Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81feff8e-07ef-4f8b-a3c9-5d68d6e74619.roa
File: 81feff8e-07ef-4f8b-a3c9-5d68d6e74619.roa (raw, json)
Hash identifier: lGrTngRCkx1fgV2SK8FjGrG8bUn2t9xQd6FHv5Qmyfs=
Subject key identifier: 32:8F:11:39:76:45:B4:AE:0F:60:B4:01:73:D6:AC:BE:FD:B5:7F:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A3962B0CF5B43EBAB9CE32EB450E17E8D6E77BF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81feff8e-07ef-4f8b-a3c9-5d68d6e74619.roa
Signing time: Tue 20 May 2025 19:00:18 +0000
ROA not before: Tue 20 May 2025 19:00:18 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:b000::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:39:62:b0:cf:5b:43:eb:ab:9c:e3:2e:b4:50:e1:7e:8d:6e:77:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:18 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=890d29fef0cc4d613bf439115d331bd76fdac7ea16c3c7f72913f016f5af14a8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cb:3f:1f:a3:c6:46:ba:33:29:d2:5e:05:42:
e3:09:76:2d:66:dd:ca:d0:40:11:a4:a2:ac:0a:87:
04:12:4a:dc:89:9b:b7:60:ef:ec:66:13:fa:1c:ec:
77:1d:a0:ef:7f:44:99:bf:2b:92:45:d0:6f:51:69:
0f:e3:a6:22:d9:ec:66:0d:57:8c:0b:56:af:d7:f5:
7c:ea:91:a7:bb:59:30:1e:6a:5c:e7:6a:5f:ab:40:
c3:67:e8:52:f2:4d:c5:a0:3d:4c:ba:08:f3:29:5c:
79:b4:60:20:ad:89:09:cb:f0:23:b0:cc:cb:8d:cc:
16:62:a8:9e:7a:bf:a1:33:26:ff:01:01:02:7d:a5:
db:27:0b:1b:6f:cc:a8:4e:0e:c3:47:6d:48:9b:fc:
f3:c2:9a:17:c4:39:eb:c3:e8:63:4d:ef:fc:0e:06:
53:b9:b8:74:fa:a3:bd:5e:11:a4:94:58:0c:34:ca:
f8:d2:9a:19:2e:18:a2:90:34:1f:66:29:ea:ae:16:
6e:53:c0:d5:84:03:da:51:c4:4a:49:f4:77:3b:5d:
f5:62:12:91:50:d6:61:4b:1a:1a:50:03:63:a1:f0:
c7:e3:30:96:81:63:76:93:1a:bf:c1:05:8e:3d:cb:
e8:83:e5:94:3e:44:4b:98:90:b0:62:e1:b1:f6:93:
f5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8F:11:39:76:45:B4:AE:0F:60:B4:01:73:D6:AC:BE:FD:B5:7F:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/81feff8e-07ef-4f8b-a3c9-5d68d6e74619.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:b000::/40
Signature Algorithm: sha256WithRSAEncryption
63:7e:c2:65:f8:af:5f:f9:9d:75:f0:1e:f2:42:d2:f2:f9:72:
2c:8a:9f:f1:cb:8d:23:7c:28:b9:57:e4:7e:67:67:52:bc:6d:
e2:dd:13:fd:49:17:b5:64:b9:96:52:98:14:9d:ca:27:dc:33:
6e:86:02:78:e5:8b:46:eb:80:48:f7:4c:45:52:70:26:3e:7f:
76:1a:c7:0b:08:d9:5e:5b:14:92:d5:36:cb:3f:dd:b7:91:3b:
4f:e2:c4:a8:cb:f1:3d:c0:22:e6:68:b9:89:1a:b0:6b:e2:12:
84:87:ff:1d:67:6b:d5:9a:31:c7:23:3c:91:91:c1:16:6c:87:
7d:aa:0d:02:e5:30:c2:31:54:0e:b8:5f:fb:cd:ca:28:98:48:
9e:c5:d4:77:c8:16:44:29:30:ca:f1:67:48:83:29:09:5a:a5:
28:ad:36:59:25:e4:e9:45:cd:b1:cb:29:15:68:1a:1d:bf:e2:
93:11:e1:ae:8d:6c:c0:85:00:76:6c:e6:cc:96:58:45:cd:7e:
9c:58:6a:e0:c5:93:cf:6f:e6:6b:1f:e2:45:5c:ce:00:b8:04:
bc:4a:92:5a:26:84:c2:33:55:86:a2:17:da:5f:d4:ba:84:68:
55:d3:89:82:10:57:d3:f4:29:1d:de:8b:fb:59:ee:3f:03:22:
ce:24:a2:e4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCjlisM9bQ+urnOMutFDhfo1ud78wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwMThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MGQyOWZlZjBjYzRkNjEzYmY0MzkxMTVkMzMxYmQ3NmZkYWM3ZWExNmMz
YzdmNzI5MTNmMDE2ZjVhZjE0YTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfLPx+jxka6MynSXgVC4wl2LWbdytBAEaSirAqHBBJK3Imbt2Dv7GYT+hzs
dx2g739Emb8rkkXQb1FpD+OmItnsZg1XjAtWr9f1fOqRp7tZMB5qXOdqX6tAw2fo
UvJNxaA9TLoI8ylcebRgIK2JCcvwI7DMy43MFmKonnq/oTMm/wEBAn2l2ycLG2/M
qE4Ow0dtSJv888KaF8Q568PoY03v/A4GU7m4dPqjvV4RpJRYDDTK+NKaGS4YopA0
H2Yp6q4WblPA1YQD2lHESkn0dztd9WISkVDWYUsaGlADY6Hwx+MwloFjdpMav8EF
jj3L6IPllD5ES5iQsGLhsfaT9T0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyjxE5
dkW0rg9gtAFz1qy+/bV/+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODFmZWZmOGUtMDdlZi00ZjhiLWEzYzktNWQ2OGQ2ZTc0NjE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSw
MA0GCSqGSIb3DQEBCwUAA4IBAQBjfsJl+K9f+Z118B7yQtLy+XIsip/xy40jfCi5
V+R+Z2dSvG3i3RP9SRe1ZLmWUpgUncon3DNuhgJ45YtG64BI90xFUnAmPn92GscL
CNleWxSS1TbLP923kTtP4sSoy/E9wCLmaLmJGrBr4hKEh/8dZ2vVmjHHIzyRkcEW
bId9qg0C5TDCMVQOuF/7zcoomEiexdR3yBZEKTDK8WdIgykJWqUorTZZJeTpRc2x
yykVaBodv+KTEeGujWzAhQB2bObMllhFzX6cWGrgxZPPb+ZrH+JFXM4AuAS8SpJa
JoTCM1WGohfaX9S6hGhV04mCEFfT9Ckd3ov7We4/AyLOJKLk
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:19 2025 by rpki-client