Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
File: 89a57214-0fc2-48c6-99d6-19852ea7a30e.roa (raw, json)
Hash identifier: fMsZc10fkmwvWsyhpCfWayVAw56KFM/x1ulWMTZuQu4=
Subject key identifier: 02:38:55:AF:98:E6:56:D5:23:68:B0:6B:83:3A:77:7D:31:D5:E9:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FDC7458E0AA94A1CBA8006E569B780D648990C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
Signing time: Tue 20 May 2025 19:00:08 +0000
ROA not before: Tue 20 May 2025 19:00:08 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:1080::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:dc:74:58:e0:aa:94:a1:cb:a8:00:6e:56:9b:78:0d:64:89:90:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:08 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c51b0b83d06986d947dc0be695ce3f31fa81df33f7242b09efec6570dd85e1a3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:32:ce:7a:11:a2:00:44:df:f3:ac:3b:d1:65:
29:72:75:a3:79:95:c5:65:7b:d4:31:57:76:8a:b4:
67:c6:fa:68:46:8d:00:cf:cc:e9:ce:90:4e:23:32:
e4:b2:f0:f5:e7:d8:38:3e:d0:e7:5c:57:ac:8d:0e:
86:a2:d3:a9:89:74:22:3d:5b:3a:74:1c:8c:c9:aa:
aa:bc:93:dd:29:af:cb:ca:7b:a9:b9:ad:2c:fb:37:
7e:c3:26:8c:e8:ed:93:95:e0:e6:fa:2e:20:d6:43:
e4:3f:02:d2:58:a9:ae:04:47:36:d6:41:65:96:a4:
a6:3d:98:0d:4f:45:6b:e1:35:5b:6d:fb:f6:0e:c5:
27:f2:cc:7d:3b:cf:41:70:21:d4:2f:5a:f0:f7:64:
7b:ab:15:b9:2a:78:77:41:61:62:df:4d:fa:ef:40:
00:a4:9d:92:bd:5b:c3:56:16:a1:0c:76:d3:be:94:
19:c1:9a:85:7e:fd:e3:a3:53:cc:3d:6e:d9:a7:77:
2b:4b:f8:d3:50:6f:a9:8b:e7:d6:5e:bc:64:74:5c:
37:dc:86:79:64:a8:2c:9e:c0:3d:f7:a8:80:01:9e:
be:2a:fb:1b:4d:a8:1f:96:df:ad:59:93:63:0d:0f:
a3:fe:cf:c5:4f:65:f6:8b:54:d9:c5:8f:59:05:1e:
31:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:38:55:AF:98:E6:56:D5:23:68:B0:6B:83:3A:77:7D:31:D5:E9:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89a57214-0fc2-48c6-99d6-19852ea7a30e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1080::/48
Signature Algorithm: sha256WithRSAEncryption
0b:53:95:97:4d:ba:1d:1a:3d:63:3c:8f:7d:69:0b:df:fe:5f:
03:26:ae:33:fa:ed:72:a6:ed:8e:b1:f9:a0:90:81:bd:89:33:
ff:5a:59:7e:a5:c1:4d:fc:d7:19:03:f4:05:6f:f9:02:05:12:
1f:77:18:d5:7a:e6:ab:cd:c5:4f:bd:92:a4:75:24:2a:e3:65:
2d:3b:89:55:27:b4:ec:fd:e6:3f:42:1b:19:e4:b1:75:f5:15:
fd:e0:c0:ea:74:36:a4:66:e9:0b:bc:04:47:63:84:18:e4:d0:
05:1b:7e:2f:ff:28:4f:ec:61:c2:0e:84:dd:b2:cb:bd:ff:e3:
79:14:30:f7:85:e5:8f:00:1c:93:1a:89:6c:1b:70:61:61:69:
78:29:b3:c2:e0:e0:cb:22:41:6f:92:b4:c4:85:1f:6c:de:cd:
b8:22:d3:f9:1d:83:62:bb:99:0a:68:33:ad:c4:e0:f4:a3:03:
e3:fe:7e:c1:66:58:c1:70:61:86:aa:08:7a:c0:0b:c1:1a:cd:
49:15:54:02:ae:fa:32:1b:b8:cf:ef:b8:35:e6:3a:a8:bf:b7:
30:9a:4c:bd:d0:ec:25:01:e8:90:c9:31:67:65:38:1f:b3:2c:
e1:be:e0:b0:9e:d4:91:4e:63:f4:1e:d6:82:34:3a:f1:49:86:
da:61:e2:07
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUH9x0WOCqlKHLqABuVpt4DWSJkMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwMDhaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1MWIwYjgzZDA2OTg2ZDk0N2RjMGJlNjk1Y2UzZjMxZmE4MWRmMzNmNzI0
MmIwOWVmZWM2NTcwZGQ4NWUxYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUyznoRogBE3/OsO9FlKXJ1o3mVxWV71DFXdoq0Z8b6aEaNAM/M6c6QTiMy
5LLw9efYOD7Q51xXrI0OhqLTqYl0Ij1bOnQcjMmqqryT3Smvy8p7qbmtLPs3fsMm
jOjtk5Xg5vouINZD5D8C0liprgRHNtZBZZakpj2YDU9Fa+E1W2379g7FJ/LMfTvP
QXAh1C9a8Pdke6sVuSp4d0FhYt9N+u9AAKSdkr1bw1YWoQx2076UGcGahX7946NT
zD1u2ad3K0v401BvqYvn1l68ZHRcN9yGeWSoLJ7APfeogAGevir7G02oH5bfrVmT
Yw0Po/7PxU9l9otU2cWPWQUeMdcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQCOFWv
mOZW1SNosGuDOnd9MdXpeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODlhNTcyMTQtMGZjMi00OGM2LTk5ZDYtMTk4NTJlYTdhMzBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HQQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAC1OVl026HRo9YzyPfWkL3/5fAyauM/rtcqbt
jrH5oJCBvYkz/1pZfqXBTfzXGQP0BW/5AgUSH3cY1Xrmq83FT72SpHUkKuNlLTuJ
VSe07P3mP0IbGeSxdfUV/eDA6nQ2pGbpC7wER2OEGOTQBRt+L/8oT+xhwg6E3bLL
vf/jeRQw94XljwAckxqJbBtwYWFpeCmzwuDgyyJBb5K0xIUfbN7NuCLT+R2DYruZ
CmgzrcTg9KMD4/5+wWZYwXBhhqoIesALwRrNSRVUAq76Mhu4z++4NeY6qL+3MJpM
vdDsJQHokMkxZ2U4H7Ms4b7gsJ7UkU5j9B7WgjQ68UmG2mHiBw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:38:31 2025 by rpki-client