Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3f84dd1-5e90-449c-9763-5a9e131b16d6.roa
File: b3f84dd1-5e90-449c-9763-5a9e131b16d6.roa (raw, json)
Hash identifier: tCc5T+p/XoT6k1uQVYu6I2/UojUwq5K+Mjh/nHV5YSg=
Subject key identifier: 69:A8:C4:B0:1E:90:3A:30:BF:CC:8C:D0:4B:5A:96:5F:F3:41:77:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3061A686A6F70440864A3050CFCAA5171A37A79A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3f84dd1-5e90-449c-9763-5a9e131b16d6.roa
Signing time: Mon 12 May 2025 16:20:45 +0000
ROA not before: Mon 12 May 2025 16:20:45 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:61:a6:86:a6:f7:04:40:86:4a:30:50:cf:ca:a5:17:1a:37:a7:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:45 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=5d942285bb220cf09b68d79284b7a93955747b50424669ed818edfe6a7bc791a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e7:11:6b:ba:77:95:cb:e6:2c:75:3e:c9:1b:
65:66:60:a2:53:00:6c:35:3f:97:75:5a:69:0c:23:
60:49:7f:1c:57:f5:8d:9c:08:02:2a:9a:50:26:9c:
1a:f9:c7:2e:a1:7d:0a:2e:fb:a7:b9:44:a1:9b:94:
79:1e:71:c7:42:16:49:21:80:76:e7:de:a8:42:7a:
19:c4:70:4b:27:4e:5b:bf:ef:a7:cf:59:9a:c6:3f:
48:55:bd:7f:88:4a:f2:12:ed:ba:e7:67:5c:d8:88:
d2:8c:62:56:ca:39:72:69:26:5f:9b:61:84:1d:44:
67:4c:0d:fe:15:2a:5b:8f:d1:ea:39:b7:f0:2b:13:
b8:78:75:58:c7:69:d6:70:02:ac:15:fe:b4:ba:46:
5c:45:81:db:52:4f:4e:3a:95:d3:5c:c9:db:8c:56:
ae:4e:62:80:cc:8a:84:8a:06:32:3b:75:cf:1c:82:
52:59:80:5e:90:7a:cb:a7:d6:78:31:59:3d:b4:22:
84:88:ed:2c:31:9c:ab:e7:51:b7:85:23:49:49:38:
da:85:b3:1a:41:77:65:6f:82:70:91:3c:03:2f:49:
22:54:f8:8b:54:43:5d:74:7d:04:89:11:3a:f2:21:
5f:8a:b6:ac:10:c4:e4:f9:27:39:14:f1:46:d4:d7:
09:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A8:C4:B0:1E:90:3A:30:BF:CC:8C:D0:4B:5A:96:5F:F3:41:77:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3f84dd1-5e90-449c-9763-5a9e131b16d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e::/32
Signature Algorithm: sha256WithRSAEncryption
26:24:20:8d:80:96:0f:21:d4:84:cc:10:fd:94:8a:82:cc:87:
b3:01:cf:f4:08:f8:07:cd:67:56:68:a2:8b:4d:d0:01:29:20:
41:44:5c:5f:21:96:73:8e:e1:5d:85:8c:8c:27:e6:f7:c9:97:
f6:74:bc:e9:07:01:10:1d:90:24:9d:1b:fe:cf:91:92:3c:d0:
87:80:25:21:07:52:fc:dc:ac:f1:2f:6a:3b:0d:fb:81:db:e3:
82:7d:3d:2c:e1:41:10:5e:81:d0:d2:82:21:03:79:7a:5b:4f:
96:93:57:5c:70:0f:32:33:85:8d:6d:b4:5c:9f:02:72:81:07:
ae:66:eb:95:7d:8b:a4:71:b2:15:4c:30:89:23:d7:c1:64:0d:
a8:3e:6d:4c:f4:b1:73:ed:0c:c2:78:71:fd:0c:14:81:4a:17:
6e:57:77:bb:51:4a:df:cb:2e:8b:72:9b:39:73:d4:b2:fe:7d:
9a:01:a8:56:24:99:a6:6d:26:37:99:28:92:8e:f8:55:8e:00:
18:2d:03:53:ab:73:be:ff:d1:64:06:77:9b:17:58:46:e7:53:
38:a7:81:b3:d8:7c:97:79:30:08:86:60:5d:a6:e3:8f:0b:a9:
c1:49:df:5e:91:94:f7:74:01:5a:08:a9:ab:b2:f3:c0:a5:1e:
4d:d0:c5:4d
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUMGGmhqb3BECGSjBQz8qlFxo3p5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwNDVaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkOTQyMjg1YmIyMjBjZjA5YjY4ZDc5Mjg0YjdhOTM5NTU3NDdiNTA0MjQ2
NjllZDgxOGVkZmU2YTdiYzc5MWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjnEWu6d5XL5ix1PskbZWZgolMAbDU/l3VaaQwjYEl/HFf1jZwIAiqaUCac
GvnHLqF9Ci77p7lEoZuUeR5xx0IWSSGAdufeqEJ6GcRwSydOW7/vp89ZmsY/SFW9
f4hK8hLtuudnXNiI0oxiVso5cmkmX5thhB1EZ0wN/hUqW4/R6jm38CsTuHh1WMdp
1nACrBX+tLpGXEWB21JPTjqV01zJ24xWrk5igMyKhIoGMjt1zxyCUlmAXpB6y6fW
eDFZPbQihIjtLDGcq+dRt4UjSUk42oWzGkF3ZW+CcJE8Ay9JIlT4i1RDXXR9BIkR
OvIhX4q2rBDE5PknORTxRtTXCacCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRpqMSw
HpA6ML/MjNBLWpZf80F3ZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjNmODRkZDEtNWU5MC00NDljLTk3NjMtNWE5ZTEzMWIxNmQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0G4w
DQYJKoZIhvcNAQELBQADggEBACYkII2Alg8h1ITMEP2UioLMh7MBz/QI+AfNZ1Zo
ootN0AEpIEFEXF8hlnOO4V2FjIwn5vfJl/Z0vOkHARAdkCSdG/7PkZI80IeAJSEH
UvzcrPEvajsN+4Hb44J9PSzhQRBegdDSgiEDeXpbT5aTV1xwDzIzhY1ttFyfAnKB
B65m65V9i6RxshVMMIkj18FkDag+bUz0sXPtDMJ4cf0MFIFKF25Xd7tRSt/LLoty
mzlz1LL+fZoBqFYkmaZtJjeZKJKO+FWOABgtA1Orc77/0WQGd5sXWEbnUzingbPY
fJd5MAiGYF2m448LqcFJ316RlPd0AVoIqauy88ClHk3QxU0=
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:58 2025 by rpki-client