Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3ac6f65-ec42-4148-bcc3-792c76925253.roa
File: c3ac6f65-ec42-4148-bcc3-792c76925253.roa (raw, json)
Hash identifier: 9FAmhgDY2ySLea7cxNwUtz4yViiSX1mOFRloO2VJxP4=
Subject key identifier: 60:0C:74:DB:96:39:06:CB:4C:60:EC:83:83:17:A2:25:6C:E5:22:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2840C41E5EA6D2AC304E6E0B6AD79013466438E1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3ac6f65-ec42-4148-bcc3-792c76925253.roa
Signing time: Thu 17 Apr 2025 16:38:49 +0000
ROA not before: Thu 17 Apr 2025 16:38:49 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:c000::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 17 Apr 2025 20:37:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:40:c4:1e:5e:a6:d2:ac:30:4e:6e:0b:6a:d7:90:13:46:64:38:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:38:49 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=7ce7f3de356af5a0660e16f734e6d4e8a68eedc7ef586e4f3a32bf4b6a2b28de, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6b:fa:a6:1f:a1:1e:e4:7c:df:a6:4a:20:74:
c5:b2:fa:14:14:07:bc:bb:df:28:9d:41:92:83:d6:
17:40:fa:52:7d:fb:45:14:86:9c:93:99:61:a7:82:
c4:b4:75:51:08:15:9e:d2:66:d1:79:23:1e:19:28:
0f:0d:d7:c6:e5:5b:e0:76:76:10:fb:5a:f6:1a:45:
a2:43:9c:8c:1b:fe:11:82:85:3b:a3:91:42:46:03:
e9:2b:3f:27:25:3f:22:60:44:eb:a9:33:96:88:5c:
85:7e:6c:89:1e:3c:35:28:fb:16:ad:ba:dd:34:2b:
28:fb:41:33:4b:fb:ec:e0:12:1c:98:d5:bb:67:87:
89:8a:6b:0d:6a:5b:36:a5:b1:ac:77:a4:5e:e4:21:
49:59:9d:cf:bd:a7:9e:3d:56:3f:57:cd:71:8a:0b:
2a:62:b5:8c:51:54:bf:04:1f:31:e0:8c:4a:ff:0e:
ed:eb:b2:7f:3b:d8:69:ce:59:da:f4:a2:57:47:7c:
41:e8:0f:bb:d8:f4:05:9e:9c:9c:36:7b:91:96:bb:
2d:76:0b:72:0f:a7:15:41:94:d5:7d:bd:75:a5:19:
27:51:fb:63:8e:17:ed:b1:cf:55:69:3c:3d:64:e5:
b2:11:84:be:71:23:07:8a:8b:da:25:86:1e:be:3c:
ba:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0C:74:DB:96:39:06:CB:4C:60:EC:83:83:17:A2:25:6C:E5:22:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3ac6f65-ec42-4148-bcc3-792c76925253.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:c000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:41:5a:b7:f9:92:a8:3c:85:33:7b:42:a9:2b:fc:6a:4c:61:
6f:28:1b:61:09:36:44:19:8d:57:b9:fe:b9:af:39:22:45:ed:
c2:c2:22:5d:a2:02:99:97:bc:cb:79:a7:90:81:9b:30:87:b0:
cc:ae:72:18:d1:3f:53:98:6b:a8:35:c0:37:27:1b:64:69:1e:
81:96:7a:58:0f:a2:c2:9d:94:38:c8:1f:6f:4d:6c:6e:64:7e:
13:fe:fc:dd:26:a4:60:45:42:b4:c4:a1:15:4e:8d:98:42:46:
6c:6b:7e:38:13:2b:d6:f0:62:ee:d8:5b:4b:b4:ec:8d:72:ac:
6f:a8:d4:29:86:dd:2f:93:d8:c1:87:86:71:da:ec:77:9e:e5:
49:21:6f:a7:22:72:28:7e:31:0f:dd:20:6a:e1:31:08:00:40:
90:e9:9a:d5:61:a1:ca:85:78:ed:6f:6b:ca:3c:bd:26:c9:21:
54:5d:a8:86:46:a9:74:e1:b1:a8:7e:e6:27:62:d1:af:05:f9:
02:9c:97:c4:d4:13:08:38:e5:5e:26:02:9e:69:01:43:cd:cf:
c9:9c:16:1d:a5:04:42:ad:19:5f:e4:35:66:dc:c6:de:c6:ee:
4b:70:e5:29:e4:82:92:4a:a9:2f:18:02:0b:09:fc:1b:0e:58:
15:c8:a8:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKEDEHl6m0qwwTm4LateQE0ZkOOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM4NDlaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjZTdmM2RlMzU2YWY1YTA2NjBlMTZmNzM0ZTZkNGU4YTY4ZWVkYzdlZjU4
NmU0ZjNhMzJiZjRiNmEyYjI4ZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVr+qYfoR7kfN+mSiB0xbL6FBQHvLvfKJ1BkoPWF0D6Un37RRSGnJOZYaeC
xLR1UQgVntJm0XkjHhkoDw3XxuVb4HZ2EPta9hpFokOcjBv+EYKFO6ORQkYD6Ss/
JyU/ImBE66kzlohchX5siR48NSj7Fq263TQrKPtBM0v77OASHJjVu2eHiYprDWpb
NqWxrHekXuQhSVmdz72nnj1WP1fNcYoLKmK1jFFUvwQfMeCMSv8O7euyfzvYac5Z
2vSiV0d8QegPu9j0BZ6cnDZ7kZa7LXYLcg+nFUGU1X29daUZJ1H7Y44X7bHPVWk8
PWTlshGEvnEjB4qL2iWGHr48un0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgDHTb
ljkGy0xg7IODF6IlbOUiKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzNhYzZmNjUtZWM0Mi00MTQ4LWJjYzMtNzkyYzc2OTI1MjUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G7A
MA0GCSqGSIb3DQEBCwUAA4IBAQCLQVq3+ZKoPIUze0KpK/xqTGFvKBthCTZEGY1X
uf65rzkiRe3CwiJdogKZl7zLeaeQgZswh7DMrnIY0T9TmGuoNcA3JxtkaR6BlnpY
D6LCnZQ4yB9vTWxuZH4T/vzdJqRgRUK0xKEVTo2YQkZsa344EyvW8GLu2FtLtOyN
cqxvqNQpht0vk9jBh4Zx2ux3nuVJIW+nInIofjEP3SBq4TEIAECQ6ZrVYaHKhXjt
b2vKPL0mySFUXaiGRql04bGofuYnYtGvBfkCnJfE1BMIOOVeJgKeaQFDzc/JnBYd
pQRCrRlf5DVm3Mbexu5LcOUp5IKSSqkvGAILCfwbDlgVyKj0
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:16 2025 by rpki-client