Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4afb7e4-7870-45cd-8ec2-49fe62dbe12d.roa
File: c4afb7e4-7870-45cd-8ec2-49fe62dbe12d.roa (raw, json)
Hash identifier: gZhDEpuryUsnyLsf6JlRUewn8WuJ1ygyrUh2VdZ7tTs=
Subject key identifier: 88:10:9C:84:99:8B:6F:0C:01:28:46:08:F1:14:17:F0:2A:D0:62:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 744B65A28E54EAD01581069CC2534427781FE054
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4afb7e4-7870-45cd-8ec2-49fe62dbe12d.roa
Signing time: Mon 12 May 2025 16:20:24 +0000
ROA not before: Mon 12 May 2025 16:20:24 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:9000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:53:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:4b:65:a2:8e:54:ea:d0:15:81:06:9c:c2:53:44:27:78:1f:e0:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:24 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=be51af612d2b3ab1a38c6e6e78e4e379fde31fe775990d697a95243bfb02c0df, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:72:9e:78:c0:0c:94:6e:aa:05:a9:03:4e:b2:
08:49:46:49:1b:81:16:44:a9:fa:b1:46:75:7e:ec:
fc:be:e3:0f:a3:c6:b8:c5:e8:fb:e8:d3:94:fd:1b:
95:25:4d:82:5f:a9:03:0b:c7:f4:df:a7:24:fc:6a:
a9:a3:db:f0:ac:94:18:16:88:51:25:86:8d:87:3f:
bb:f5:a4:e4:ad:42:20:fe:c8:07:da:48:35:b3:b3:
04:55:97:e4:a3:e0:1d:15:20:68:a9:1b:cb:0a:5b:
2a:70:5d:72:fd:61:87:21:c1:98:05:4e:0f:dd:e5:
ed:7f:39:52:7a:51:23:44:fb:c7:6a:b0:4a:b3:0b:
d3:b4:c3:c9:33:7b:31:66:9d:05:09:1b:f3:90:7d:
e6:3f:0b:49:d5:d8:44:47:80:d8:c0:0d:6d:12:c7:
e4:69:a5:ce:ee:6e:1c:25:34:33:ed:1b:fb:06:98:
dd:92:14:54:ec:ff:ba:15:12:1c:3b:d2:6b:ec:c1:
f0:7c:c6:ed:23:46:7e:66:31:20:f9:05:fa:d0:73:
04:65:ac:3a:e7:c6:26:fe:6d:96:97:72:d5:54:a3:
1b:6c:76:ce:11:d1:a2:6f:55:03:38:29:cd:9a:60:
94:27:ff:61:8f:77:9b:3b:d7:fa:4c:0c:a9:31:82:
24:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:10:9C:84:99:8B:6F:0C:01:28:46:08:F1:14:17:F0:2A:D0:62:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c4afb7e4-7870-45cd-8ec2-49fe62dbe12d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:9000::/40
Signature Algorithm: sha256WithRSAEncryption
1c:b4:7b:f6:f1:e2:46:2e:00:01:fc:3e:ba:c0:45:2b:ac:94:
9b:38:08:28:df:39:b1:03:16:d6:f6:ff:b6:2f:31:00:82:8d:
d7:03:05:07:63:95:a8:68:2b:93:17:87:e3:eb:14:7c:8c:0c:
bf:48:d0:43:3e:5e:68:b0:ac:ac:e5:d4:79:81:8f:c7:67:62:
6b:8c:08:97:2d:e3:a0:a5:84:be:0f:64:c8:1e:89:d9:57:44:
de:99:3c:d3:eb:29:7b:e2:c8:3a:59:74:37:24:36:9a:fc:bc:
c7:1e:bd:6f:95:53:e7:4b:d5:05:91:6e:d4:e9:57:b4:9f:f6:
f6:85:35:05:95:af:0f:7c:4d:03:a1:01:c0:14:39:04:be:3f:
07:bf:76:42:38:8d:e6:a0:90:d9:02:7b:5c:22:50:d4:27:45:
e9:b6:6b:e2:8d:01:59:75:d5:c4:9e:4d:4a:75:28:8c:2d:62:
98:24:9d:1b:78:26:42:15:79:cc:31:3e:11:54:fb:35:74:38:
b2:72:5f:16:11:51:d9:f9:50:1f:7c:24:13:06:c7:44:1d:30:
94:8d:da:ff:90:a9:d0:f1:23:a2:f7:00:a1:eb:02:84:a7:2f:
ae:01:cf:d1:ee:83:77:69:7a:78:1a:f3:fe:dd:81:43:70:bf:
96:c9:8c:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdEtloo5U6tAVgQacwlNEJ3gf4FQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMjRaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlNTFhZjYxMmQyYjNhYjFhMzhjNmU2ZTc4ZTRlMzc5ZmRlMzFmZTc3NTk5
MGQ2OTdhOTUyNDNiZmIwMmMwZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlynnjADJRuqgWpA06yCElGSRuBFkSp+rFGdX7s/L7jD6PGuMXo++jTlP0b
lSVNgl+pAwvH9N+nJPxqqaPb8KyUGBaIUSWGjYc/u/Wk5K1CIP7IB9pINbOzBFWX
5KPgHRUgaKkbywpbKnBdcv1hhyHBmAVOD93l7X85UnpRI0T7x2qwSrML07TDyTN7
MWadBQkb85B95j8LSdXYREeA2MANbRLH5Gmlzu5uHCU0M+0b+waY3ZIUVOz/uhUS
HDvSa+zB8HzG7SNGfmYxIPkF+tBzBGWsOufGJv5tlpdy1VSjG2x2zhHRom9VAzgp
zZpglCf/YY93mzvX+kwMqTGCJCcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSIEJyE
mYtvDAEoRgjxFBfwKtBiuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzRhZmI3ZTQtNzg3MC00NWNkLThlYzItNDlmZTYyZGJlMTJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G6Q
MA0GCSqGSIb3DQEBCwUAA4IBAQActHv28eJGLgAB/D66wEUrrJSbOAgo3zmxAxbW
9v+2LzEAgo3XAwUHY5WoaCuTF4fj6xR8jAy/SNBDPl5osKys5dR5gY/HZ2JrjAiX
LeOgpYS+D2TIHonZV0TemTzT6yl74sg6WXQ3JDaa/LzHHr1vlVPnS9UFkW7U6Ve0
n/b2hTUFla8PfE0DoQHAFDkEvj8Hv3ZCOI3moJDZAntcIlDUJ0XptmvijQFZddXE
nk1KdSiMLWKYJJ0beCZCFXnMMT4RVPs1dDiycl8WEVHZ+VAffCQTBsdEHTCUjdr/
kKnQ8SOi9wCh6wKEpy+uAc/R7oN3aXp4GvP+3YFDcL+WyYx0
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:02 2025 by rpki-client