Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c472539c-9e04-4e39-a5ff-a906e6dece65.roa
File: c472539c-9e04-4e39-a5ff-a906e6dece65.roa (raw, json)
Hash identifier: i10ZZ1UDMB4roeiqIcQOBSMlqJsaJ4V36BlCggH8LK8=
Subject key identifier: 3E:E7:5D:8B:BD:39:93:D9:E1:EB:A1:DD:97:C9:A7:ED:AA:6A:5E:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45FE7BD9098B05C115DAF46D61A523F3468C9B4A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c472539c-9e04-4e39-a5ff-a906e6dece65.roa
Signing time: Thu 22 May 2025 01:24:10 +0000
ROA not before: Thu 22 May 2025 01:24:10 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:1000::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:fe:7b:d9:09:8b:05:c1:15:da:f4:6d:61:a5:23:f3:46:8c:9b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:24:10 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=e83da744e3beed8a32abe500edb2823131ea6bfa9c702f81ecf3fd6d1132d384, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5f:cd:b0:33:83:ae:bc:bf:f9:9a:be:0a:54:
41:b4:5c:e8:32:b9:7f:29:45:d3:a3:8e:96:ac:d6:
b6:a5:d9:83:a4:0a:a5:72:f9:52:81:53:4b:aa:83:
65:a7:c7:3d:28:fb:2b:be:b9:19:7b:9e:3c:5c:7f:
38:65:35:7f:52:d9:21:b8:55:3a:83:a3:ba:87:7e:
b9:8a:a1:67:d9:e4:40:77:35:db:95:89:96:d0:e0:
bd:b0:18:26:2d:72:77:0a:77:b0:a3:e0:4f:d4:2c:
27:98:ae:ec:09:00:05:ae:c0:aa:b1:7f:63:5a:14:
e1:1a:ec:8e:36:24:ff:4d:63:70:11:67:09:62:be:
84:aa:31:1c:5f:14:bf:d1:ae:09:37:fb:23:4c:36:
fd:00:e0:e0:41:00:34:b3:2b:3f:27:ce:7e:76:3f:
90:f4:c8:1e:88:03:f6:32:b8:f1:83:fe:98:bc:f3:
00:d2:fa:0c:29:19:24:fa:da:b4:bb:31:4b:22:84:
46:ce:e1:7e:42:58:f8:ad:f0:86:cd:7a:5b:34:2d:
00:91:61:0a:3f:24:e9:7d:f3:0c:fa:00:c8:fd:65:
57:c3:21:3e:75:9a:f3:fc:bb:75:f7:70:a0:7e:60:
06:95:2e:39:1a:80:84:63:fc:d5:39:bd:d7:5f:c8:
02:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E7:5D:8B:BD:39:93:D9:E1:EB:A1:DD:97:C9:A7:ED:AA:6A:5E:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c472539c-9e04-4e39-a5ff-a906e6dece65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:1000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:47:cf:a1:50:16:79:ac:ca:49:8a:98:7d:a8:fb:e2:e9:7d:
8c:6b:3b:5e:3d:5f:1d:79:50:33:ad:13:03:de:99:28:91:6b:
2e:82:96:b8:5f:96:bf:30:4b:84:d1:d9:15:b7:18:f3:76:f0:
2f:9d:b6:bf:c0:b2:f3:a3:c6:56:67:6c:a2:7f:45:a2:2c:ed:
c2:c5:bc:03:b2:81:e4:ed:8d:27:dd:e0:29:bf:6d:68:6f:4e:
29:56:08:19:33:67:04:33:c8:f4:8b:6a:0f:eb:a4:1c:81:84:
30:09:1a:36:ac:66:a0:9a:1c:1f:34:06:a0:fe:36:7a:b7:69:
e8:13:ea:d9:f4:29:b7:01:59:ab:7a:62:30:97:13:4e:87:2f:
03:05:4c:3a:c6:66:e1:32:03:8e:d7:9a:3a:5f:70:f3:bf:94:
30:ba:71:05:10:09:90:94:79:cc:44:53:33:b7:ef:5f:c8:c7:
85:a6:90:cb:75:e6:fa:a8:20:ef:18:23:e3:bc:96:af:82:93:
07:b9:4a:bb:77:a2:25:af:9d:f7:5b:bf:23:09:61:17:ac:ce:
74:96:6e:1b:0a:2d:9e:3d:52:48:08:05:fb:81:8b:ba:21:5b:
cb:64:fa:8f:3a:8b:6a:ef:b9:c1:4f:7d:d9:22:f0:9d:cb:b4:
c5:68:3c:16
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURf572QmLBcEV2vRtYaUj80aMm0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTI0MTBaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4M2RhNzQ0ZTNiZWVkOGEzMmFiZTUwMGVkYjI4MjMxMzFlYTZiZmE5Yzcw
MmY4MWVjZjNmZDZkMTEzMmQzODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJfzbAzg668v/mavgpUQbRc6DK5fylF06OOlqzWtqXZg6QKpXL5UoFTS6qD
ZafHPSj7K765GXuePFx/OGU1f1LZIbhVOoOjuod+uYqhZ9nkQHc125WJltDgvbAY
Ji1ydwp3sKPgT9QsJ5iu7AkABa7AqrF/Y1oU4RrsjjYk/01jcBFnCWK+hKoxHF8U
v9GuCTf7I0w2/QDg4EEANLMrPyfOfnY/kPTIHogD9jK48YP+mLzzANL6DCkZJPra
tLsxSyKERs7hfkJY+K3whs16WzQtAJFhCj8k6X3zDPoAyP1lV8MhPnWa8/y7dfdw
oH5gBpUuORqAhGP81Tm911/IArECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+512L
vTmT2eHrod2XyaftqmpekDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQ3MjUzOWMtOWUwNC00ZTM5LWE1ZmYtYTkwNmU2ZGVjZTY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCzR8+hUBZ5rMpJiph9qPvi6X2MaztePV8deVAz
rRMD3pkokWsugpa4X5a/MEuE0dkVtxjzdvAvnba/wLLzo8ZWZ2yif0WiLO3CxbwD
soHk7Y0n3eApv21ob04pVggZM2cEM8j0i2oP66QcgYQwCRo2rGagmhwfNAag/jZ6
t2noE+rZ9Cm3AVmremIwlxNOhy8DBUw6xmbhMgOO15o6X3Dzv5QwunEFEAmQlHnM
RFMzt+9fyMeFppDLdeb6qCDvGCPjvJavgpMHuUq7d6Ilr533W78jCWEXrM50lm4b
Ci2ePVJICAX7gYu6IVvLZPqPOotq77nBT33ZIvCdy7TFaDwW
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:25 2025 by rpki-client