Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab0f7cc6-f5d4-473a-bd8b-37edab65f9a9.roa
File: ab0f7cc6-f5d4-473a-bd8b-37edab65f9a9.roa (raw, json)
Hash identifier: 7ejc2J2WWpW1V/rbrM2Y6IEcZIc7OjbghwxdKmrXoXQ=
Subject key identifier: AA:3E:DF:5D:C3:13:35:D7:8D:DE:B0:8D:D8:C5:14:61:34:59:8E:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72443673F36EE6FC3FBE40632078B215D3826200
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab0f7cc6-f5d4-473a-bd8b-37edab65f9a9.roa
Signing time: Mon 12 May 2025 16:21:22 +0000
ROA not before: Mon 12 May 2025 16:21:22 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:a000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:44:36:73:f3:6e:e6:fc:3f:be:40:63:20:78:b2:15:d3:82:62:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:21:22 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=ce0e5528a026d53c5ef9ee2f8dc711bf243670182e761da823d66b160bd648f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:63:94:24:fa:c6:8e:40:39:2e:37:17:ea:74:
e5:72:e3:d2:3d:d2:b0:ef:2c:18:a7:4c:2e:27:58:
97:9b:e9:b1:53:9a:61:2e:3d:bf:d1:07:27:44:8a:
86:05:3b:64:d9:2c:81:26:fe:79:9e:a9:ac:2a:d1:
74:3a:5d:50:92:f2:28:28:0d:19:be:92:0e:26:1f:
6e:bd:13:8c:be:f2:55:88:0b:d1:55:0a:b7:0b:04:
18:5f:64:85:2a:a3:25:1b:ba:a4:37:5f:cd:c0:34:
9e:59:bf:f7:10:17:46:ca:b4:f7:ea:3d:98:89:a1:
39:11:d4:d0:f9:96:b3:5f:22:f9:4d:4b:0e:75:2c:
f2:71:f5:87:18:da:62:e2:51:f7:f5:0d:11:63:e4:
42:a7:b3:ce:ab:4c:f8:c7:8d:53:2a:c4:4a:68:e2:
e9:2b:62:c4:81:f2:f7:cc:b1:1a:0a:31:0b:be:1b:
f9:ad:d8:14:c7:52:b7:ee:bc:74:be:9b:46:c1:e7:
82:27:73:91:d2:b1:98:35:a7:2b:ce:06:30:26:a3:
4f:32:d4:ce:53:e5:4e:ba:c6:9c:d6:03:83:25:40:
51:a9:8a:19:4b:cf:80:55:4c:5e:46:81:14:56:4b:
a8:3c:ca:da:9f:f0:4e:5a:7a:ae:6d:17:57:54:18:
b7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:3E:DF:5D:C3:13:35:D7:8D:DE:B0:8D:D8:C5:14:61:34:59:8E:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ab0f7cc6-f5d4-473a-bd8b-37edab65f9a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:a000::/40
Signature Algorithm: sha256WithRSAEncryption
33:97:8b:1c:d2:e8:63:88:4b:5c:5e:e8:5e:bb:38:33:75:48:
4d:f6:82:fa:b4:f5:78:06:e7:d9:48:11:58:06:ec:87:d9:f8:
85:32:be:6a:36:22:4b:a5:50:7d:05:ea:98:4e:21:6d:65:d7:
ee:3d:8e:cc:32:4d:0d:77:e9:df:0f:32:77:31:42:b5:47:13:
7f:6b:54:07:66:bf:26:f0:ff:52:1d:8d:79:de:d8:6b:68:a9:
72:3c:48:4e:5c:fb:a6:af:8d:18:40:b4:f2:a9:b5:63:02:ca:
e7:6f:2f:0d:f3:4e:71:a8:d5:3d:2c:6d:7a:94:7c:e0:d5:9d:
99:96:7f:22:e1:b6:59:05:d1:7b:34:32:b8:7f:bc:8c:6b:7c:
4f:dc:16:b8:7f:7d:86:e8:8e:03:ea:f3:2c:66:5f:bf:cf:74:
10:22:41:33:53:42:07:5a:c0:41:1b:2d:f7:1e:ef:db:62:3d:
21:5f:98:61:13:ea:0f:ef:95:e3:ea:c8:35:8a:b9:4e:c1:95:
80:69:dd:41:9b:42:c1:38:03:26:25:20:04:a7:47:fd:4d:eb:
d2:e7:12:6f:2e:b1:58:5d:ca:ce:45:55:02:88:cf:5b:2e:cb:
25:dc:5d:6e:4b:79:ed:79:1b:0d:40:70:a0:a9:fe:34:34:a5:
e1:d5:b7:eb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUckQ2c/Nu5vw/vkBjIHiyFdOCYgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIxMjJaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlMGU1NTI4YTAyNmQ1M2M1ZWY5ZWUyZjhkYzcxMWJmMjQzNjcwMTgyZTc2
MWRhODIzZDY2YjE2MGJkNjQ4ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJjlCT6xo5AOS43F+p05XLj0j3SsO8sGKdMLidYl5vpsVOaYS49v9EHJ0SK
hgU7ZNksgSb+eZ6prCrRdDpdUJLyKCgNGb6SDiYfbr0TjL7yVYgL0VUKtwsEGF9k
hSqjJRu6pDdfzcA0nlm/9xAXRsq09+o9mImhORHU0PmWs18i+U1LDnUs8nH1hxja
YuJR9/UNEWPkQqezzqtM+MeNUyrESmji6StixIHy98yxGgoxC74b+a3YFMdSt+68
dL6bRsHngidzkdKxmDWnK84GMCajTzLUzlPlTrrGnNYDgyVAUamKGUvPgFVMXkaB
FFZLqDzK2p/wTlp6rm0XV1QYtycCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqPt9d
wxM1143esI3YxRRhNFmOczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWIwZjdjYzYtZjVkNC00NzNhLWJkOGItMzdlZGFiNjVmOWE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fug
MA0GCSqGSIb3DQEBCwUAA4IBAQAzl4sc0uhjiEtcXuheuzgzdUhN9oL6tPV4BufZ
SBFYBuyH2fiFMr5qNiJLpVB9BeqYTiFtZdfuPY7MMk0Nd+nfDzJ3MUK1RxN/a1QH
Zr8m8P9SHY153thraKlyPEhOXPumr40YQLTyqbVjAsrnby8N805xqNU9LG16lHzg
1Z2Zln8i4bZZBdF7NDK4f7yMa3xP3Ba4f32G6I4D6vMsZl+/z3QQIkEzU0IHWsBB
Gy33Hu/bYj0hX5hhE+oP75Xj6sg1irlOwZWAad1Bm0LBOAMmJSAEp0f9TevS5xJv
LrFYXcrORVUCiM9bLssl3F1uS3nteRsNQHCgqf40NKXh1bfr
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:22 2025 by rpki-client