Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9be56e23-e7e2-4a96-af47-975e8c4359b5.roa
File: 9be56e23-e7e2-4a96-af47-975e8c4359b5.roa (raw, json)
Hash identifier: v0gKVH+mhVy36MtKYj0ItVoxATUt8ILwii8OKwa/jNY=
Subject key identifier: 9F:BC:FB:63:41:F1:49:E3:0C:13:2F:53:6B:D7:76:1B:D7:C1:08:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 211B74EB72DEAFD6F9548962EEFFAE72AC46DBE8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9be56e23-e7e2-4a96-af47-975e8c4359b5.roa
Signing time: Thu 22 May 2025 01:24:04 +0000
ROA not before: Thu 22 May 2025 01:24:04 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:b080::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:1b:74:eb:72:de:af:d6:f9:54:89:62:ee:ff:ae:72:ac:46:db:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:24:04 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=a94787155c8c0e7047cb7b498e5875d568afbc573214c3f766b055b2c1542e71, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:74:ff:7a:4e:08:52:d2:0b:9e:b5:09:07:04:
ab:04:39:1b:7f:75:b8:3b:a5:16:39:a4:89:4f:14:
7c:84:b2:8c:df:15:d6:02:b9:09:5f:14:35:d4:8f:
b6:81:08:14:be:86:c6:bb:9f:34:09:f8:75:bf:ec:
00:bb:80:fc:02:25:19:54:76:ec:85:93:7d:2c:6d:
14:0d:08:f7:34:12:47:60:8f:79:f0:1a:c4:3a:f6:
c5:3a:e1:a4:e5:67:ad:9d:3e:56:30:62:ee:35:15:
a0:9e:d3:1c:79:32:60:8e:0f:1f:78:1d:a4:b9:87:
f6:10:a3:eb:e2:5e:38:2c:f7:d0:9f:53:43:12:2f:
56:0f:c7:af:bd:b6:ae:bd:8c:a1:fa:cf:93:c3:3c:
fa:d1:75:4c:f1:37:56:35:65:31:02:59:29:2d:08:
67:7f:bd:7c:21:ab:33:fe:8e:c0:33:41:f0:22:39:
0f:5c:aa:02:e8:67:37:e5:06:26:13:9a:f7:8f:43:
ca:c7:d6:23:df:1d:26:3e:a8:0a:5c:09:ed:5f:23:
2f:ce:d6:80:c1:2d:a0:3e:e6:52:67:60:90:80:46:
8f:ec:38:56:ae:6e:5d:0e:92:68:cf:6b:b0:ab:5b:
5e:7b:94:96:32:46:4a:c0:1c:90:42:b3:d0:4c:fe:
48:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:BC:FB:63:41:F1:49:E3:0C:13:2F:53:6B:D7:76:1B:D7:C1:08:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9be56e23-e7e2-4a96-af47-975e8c4359b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:b080::/48
Signature Algorithm: sha256WithRSAEncryption
34:f6:90:b1:29:50:07:50:2a:6d:71:aa:0e:d1:db:fb:5c:fc:
49:13:e9:d9:6b:c0:08:31:3f:6c:bc:06:79:8e:e8:cb:53:f1:
64:10:16:fd:94:29:37:69:0c:40:5a:87:55:35:cb:38:3a:13:
e6:b4:b1:68:ce:e6:40:1e:62:a9:74:51:f5:ba:03:5f:48:b8:
ce:13:ac:f8:9f:9f:44:72:c0:44:00:be:22:ec:df:6a:4b:a8:
35:5a:bd:05:1b:95:54:0d:66:b1:60:40:2f:35:4c:f4:0c:88:
a3:0f:2f:98:7a:af:0b:57:87:e7:aa:78:4c:f0:d3:28:f2:f9:
14:1d:00:00:05:11:38:86:18:06:07:6f:cc:93:fa:81:ee:01:
d3:ef:78:de:9a:c8:73:7b:9d:77:5c:6d:34:97:c5:f7:36:2c:
71:a1:fa:77:e0:b9:7d:7f:50:3a:3c:0d:6b:27:82:2a:70:b8:
8a:58:51:48:a6:33:30:89:7b:45:6b:32:6f:0a:6d:d9:5c:38:
18:52:8d:50:41:ac:73:84:ba:c2:c5:37:cd:84:c4:51:9c:10:
b3:99:ac:61:a8:8e:fd:92:bd:2f:26:bc:e0:a3:73:20:52:31:
d5:7c:fb:f3:fa:1e:52:84:7b:b5:45:15:5f:81:54:88:a3:e4:
5e:07:73:f6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIRt063Ler9b5VIli7v+ucqxG2+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTI0MDRaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5NDc4NzE1NWM4YzBlNzA0N2NiN2I0OThlNTg3NWQ1NjhhZmJjNTczMjE0
YzNmNzY2YjA1NWIyYzE1NDJlNzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALF0/3pOCFLSC561CQcEqwQ5G391uDulFjmkiU8UfISyjN8V1gK5CV8UNdSP
toEIFL6GxrufNAn4db/sALuA/AIlGVR27IWTfSxtFA0I9zQSR2CPefAaxDr2xTrh
pOVnrZ0+VjBi7jUVoJ7THHkyYI4PH3gdpLmH9hCj6+JeOCz30J9TQxIvVg/Hr722
rr2MofrPk8M8+tF1TPE3VjVlMQJZKS0IZ3+9fCGrM/6OwDNB8CI5D1yqAuhnN+UG
JhOa949DysfWI98dJj6oClwJ7V8jL87WgMEtoD7mUmdgkIBGj+w4Vq5uXQ6SaM9r
sKtbXnuUljJGSsAckEKz0Ez+SMkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSfvPtj
QfFJ4wwTL1Nr13Yb18EIAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWJlNTZlMjMtZTdlMi00YTk2LWFmNDctOTc1ZThjNDM1OWI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Fmw
gDANBgkqhkiG9w0BAQsFAAOCAQEANPaQsSlQB1AqbXGqDtHb+1z8SRPp2WvACDE/
bLwGeY7oy1PxZBAW/ZQpN2kMQFqHVTXLODoT5rSxaM7mQB5iqXRR9boDX0i4zhOs
+J+fRHLARAC+IuzfakuoNVq9BRuVVA1msWBALzVM9AyIow8vmHqvC1eH56p4TPDT
KPL5FB0AAAUROIYYBgdvzJP6ge4B0+943prIc3udd1xtNJfF9zYscaH6d+C5fX9Q
OjwNayeCKnC4ilhRSKYzMIl7RWsybwpt2Vw4GFKNUEGsc4S6wsU3zYTEUZwQs5ms
YaiO/ZK9Lya84KNzIFIx1Xz78/oeUoR7tUUVX4FUiKPkXgdz9g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:56 2025 by rpki-client