Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1f621df-4a61-486b-97cb-dcf1d992e048.roa
File: b1f621df-4a61-486b-97cb-dcf1d992e048.roa (raw, json)
Hash identifier: RHbjFFLevOlutCyrRCAFqdCjqf8F5seIliEz7BO/X6M=
Subject key identifier: 51:8D:EE:E2:23:02:E5:34:35:ED:AF:D1:4E:47:2E:67:9F:AE:AA:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DB817DE7FAB006995982C1EF031EE63A226256D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1f621df-4a61-486b-97cb-dcf1d992e048.roa
Signing time: Mon 31 Mar 2025 20:00:11 +0000
ROA not before: Mon 31 Mar 2025 20:00:11 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8000::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 16 Apr 2025 19:22:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:b8:17:de:7f:ab:00:69:95:98:2c:1e:f0:31:ee:63:a2:26:25:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:00:11 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=66e00f3421dd511f13507b5596e874e4809d4c6ffa2c22ea8f072ecd52225567, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:41:2b:fc:38:50:27:9e:bb:5f:d9:da:54:b2:
af:42:ff:79:1c:5d:ff:a3:6d:a6:3a:bc:5d:55:1b:
25:97:17:f9:b0:7d:bb:d4:c8:64:f8:3e:18:8e:ee:
4d:a9:9a:be:6b:b3:98:51:3e:91:74:0a:be:18:7c:
5b:f1:c1:b0:81:ef:0c:57:5a:e5:8b:24:76:94:38:
e1:c1:ce:1d:44:be:b6:15:47:8e:19:eb:33:86:fc:
35:0e:9b:ef:60:95:3f:86:16:a5:48:72:fa:72:a1:
25:d9:40:83:84:79:f3:4a:c8:a9:2e:d0:2e:f1:4a:
1d:a2:ee:bf:d6:1d:a7:7d:66:28:90:ff:b4:6f:ea:
67:8f:5e:e8:3c:cd:e7:06:49:6b:c3:6c:c4:a4:92:
36:bf:20:f2:a1:4d:27:07:f0:20:86:29:1b:37:29:
b8:26:c8:e8:59:83:eb:ec:1f:df:81:21:fb:17:4b:
2f:95:c2:4c:a2:b9:6d:da:b9:8c:30:c0:33:8e:62:
11:1f:f7:d0:45:16:10:95:61:64:2a:aa:06:80:e0:
00:4f:e1:cc:13:64:9e:35:09:49:dd:d5:fb:70:08:
87:ac:b1:77:db:b9:9f:4d:72:b1:fa:a0:c6:60:c0:
94:d6:c5:c7:be:88:06:74:8f:13:85:9e:51:f4:14:
23:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:8D:EE:E2:23:02:E5:34:35:ED:AF:D1:4E:47:2E:67:9F:AE:AA:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b1f621df-4a61-486b-97cb-dcf1d992e048.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
09:9c:d4:b8:66:e8:e7:df:32:1a:d2:a7:2e:2e:81:19:83:1b:
54:e0:0e:fe:53:93:fb:f7:f3:99:b9:16:eb:b3:69:78:75:b6:
f4:56:af:b8:6d:87:e5:3c:5c:4e:91:5e:c7:18:54:90:88:3d:
a3:5a:6e:54:68:7e:b9:c3:33:5d:b6:22:b3:f3:0c:de:0d:c4:
eb:17:ee:11:f4:7b:53:b2:38:68:04:a2:60:68:3f:6e:14:2c:
43:58:82:02:54:4a:9d:df:cf:68:d0:ce:c6:61:c0:42:1a:27:
42:bd:63:7f:ad:d5:81:ba:36:bd:eb:5e:1f:31:7c:8c:38:91:
9e:93:e6:10:bc:30:ab:15:23:54:c9:c2:87:90:77:ad:6e:ff:
72:b9:68:da:8c:79:e8:ea:55:dd:9c:16:49:32:ae:d1:c9:82:
77:96:00:14:40:01:74:51:9d:4b:eb:9b:9d:72:ef:96:94:c1:
89:f0:5a:9d:c7:9a:77:9f:47:51:24:f9:90:74:48:8a:b5:48:
fb:fc:c6:39:d5:ff:6a:d9:18:56:b7:fe:d9:62:15:65:24:9d:
71:7e:c9:56:5e:b6:5b:50:01:09:d4:60:da:c5:02:db:46:04:
8c:12:05:6f:ca:4b:77:2b:ec:4c:71:c9:1f:c9:a0:a9:2f:87:
c3:e4:61:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTbgX3n+rAGmVmCwe8DHuY6ImJW0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDAwMTFaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2ZTAwZjM0MjFkZDUxMWYxMzUwN2I1NTk2ZTg3NGU0ODA5ZDRjNmZmYTJj
MjJlYThmMDcyZWNkNTIyMjU1NjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJBBK/w4UCeeu1/Z2lSyr0L/eRxd/6Ntpjq8XVUbJZcX+bB9u9TIZPg+GI7u
TamavmuzmFE+kXQKvhh8W/HBsIHvDFda5YskdpQ44cHOHUS+thVHjhnrM4b8NQ6b
72CVP4YWpUhy+nKhJdlAg4R580rIqS7QLvFKHaLuv9Ydp31mKJD/tG/qZ49e6DzN
5wZJa8NsxKSSNr8g8qFNJwfwIIYpGzcpuCbI6FmD6+wf34Eh+xdLL5XCTKK5bdq5
jDDAM45iER/30EUWEJVhZCqqBoDgAE/hzBNknjUJSd3V+3AIh6yxd9u5n01ysfqg
xmDAlNbFx76IBnSPE4WeUfQUIzECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRje7i
IwLlNDXtr9FORy5nn66qDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjFmNjIxZGYtNGE2MS00ODZiLTk3Y2ItZGNmMWQ5OTJlMDQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQAJnNS4Zujn3zIa0qcuLoEZgxtU4A7+U5P79/OZ
uRbrs2l4dbb0Vq+4bYflPFxOkV7HGFSQiD2jWm5UaH65wzNdtiKz8wzeDcTrF+4R
9HtTsjhoBKJgaD9uFCxDWIICVEqd389o0M7GYcBCGidCvWN/rdWBuja9614fMXyM
OJGek+YQvDCrFSNUycKHkHetbv9yuWjajHno6lXdnBZJMq7RyYJ3lgAUQAF0UZ1L
65udcu+WlMGJ8Fqdx5p3n0dRJPmQdEiKtUj7/MY51f9q2RhWt/7ZYhVlJJ1xfslW
XrZbUAEJ1GDaxQLbRgSMEgVvykt3K+xMcckfyaCpL4fD5GEi
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:10 2025 by rpki-client