Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c96d135-34ab-4cee-8a1e-08bfcd6af2f4.roa
File: 8c96d135-34ab-4cee-8a1e-08bfcd6af2f4.roa (raw, json)
Hash identifier: pfobWIuhpD9N6x8tqE1y4Qw8DdEUkzViechLlPFZVHQ=
Subject key identifier: A7:A8:4A:FA:4B:01:CA:80:3D:39:10:DC:A1:3F:E6:B1:9B:2D:9A:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D84C64B05A0FF1143B4E157625DD8061364583D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c96d135-34ab-4cee-8a1e-08bfcd6af2f4.roa
Signing time: Tue 20 May 2025 18:30:05 +0000
ROA not before: Tue 20 May 2025 18:30:05 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:a0c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:22:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:84:c6:4b:05:a0:ff:11:43:b4:e1:57:62:5d:d8:06:13:64:58:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:30:05 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2b85425c3cbee3ccec35159e0f30211c7b22b51d12f7b04820c2c8dab5723508, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:47:c7:8f:f3:8d:aa:17:e8:f5:60:78:bd:0b:
8b:47:be:ce:7e:fe:bb:15:f7:73:4f:37:d4:96:b6:
1f:94:06:7c:26:b4:4b:27:59:8a:93:e6:1a:14:e7:
5d:de:22:f2:88:3b:27:d1:e6:06:e5:2e:bd:2a:12:
21:54:e2:f9:89:ba:48:b6:70:d7:ba:2c:ec:15:c9:
70:4f:ca:56:c7:6d:0b:47:d8:56:20:5e:4f:2f:9b:
9e:fa:35:43:c9:8a:45:ec:cb:ab:be:1e:b2:7a:02:
bb:2c:14:58:a9:65:51:36:27:bc:36:b4:48:4f:b0:
09:b4:06:b5:b9:4a:c5:e2:87:58:f9:36:cc:9a:60:
51:10:f5:7b:25:f2:a1:37:bc:7c:32:c1:9c:32:33:
8c:40:13:89:35:a0:1f:a6:21:b6:22:90:92:76:c5:
77:b4:bc:fe:e6:f2:42:24:d9:9e:2e:82:a5:23:98:
c7:b0:04:bd:e5:cb:6a:a9:7e:ab:a3:2d:38:79:e4:
0f:67:e2:57:84:ff:6a:d4:0a:48:18:e7:dd:f4:56:
0f:33:48:a0:d7:8d:73:8e:49:e9:c0:5d:5e:02:07:
93:c3:fe:a6:37:fd:b2:e2:1d:dc:43:13:ff:50:e0:
35:a2:e5:9c:cb:e4:de:40:eb:6d:c7:74:83:04:55:
54:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:A8:4A:FA:4B:01:CA:80:3D:39:10:DC:A1:3F:E6:B1:9B:2D:9A:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c96d135-34ab-4cee-8a1e-08bfcd6af2f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
37:7c:c0:3f:eb:5f:e5:7b:bb:f0:91:88:15:14:0e:a5:63:0e:
56:8e:f1:3b:e7:4a:fe:05:a9:18:7b:16:ec:1c:40:6d:75:f4:
f2:b7:5c:20:a8:8c:8c:aa:15:c5:78:73:88:ba:ed:b7:59:1e:
74:c2:c7:1b:d9:50:64:c9:32:6d:37:e0:f0:99:f8:2d:23:22:
68:fd:a6:35:c5:42:4f:91:a7:e4:e9:6b:94:f3:d5:fb:ee:da:
94:6b:36:af:8b:6a:d0:68:49:26:0c:47:fb:c2:1d:46:37:48:
7c:e6:6e:ae:50:43:ea:60:f3:c6:8c:f2:46:8b:32:ed:cb:33:
6d:32:e1:b4:53:af:e4:c4:7b:2e:4f:b6:05:bb:8c:18:9a:33:
0e:3c:0f:ad:5d:c3:b7:72:b2:53:0e:66:00:ba:9a:a1:0c:df:
0a:f6:a2:58:52:df:f3:0d:46:21:79:64:5d:fc:70:db:e2:3f:
b9:85:fb:a2:a1:c5:ad:63:7d:e7:d2:17:55:68:b3:44:1e:44:
52:11:dd:be:5c:6c:e7:45:87:57:41:c6:c2:39:fc:bc:b8:e8:
3b:9d:18:7d:93:63:04:92:b1:22:a7:f9:90:fd:b1:0b:66:e1:
5c:06:c3:b4:d7:fb:d6:43:fc:a2:fa:e9:5e:2f:11:c9:2e:44:
3e:23:9b:62
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULYTGSwWg/xFDtOFXYl3YBhNkWD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMwMDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiODU0MjVjM2NiZWUzY2NlYzM1MTU5ZTBmMzAyMTFjN2IyMmI1MWQxMmY3
YjA0ODIwYzJjOGRhYjU3MjM1MDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVHx4/zjaoX6PVgeL0Li0e+zn7+uxX3c0831Ja2H5QGfCa0SydZipPmGhTn
Xd4i8og7J9HmBuUuvSoSIVTi+Ym6SLZw17os7BXJcE/KVsdtC0fYViBeTy+bnvo1
Q8mKRezLq74esnoCuywUWKllUTYnvDa0SE+wCbQGtblKxeKHWPk2zJpgURD1eyXy
oTe8fDLBnDIzjEATiTWgH6YhtiKQknbFd7S8/ubyQiTZni6CpSOYx7AEveXLaql+
q6MtOHnkD2fiV4T/atQKSBjn3fRWDzNIoNeNc45J6cBdXgIHk8P+pjf9suId3EMT
/1DgNaLlnMvk3kDrbcd0gwRVVJsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSnqEr6
SwHKgD05ENyhP+axmy2ahTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGM5NmQxMzUtMzRhYi00Y2VlLThhMWUtMDhiZmNkNmFmMmY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSg
wDANBgkqhkiG9w0BAQsFAAOCAQEAN3zAP+tf5Xu78JGIFRQOpWMOVo7xO+dK/gWp
GHsW7BxAbXX08rdcIKiMjKoVxXhziLrtt1kedMLHG9lQZMkybTfg8Jn4LSMiaP2m
NcVCT5Gn5OlrlPPV++7alGs2r4tq0GhJJgxH+8IdRjdIfOZurlBD6mDzxozyRosy
7cszbTLhtFOv5MR7Lk+2BbuMGJozDjwPrV3Dt3KyUw5mALqaoQzfCvaiWFLf8w1G
IXlkXfxw2+I/uYX7oqHFrWN959IXVWizRB5EUhHdvlxs50WHV0HGwjn8vLjoO50Y
fZNjBJKxIqf5kP2xC2bhXAbDtNf71kP8ovrpXi8RyS5EPiObYg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:10 2025 by rpki-client