Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97bc1904-a9fd-49fa-9bd7-4b6012393329.roa
File: 97bc1904-a9fd-49fa-9bd7-4b6012393329.roa (raw, json)
Hash identifier: YKLupH/Oyu09Y0y+5pOVtsPqGgd7fZgJfeFLoTOTdNw=
Subject key identifier: 25:7B:B2:98:FC:21:20:CE:57:47:53:71:AD:99:93:69:02:3B:A1:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C4FE390DCC09D44A5E542933A27711CCB62EA33
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97bc1904-a9fd-49fa-9bd7-4b6012393329.roa
Signing time: Mon 12 May 2025 16:20:18 +0000
ROA not before: Mon 12 May 2025 16:20:18 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:a000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:53:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:4f:e3:90:dc:c0:9d:44:a5:e5:42:93:3a:27:71:1c:cb:62:ea:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:18 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=e7bca1b92181465fea3043d3694913ff1901fc483ec1a1ff66f760bfcfed6346, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fa:45:74:e5:13:7a:06:02:55:31:a9:0f:09:
aa:25:01:e6:5f:4c:e8:0f:f8:bd:10:17:e5:a0:85:
a0:4a:87:50:03:07:39:9a:9b:0e:f4:7d:3b:30:39:
69:e1:96:84:41:e1:40:1b:22:77:5c:e2:e2:83:f4:
37:6f:48:93:bc:82:81:18:9f:5e:4f:d0:e4:ef:75:
f2:76:d4:16:a4:64:36:ef:c5:78:dc:bf:ed:56:91:
40:9e:4b:41:08:50:ac:21:2e:ac:65:35:d1:49:ff:
c9:f3:7a:90:74:11:d8:6a:5e:16:76:1e:45:5e:33:
14:c5:87:62:d0:62:1c:35:4d:ab:48:eb:b7:83:7e:
24:61:63:47:7e:39:f8:d7:8b:14:13:c6:15:e9:35:
4a:3b:51:29:82:80:0f:ca:0d:8e:74:2a:b1:1f:76:
97:37:40:cb:3c:eb:1d:59:52:46:bd:70:c7:94:c3:
ec:4e:c2:30:b6:59:d0:7f:68:8b:4d:b8:7a:6d:cb:
c4:b1:12:53:7e:92:75:d0:bb:7f:cf:94:fc:fc:8d:
2a:56:d4:54:d7:5b:96:1f:6b:0e:89:ea:d7:19:ed:
10:c6:7f:a0:cb:28:0c:0a:32:63:07:6a:b6:a4:cb:
ec:a7:35:33:be:2e:4f:ff:61:23:91:3f:a6:57:01:
51:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:7B:B2:98:FC:21:20:CE:57:47:53:71:AD:99:93:69:02:3B:A1:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/97bc1904-a9fd-49fa-9bd7-4b6012393329.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:a000::/40
Signature Algorithm: sha256WithRSAEncryption
37:cf:ad:f5:db:57:97:bc:b6:c2:10:43:f5:83:81:95:5e:ea:
eb:60:d2:30:fc:ed:38:9d:07:6f:6b:78:d0:cd:39:91:c9:e6:
01:20:ac:92:25:46:46:ba:c0:c3:97:e3:33:2b:af:a7:b0:ea:
ab:4b:c4:9a:ad:18:3d:85:2b:ea:eb:e9:db:ec:09:21:55:04:
a3:53:86:3f:87:e6:0f:d9:cc:c3:c5:c7:64:2a:80:c0:8d:17:
3a:5b:99:42:9a:5c:14:95:06:df:df:21:d8:4e:f5:bf:fe:17:
62:f5:57:20:32:cb:98:33:0d:70:8c:8e:f7:92:e5:5c:30:1f:
e4:0e:91:27:d2:db:be:70:a8:b0:1c:07:ba:8d:1c:89:95:1d:
a2:bb:c0:8a:b5:9a:d7:8d:c1:1d:14:0f:8a:a1:4d:d8:60:53:
2c:a8:17:9a:75:ff:29:ea:6e:22:7b:47:39:79:07:5c:56:d8:
b3:fd:51:e4:36:dc:d4:26:e8:f0:fe:a6:04:a3:60:0d:a9:ab:
95:fb:56:88:4a:6e:a4:27:58:93:24:27:62:82:26:39:8e:81:
ee:47:a1:45:a8:65:4d:18:bf:c3:82:e4:1a:53:cf:fa:72:31:
3e:f6:5c:8d:df:f9:5b:30:f6:12:e7:42:cc:9c:f7:68:3f:7a:
d2:c9:73:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHE/jkNzAnUSl5UKTOidxHMti6jMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMThaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3YmNhMWI5MjE4MTQ2NWZlYTMwNDNkMzY5NDkxM2ZmMTkwMWZjNDgzZWMx
YTFmZjY2Zjc2MGJmY2ZlZDYzNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/6RXTlE3oGAlUxqQ8JqiUB5l9M6A/4vRAX5aCFoEqHUAMHOZqbDvR9OzA5
aeGWhEHhQBsid1zi4oP0N29Ik7yCgRifXk/Q5O918nbUFqRkNu/FeNy/7VaRQJ5L
QQhQrCEurGU10Un/yfN6kHQR2GpeFnYeRV4zFMWHYtBiHDVNq0jrt4N+JGFjR345
+NeLFBPGFek1SjtRKYKAD8oNjnQqsR92lzdAyzzrHVlSRr1wx5TD7E7CMLZZ0H9o
i024em3LxLESU36SddC7f8+U/PyNKlbUVNdblh9rDonq1xntEMZ/oMsoDAoyYwdq
tqTL7Kc1M74uT/9hI5E/plcBUTUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQle7KY
/CEgzldHU3GtmZNpAjuhyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTdiYzE5MDQtYTlmZC00OWZhLTliZDctNGI2MDEyMzkzMzI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G6g
MA0GCSqGSIb3DQEBCwUAA4IBAQA3z63121eXvLbCEEP1g4GVXurrYNIw/O04nQdv
a3jQzTmRyeYBIKySJUZGusDDl+MzK6+nsOqrS8SarRg9hSvq6+nb7AkhVQSjU4Y/
h+YP2czDxcdkKoDAjRc6W5lCmlwUlQbf3yHYTvW//hdi9VcgMsuYMw1wjI73kuVc
MB/kDpEn0tu+cKiwHAe6jRyJlR2iu8CKtZrXjcEdFA+KoU3YYFMsqBeadf8p6m4i
e0c5eQdcVtiz/VHkNtzUJujw/qYEo2ANqauV+1aISm6kJ1iTJCdigiY5joHuR6FF
qGVNGL/DguQaU8/6cjE+9lyN3/lbMPYS50LMnPdoP3rSyXMf
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:39 2025 by rpki-client