:a5:d1:d6:
9f:b4:46:4c:63:72:c0:10:d0:25:a2:8e:98:bd:67:
50:e8:f0:0a:04:0f:c4:51:25:a3:6c:86:ac:7a:51:
5c:a7:02:b2:ee:1f:07:0b:d1:24:c4:b2:e0:ec:00:
76:d7:58:e5:de:09:5c:9f:2d:2d:57:99:3e:5b:1e:
71:5f:7c:8d:10:48:5b:04:ab:cd:58:3e:85:a4:95:
a8:65:2c:1f:c6:df:14:2b:d7:1e:d7:90:13:ff:8b:
8e:70:fb:3b:7b:bd:5f:bc:3f:69:9e:fa:39:b4:d9:
15:17:20:89:94:6f:77:6c:21:15:14:27:40:fb:02:
90:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:18:A9:FE:D3:E2:12:0A:EF:8D:C3:E3:64:64:26:1B:71:C8:89:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d5838d1-c51a-45b3-b76d-8abcc02d039c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
97:aa:30:af:d7:a2:25:0c:07:1b:3d:a5:20:71:07:b0:48:74:
55:27:5c:e9:de:a2:ee:07:cb:d3:40:b1:c8:6d:06:fd:a6:6f:
3a:fe:63:46:bc:9d:8e:1e:1c:9c:b8:4e:44:05:64:03:30:ee:
ea:c8:40:55:6b:ce:ce:f7:59:01:8b:cd:d5:5a:c1:fc:86:ed:
35:f8:6f:88:5b:d1:bc:7c:28:7c:03:6c:0a:6f:bf:e2:4f:c2:
cd:0a:b3:57:6e:90:20:8d:21:65:17:c8:30:0b:e8:7a:0c:1e:
ab:bf:c3:05:0d:7b:e6:7d:bf:d5:63:bd:ca:a0:76:9b:b4:59:
83:6a:91:f6:4e:94:60:26:06:c6:3b:c6:ed:61:0d:69:77:32:
f9:92:8d:1d:7b:54:b4:7d:39:13:a7:ff:30:84:6f:cf:f8:74:
14:73:e5:2d:91:6a:20:3f:b3:32:e7:22:17:d1:ea:fc:d8:7b:
a7:c9:cd:79:be:2f:f3:64:0a:51:3d:5f:bd:68:0b:76:cf:78:
0d:fb:dd:4a:c1:11:37:7d:77:41:a2:ca:85:d5:cb:61:e9:e7:
56:2b:ed:0e:b8:71:aa:d3:d5:49:a7:cd:cc:7f:47:35:b1:de:
56:6b:50:b7:5b:b1:14:33:67:38:8c:6d:98:ea:10:31:b8:12:
45:83:b9:9d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMzpr8pfp25YRfLGvKE9S7QQFIGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTI0MDNaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2NjkyZTJhZGI0MmRmMTAyZTg1NGU4Yzk1YjQ4ZDEyY2I0Yzg5ZjFjYmEy
ZDExYTg3YzNmZTczMTZlMDI1MDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsa28pFGArpvzv/WICLtgKQL1AYY3gAEe1edhWGXflKeVNv81tC1Ovwhqv0
3RhNPRdL2rtpXD3Rogu4pmhwFUwq+8DPtVsn7FCskq6ECe6/CiZxg75ly4svRELA
S4j7iqa6HN3I02VlqrbOQv0cWYnyINktlmSmbNLGhvW6EHko0YGnpdHWn7RGTGNy
wBDQJaKOmL1nUOjwCgQPxFElo2yGrHpRXKcCsu4fBwvRJMSy4OwAdtdY5d4JXJ8t
LVeZPlsecV98jRBIWwSrzVg+haSVqGUsH8bfFCvXHteQE/+LjnD7O3u9X7w/aZ76
ObTZFRcgiZRvd2whFRQnQPsCkGMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTgGKn+
0+ISCu+Nw+NkZCYbcciJPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2Q1ODM4ZDEtYzUxYS00NWIzLWI3NmQtOGFiY2MwMmQwMzljLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Fmg
wDANBgkqhkiG9w0BAQsFAAOCAQEAl6owr9eiJQwHGz2lIHEHsEh0VSdc6d6i7gfL
00CxyG0G/aZvOv5jRrydjh4cnLhORAVkAzDu6shAVWvOzvdZAYvN1VrB/IbtNfhv
iFvRvHwofANsCm+/4k/CzQqzV26QII0hZRfIMAvoegweq7/DBQ175n2/1WO9yqB2
m7RZg2qR9k6UYCYGxjvG7WENaXcy+ZKNHXtUtH05E6f/MIRvz/h0FHPlLZFqID+z
MuciF9Hq/Nh7p8nNeb4v82QKUT1fvWgLds94DfvdSsERN313QaLKhdXLYennVivt
DrhxqtPVSafNzH9HNbHeVmtQt1uxFDNnOIxtmOoQMbgSRYO5nQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:27 2025 by rpki-client