Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa
File: c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa (raw, json)
Hash identifier: BNc0qLewmcjpHI8mqk37PK41fVXv5viPjSZlzajqcUY=
Subject key identifier: DA:64:71:06:A9:90:B2:C2:AE:31:51:05:94:56:47:67:EB:D3:03:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74CB14F6A6BAAF8C11FD5EBF36DE1D21CC90086E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa
Signing time: Tue 20 May 2025 19:00:04 +0000
ROA not before: Tue 20 May 2025 19:00:04 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:5000::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:cb:14:f6:a6:ba:af:8c:11:fd:5e:bf:36:de:1d:21:cc:90:08:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:00:04 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=cbabeea453e1a75aaaf5f660b50c32804fb5c7f154d93824800aa0d9db63a68e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:61:8e:75:5d:aa:13:75:59:c4:af:d6:c2:16:
ab:99:83:05:46:e1:eb:23:74:cb:54:ce:67:65:03:
1f:e9:a6:52:3c:18:15:a6:d9:96:39:75:c5:38:7b:
dc:8a:73:5d:6a:bd:e6:24:7c:bf:89:22:2d:eb:a3:
6c:dc:2b:50:2b:c5:32:7a:25:73:f9:e1:14:aa:83:
c4:3d:cf:7c:4c:85:c0:23:21:e8:f4:ed:65:84:02:
01:4a:07:e5:56:df:16:91:80:e3:85:f6:43:ed:c9:
df:ce:f6:a5:73:cd:b0:b3:fa:79:28:00:0d:f2:47:
a6:17:c0:80:cc:21:f9:83:53:82:e1:5c:61:f6:84:
2c:3e:18:f6:0f:6f:c6:ac:1a:fd:b9:08:98:85:75:
51:23:02:df:ed:be:26:c1:ee:c5:9c:ef:b6:0a:86:
98:42:83:83:e9:1b:09:3b:c5:5d:dc:1d:c7:24:25:
08:16:7b:9b:1b:43:97:f1:45:b2:02:a6:54:da:3b:
6c:0b:72:72:e3:75:2b:38:f6:f1:a0:ab:f9:5e:02:
b4:eb:53:a4:43:b7:47:08:6c:6f:fd:e3:d2:9d:f6:
fd:49:3e:09:a1:29:74:cd:95:6e:ea:91:a9:3a:3a:
ab:0a:15:ab:2c:79:7a:1f:40:75:a2:e8:1b:d0:6e:
4b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:64:71:06:A9:90:B2:C2:AE:31:51:05:94:56:47:67:EB:D3:03:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c61cb2a2-1406-49c9-9fec-a48e76950ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:5000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:e2:8c:9e:b3:43:71:15:38:02:26:e4:a0:75:05:1d:ab:cb:
36:ba:ca:2e:d1:87:fd:f1:d7:64:c9:31:dc:50:e9:c1:28:c6:
be:26:9c:20:08:a8:55:3c:ab:c1:9c:08:01:3b:7c:a3:e1:92:
03:bf:bb:5e:dc:a5:ff:42:d7:04:f8:34:f4:19:dd:74:d9:8e:
cf:b9:01:55:e9:2f:66:7f:47:0c:0c:34:68:7e:f1:58:01:de:
5c:b9:0c:0c:3a:ff:c3:41:d5:18:a8:a3:b0:ea:7a:ff:b2:3a:
6f:ec:f5:ee:81:f3:00:c0:34:cb:09:5a:30:0e:7c:c7:d3:a0:
2d:4f:e7:b1:e3:d1:90:f3:6b:4b:45:f6:e9:40:b2:ea:b8:33:
41:06:bd:af:c1:e5:32:1a:67:14:a6:48:e0:7b:4e:61:ea:99:
7e:49:fd:dc:2f:64:34:6b:0b:f9:6a:2d:59:c2:5a:7e:6c:4c:
30:cc:cf:d9:0c:0b:46:97:0f:a4:05:8e:37:3f:f8:28:39:67:
2d:85:40:33:ee:1c:28:3f:26:3e:c4:b2:dc:40:74:0b:47:89:
2c:26:3d:3f:02:40:2a:5e:7a:da:9d:08:53:c1:d6:27:a5:4b:
58:9e:8a:c4:99:d0:ea:4a:a4:8c:7a:b5:1a:78:95:46:b1:bb:
47:fb:1b:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdMsU9qa6r4wR/V6/Nt4dIcyQCG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTAwMDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiYWJlZWE0NTNlMWE3NWFhYWY1ZjY2MGI1MGMzMjgwNGZiNWM3ZjE1NGQ5
MzgyNDgwMGFhMGQ5ZGI2M2E2OGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI1hjnVdqhN1WcSv1sIWq5mDBUbh6yN0y1TOZ2UDH+mmUjwYFabZljl1xTh7
3IpzXWq95iR8v4kiLeujbNwrUCvFMnolc/nhFKqDxD3PfEyFwCMh6PTtZYQCAUoH
5VbfFpGA44X2Q+3J3872pXPNsLP6eSgADfJHphfAgMwh+YNTguFcYfaELD4Y9g9v
xqwa/bkImIV1USMC3+2+JsHuxZzvtgqGmEKDg+kbCTvFXdwdxyQlCBZ7mxtDl/FF
sgKmVNo7bAtycuN1Kzj28aCr+V4CtOtTpEO3Rwhsb/3j0p32/Uk+CaEpdM2VbuqR
qTo6qwoVqyx5eh9AdaLoG9BuS1UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTaZHEG
qZCywq4xUQWUVkdn69MDNzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzYxY2IyYTItMTQwNi00OWM5LTlmZWMtYTQ4ZTc2OTUwZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB+4oyes0NxFTgCJuSgdQUdq8s2usou0Yf98ddk
yTHcUOnBKMa+JpwgCKhVPKvBnAgBO3yj4ZIDv7te3KX/QtcE+DT0Gd102Y7PuQFV
6S9mf0cMDDRofvFYAd5cuQwMOv/DQdUYqKOw6nr/sjpv7PXugfMAwDTLCVowDnzH
06AtT+ex49GQ82tLRfbpQLLquDNBBr2vweUyGmcUpkjge05h6pl+Sf3cL2Q0awv5
ai1Zwlp+bEwwzM/ZDAtGlw+kBY43P/goOWcthUAz7hwoPyY+xLLcQHQLR4ksJj0/
AkAqXnranQhTwdYnpUtYnorEmdDqSqSMerUaeJVGsbtH+xuv
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:56 2025 by rpki-client