Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c89d7657-b09b-4d45-b4b6-788156786264.roa
File: c89d7657-b09b-4d45-b4b6-788156786264.roa (raw, json)
Hash identifier: 4TqITORlNaO0XjNK2BlW9W3rS1aQKV5GyMLn+zAqcBA=
Subject key identifier: 3B:F1:B1:EF:84:28:0F:5D:19:A3:91:78:72:8C:84:BC:A5:94:59:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6897E1A0303F86ADDC44F59C3D913E783EEEDACA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c89d7657-b09b-4d45-b4b6-788156786264.roa
Signing time: Thu 22 May 2025 01:24:11 +0000
ROA not before: Thu 22 May 2025 01:24:11 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:5000::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:97:e1:a0:30:3f:86:ad:dc:44:f5:9c:3d:91:3e:78:3e:ee:da:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:24:11 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=bd234424edab9c428ec556ebf347039c77b749540d8cfc5313ae13dc1bba1c37, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b9:88:95:d4:35:55:23:ab:e5:d3:69:e8:61:
92:a6:0d:d7:1a:47:0f:92:3d:1c:a1:32:88:ed:90:
27:e6:80:04:02:54:07:59:84:b2:86:f5:f3:12:08:
d4:b9:b9:cc:ee:d9:ab:ef:eb:9e:63:a0:86:84:76:
0e:f4:28:53:4d:65:e9:aa:f5:c5:7c:bf:fc:b0:7e:
00:69:5a:9f:a0:26:50:df:da:2c:46:43:02:45:84:
a4:8e:40:04:cb:f9:75:ad:f5:7a:38:a0:08:14:a0:
01:50:00:7c:17:72:4e:30:9d:9e:4e:23:e1:74:09:
d2:20:67:38:b6:a5:c2:3e:45:a3:47:50:20:98:46:
b9:71:30:c4:dc:70:3e:36:21:f1:0e:52:2b:c6:33:
e3:df:80:c5:ef:3e:9a:0c:0d:c3:6a:36:f8:ea:67:
1a:13:ca:68:e2:ed:19:50:c8:a1:82:b9:00:cf:f6:
e0:c3:6e:34:22:2d:93:f8:ce:45:ec:0b:01:f9:f1:
83:5a:7b:c8:62:f4:3d:24:1a:b4:3c:95:0e:09:c1:
0d:ce:27:7d:ba:4d:78:8e:4c:c6:7e:40:fe:a5:48:
24:87:80:9f:fd:92:36:3a:51:eb:3b:77:59:f3:9b:
fe:f0:b1:44:7a:71:c8:c4:a9:a4:3c:04:36:9d:4f:
f5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F1:B1:EF:84:28:0F:5D:19:A3:91:78:72:8C:84:BC:A5:94:59:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c89d7657-b09b-4d45-b4b6-788156786264.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:5000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:3d:30:73:92:89:a9:cc:a5:3a:aa:ef:12:fc:a9:06:81:3b:
60:1b:2e:a2:6c:61:92:89:e2:39:51:1d:ab:6b:d0:99:f6:4a:
ba:5a:59:cc:9a:90:2a:5b:9c:d3:59:10:ba:ba:c9:95:87:a7:
7f:32:eb:08:4d:2f:76:4b:e3:e5:3e:86:88:43:2f:7d:38:a0:
09:00:7a:ed:52:d8:86:60:78:53:26:be:3b:d6:df:be:32:6d:
e3:7e:d5:12:7e:07:a4:1e:3c:51:3e:9a:8e:c5:2c:fb:c9:65:
9b:3a:c9:55:aa:81:0b:50:4e:1e:c0:a8:99:1a:1a:29:21:d9:
35:e1:f0:f4:9c:15:ef:16:a3:a0:1e:93:f1:35:6a:53:16:61:
32:d7:4a:9d:5b:41:c0:40:aa:9f:3c:0d:bd:51:e7:09:77:ea:
55:44:5e:f2:ec:e6:fb:60:ca:a7:2d:14:ff:3a:cb:a8:3a:fc:
e3:7d:63:64:1e:c8:aa:44:ce:25:46:a4:cf:1b:30:14:d6:21:
1c:a2:bb:96:76:7c:92:db:d1:39:66:6e:c7:8b:90:ad:3f:8d:
a6:de:57:b3:86:0f:0c:23:07:54:53:e2:ca:f9:c4:c1:a6:6a:
a9:5b:5c:d9:3a:d3:9c:52:4d:95:0c:0b:04:3f:15:9a:0e:62:
ba:8e:f0:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaJfhoDA/hq3cRPWcPZE+eD7u2sowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTI0MTFaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMjM0NDI0ZWRhYjljNDI4ZWM1NTZlYmYzNDcwMzljNzdiNzQ5NTQwZDhj
ZmM1MzEzYWUxM2RjMWJiYTFjMzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJu5iJXUNVUjq+XTaehhkqYN1xpHD5I9HKEyiO2QJ+aABAJUB1mEsob18xII
1Lm5zO7Zq+/rnmOghoR2DvQoU01l6ar1xXy//LB+AGlan6AmUN/aLEZDAkWEpI5A
BMv5da31ejigCBSgAVAAfBdyTjCdnk4j4XQJ0iBnOLalwj5Fo0dQIJhGuXEwxNxw
PjYh8Q5SK8Yz49+Axe8+mgwNw2o2+OpnGhPKaOLtGVDIoYK5AM/24MNuNCItk/jO
RewLAfnxg1p7yGL0PSQatDyVDgnBDc4nfbpNeI5Mxn5A/qVIJIeAn/2SNjpR6zt3
WfOb/vCxRHpxyMSppDwENp1P9a8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ78bHv
hCgPXRmjkXhyjIS8pZRZfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzg5ZDc2NTctYjA5Yi00ZDQ1LWI0YjYtNzg4MTU2Nzg2MjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDEPTBzkompzKU6qu8S/KkGgTtgGy6ibGGSieI5
UR2ra9CZ9kq6WlnMmpAqW5zTWRC6usmVh6d/MusITS92S+PlPoaIQy99OKAJAHrt
UtiGYHhTJr471t++Mm3jftUSfgekHjxRPpqOxSz7yWWbOslVqoELUE4ewKiZGhop
Idk14fD0nBXvFqOgHpPxNWpTFmEy10qdW0HAQKqfPA29UecJd+pVRF7y7Ob7YMqn
LRT/OsuoOvzjfWNkHsiqRM4lRqTPGzAU1iEcoruWdnyS29E5Zm7Hi5CtP42m3lez
hg8MIwdUU+LK+cTBpmqpW1zZOtOcUk2VDAsEPxWaDmK6jvCx
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:56:59 2025 by rpki-client