Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82a53939-1845-479a-99a6-0bf3e18a0a17.roa
File: 82a53939-1845-479a-99a6-0bf3e18a0a17.roa (raw, json)
Hash identifier: C1r1HO2jbfy4JN78rXj7duwRkMthAkalUDkVQe5QDg4=
Subject key identifier: F8:4F:A9:BC:87:F8:F9:02:F3:0B:A9:D6:3E:21:DC:B6:A3:0E:08:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FA0BAFFD969B8F71C9C449B13356BD9C99CB4CF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82a53939-1845-479a-99a6-0bf3e18a0a17.roa
Signing time: Thu 22 May 2025 01:24:09 +0000
ROA not before: Thu 22 May 2025 01:24:09 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:e0c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:a0:ba:ff:d9:69:b8:f7:1c:9c:44:9b:13:35:6b:d9:c9:9c:b4:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:24:09 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=bd2670835d80d2783df241bafdce2dc98698abb0498768d74315dc42d239c2d6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6e:3f:a4:d2:22:24:38:9d:4a:cb:13:1f:87:
79:56:71:e1:71:2d:34:27:6b:c7:bf:f7:8f:51:51:
a9:06:1b:27:ea:ce:8d:4b:13:03:04:18:92:30:c6:
83:10:00:e8:5a:1e:cf:6e:95:b7:52:58:f4:90:00:
56:40:27:17:4e:30:b9:91:1e:b4:55:0d:b9:b0:56:
0b:1c:4d:bd:2f:66:f1:7c:1a:26:8e:e8:8c:ea:df:
5b:f5:40:63:a5:6c:b2:bf:39:b6:6a:d8:c8:c3:10:
36:ed:fe:ad:68:3d:ab:3c:9d:28:89:d8:5e:46:c3:
2c:fe:d4:7d:c9:58:13:fe:52:6b:bf:e9:16:cf:9b:
4f:48:8f:4b:26:7c:bc:0a:ce:3f:c9:e0:80:c3:cd:
e4:79:ef:1a:57:3e:e4:f6:b5:d9:16:e8:19:bc:cf:
49:c0:4f:71:cc:ad:5c:4f:f3:1f:5c:e5:26:aa:2a:
76:7d:a9:62:c6:8e:f1:9f:e7:bb:fd:79:b6:27:5a:
cf:28:3a:cb:43:99:3d:f5:99:22:96:a9:3d:d6:68:
56:09:6a:62:e8:f4:61:49:d2:10:b7:a9:b8:f4:fd:
98:39:c9:0e:d1:64:c7:79:1d:d3:d9:91:55:53:6b:
9f:4c:5c:8e:e4:94:1b:24:5b:3c:06:41:b9:b1:6c:
3e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:4F:A9:BC:87:F8:F9:02:F3:0B:A9:D6:3E:21:DC:B6:A3:0E:08:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/82a53939-1845-479a-99a6-0bf3e18a0a17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
62:8a:ad:f4:b4:c3:dd:2b:2f:81:4e:07:b6:39:de:fc:9a:71:
29:3e:74:c8:7a:f9:d6:49:bb:f5:d0:56:97:3d:85:be:b0:a6:
1a:d4:39:34:c7:cd:11:09:cc:28:f9:ab:7f:ba:e8:fa:bf:cf:
36:95:78:ef:b3:67:da:2e:26:3c:17:61:aa:d3:9a:12:7c:c2:
59:4c:ab:ba:a8:44:00:03:d9:84:89:74:22:f3:a0:1a:ed:92:
42:c5:0e:09:72:96:1c:d0:91:c8:a1:20:31:84:85:c4:a2:82:
4c:a1:4c:ae:47:4c:dc:5f:6b:5c:5a:73:d8:20:8b:4c:33:8b:
df:05:48:4d:0b:21:33:0d:71:d8:12:84:72:35:d5:92:a0:ca:
4f:4c:61:a5:1c:3a:1b:f0:25:aa:53:b2:41:ad:f3:3b:73:cb:
11:7f:06:c5:04:b3:61:8d:1a:31:da:43:c6:9f:61:64:3a:3c:
91:d5:62:82:fc:6e:f6:e9:66:5f:93:4b:47:77:b9:22:2e:d7:
bd:fa:10:b2:d8:31:8f:55:ce:9d:8d:5d:da:07:37:d0:a7:d0:
fe:78:74:ff:1e:57:af:1c:e7:90:69:18:e6:b9:f2:53:4a:af:
7a:36:cb:79:e1:42:41:c7:7e:ae:ca:f5:79:c4:f4:db:c0:fe:
aa:98:4e:4a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP6C6/9lpuPccnESbEzVr2cmctM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTI0MDlaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMjY3MDgzNWQ4MGQyNzgzZGYyNDFiYWZkY2UyZGM5ODY5OGFiYjA0OTg3
NjhkNzQzMTVkYzQyZDIzOWMyZDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFuP6TSIiQ4nUrLEx+HeVZx4XEtNCdrx7/3j1FRqQYbJ+rOjUsTAwQYkjDG
gxAA6Foez26Vt1JY9JAAVkAnF04wuZEetFUNubBWCxxNvS9m8XwaJo7ojOrfW/VA
Y6Vssr85tmrYyMMQNu3+rWg9qzydKInYXkbDLP7UfclYE/5Sa7/pFs+bT0iPSyZ8
vArOP8nggMPN5HnvGlc+5Pa12RboGbzPScBPccytXE/zH1zlJqoqdn2pYsaO8Z/n
u/15tidazyg6y0OZPfWZIpapPdZoVglqYuj0YUnSELepuPT9mDnJDtFkx3kd09mR
VVNrn0xcjuSUGyRbPAZBubFsPg8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT4T6m8
h/j5AvMLqdY+Idy2ow4ILjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODJhNTM5MzktMTg0NS00NzlhLTk5YTYtMGJmM2UxOGEwYTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Fng
wDANBgkqhkiG9w0BAQsFAAOCAQEAYoqt9LTD3SsvgU4Htjne/JpxKT50yHr51km7
9dBWlz2FvrCmGtQ5NMfNEQnMKPmrf7ro+r/PNpV477Nn2i4mPBdhqtOaEnzCWUyr
uqhEAAPZhIl0IvOgGu2SQsUOCXKWHNCRyKEgMYSFxKKCTKFMrkdM3F9rXFpz2CCL
TDOL3wVITQshMw1x2BKEcjXVkqDKT0xhpRw6G/AlqlOyQa3zO3PLEX8GxQSzYY0a
MdpDxp9hZDo8kdVigvxu9ulmX5NLR3e5Ii7XvfoQstgxj1XOnY1d2gc30KfQ/nh0
/x5XrxznkGkY5rnyU0qvejbLeeFCQcd+rsr1ecT028D+qphOSg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:38:44 2025 by rpki-client