Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc420b95-f459-41bc-b08a-0eb2c2ac7a83.roa
File: bc420b95-f459-41bc-b08a-0eb2c2ac7a83.roa (raw, json)
Hash identifier: Qf9tq5qIoh2e6QbSLWBTKzAWj5nmOeJsYardrFNzhO4=
Subject key identifier: 8F:3D:9E:37:3C:F0:72:0E:30:AB:FC:15:1F:D1:11:55:4B:3F:63:C7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6109F9E680B33506D7376186E171B164BFBF9C42
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc420b95-f459-41bc-b08a-0eb2c2ac7a83.roa
Signing time: Thu 22 May 2025 01:22:25 +0000
ROA not before: Thu 22 May 2025 01:22:25 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:5040::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:09:f9:e6:80:b3:35:06:d7:37:61:86:e1:71:b1:64:bf:bf:9c:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:25 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=d09ef96366c09c1ccf7029425c977531752b12cf5387fa55efa64f1eb01895f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7c:47:86:62:15:70:90:20:ce:28:bb:58:ff:
fc:1f:6d:8f:4e:66:9d:ce:c8:e4:66:06:bf:1d:29:
66:24:9e:a5:e5:71:f7:95:9c:82:e8:3a:ac:85:8f:
6a:de:4f:8b:fa:89:a8:06:51:ad:db:a9:b7:b9:82:
b2:29:38:5a:3b:1e:de:df:bb:15:1e:c1:b9:87:70:
d1:ff:dc:de:b9:13:fa:52:85:b5:54:01:fd:22:d7:
34:45:97:66:52:66:2b:02:f7:fc:04:ba:a0:9d:63:
ff:4a:26:5b:3c:fc:ad:54:7b:38:a5:88:f3:6d:1d:
bb:3f:c1:db:6f:e6:8a:d8:45:93:ee:f9:9f:c1:35:
cf:61:fd:9c:a3:0c:b2:0f:22:8e:60:9a:bc:91:08:
d7:64:1c:03:27:f3:28:91:b9:38:b0:07:e3:95:db:
43:ca:67:4b:db:22:4f:3f:50:c4:24:bf:09:f0:09:
ec:a6:d3:9b:4d:2b:85:1a:a6:49:b1:91:c2:cb:5e:
1f:30:d0:38:23:e5:9b:f1:93:ef:6a:4b:0f:fd:34:
2c:16:53:b0:80:2b:a6:3c:82:8c:43:a1:f2:06:82:
fe:2c:08:2b:c1:7f:d0:e4:c5:26:49:56:71:d2:4e:
4d:6a:2f:9a:aa:5e:0d:9c:6d:eb:cd:44:21:c0:fc:
65:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:3D:9E:37:3C:F0:72:0E:30:AB:FC:15:1F:D1:11:55:4B:3F:63:C7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc420b95-f459-41bc-b08a-0eb2c2ac7a83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:5040::/48
Signature Algorithm: sha256WithRSAEncryption
1c:e2:1e:1c:f0:38:91:7d:3d:da:9e:65:e1:aa:63:27:3a:72:
54:00:71:b1:62:ba:d7:6f:d8:1e:bb:88:b6:d3:da:90:be:41:
a7:c6:11:41:9f:9e:85:90:4b:f8:1d:de:2f:b2:40:46:15:ea:
91:5d:52:b1:32:8d:e8:17:0c:a1:7a:92:f8:17:41:6d:0f:99:
24:9b:34:5a:00:af:33:b6:db:09:54:ca:15:28:83:f2:fe:e8:
e7:64:2f:46:9e:1b:40:07:c6:9d:b6:fd:c7:b2:6c:d3:fa:60:
07:54:80:a1:c9:e3:e7:89:47:83:3a:b8:f5:82:be:5c:fb:34:
89:1a:81:13:76:bf:6f:de:6c:60:d9:92:fd:9a:34:7b:36:b7:
18:ce:a3:a6:75:8d:8b:2e:85:ae:2f:c9:c6:b3:b2:93:9d:f2:
72:3b:ab:7a:64:7a:67:58:5c:06:38:19:e1:cb:7a:4b:67:41:
4b:3f:b3:8d:96:d4:68:29:5b:a2:57:b9:1a:d2:44:82:aa:a5:
9b:3d:36:39:5c:37:8f:3c:3b:2a:47:2d:df:b1:9d:f0:f6:7e:
c2:1b:f1:12:34:e5:c7:21:d0:92:7a:74:ae:8c:ac:43:13:9b:
b9:30:1c:ce:b1:cf:ce:9f:79:f6:6a:09:b2:41:59:e2:64:54:
88:30:3b:68
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYQn55oCzNQbXN2GG4XGxZL+/nEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMjVaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwOWVmOTYzNjZjMDljMWNjZjcwMjk0MjVjOTc3NTMxNzUyYjEyY2Y1Mzg3
ZmE1NWVmYTY0ZjFlYjAxODk1ZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJ8R4ZiFXCQIM4ou1j//B9tj05mnc7I5GYGvx0pZiSepeVx95Wcgug6rIWP
at5Pi/qJqAZRrdupt7mCsik4Wjse3t+7FR7BuYdw0f/c3rkT+lKFtVQB/SLXNEWX
ZlJmKwL3/AS6oJ1j/0omWzz8rVR7OKWI820duz/B22/mithFk+75n8E1z2H9nKMM
sg8ijmCavJEI12QcAyfzKJG5OLAH45XbQ8pnS9siTz9QxCS/CfAJ7KbTm00rhRqm
SbGRwsteHzDQOCPlm/GT72pLD/00LBZTsIArpjyCjEOh8gaC/iwIK8F/0OTFJklW
cdJOTWovmqpeDZxt681EIcD8ZVsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSPPZ43
PPByDjCr/BUf0RFVSz9jxzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM0MjBiOTUtZjQ1OS00MWJjLWIwOGEtMGViMmMyYWM3YTgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FlQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAHOIeHPA4kX092p5l4apjJzpyVABxsWK612/Y
HruIttPakL5Bp8YRQZ+ehZBL+B3eL7JARhXqkV1SsTKN6BcMoXqS+BdBbQ+ZJJs0
WgCvM7bbCVTKFSiD8v7o52QvRp4bQAfGnbb9x7Js0/pgB1SAocnj54lHgzq49YK+
XPs0iRqBE3a/b95sYNmS/Zo0eza3GM6jpnWNiy6Fri/JxrOyk53ycjuremR6Z1hc
BjgZ4ct6S2dBSz+zjZbUaClbole5GtJEgqqlmz02OVw3jzw7Kkct37Gd8PZ+whvx
EjTlxyHQknp0roysQxObuTAczrHPzp959moJskFZ4mRUiDA7aA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:02:08 2025 by rpki-client