Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c97f681a-cc69-4f2e-a3db-335145b02e2c.roa
File: c97f681a-cc69-4f2e-a3db-335145b02e2c.roa (raw, json)
Hash identifier: YMpbCDISAscrhXQ7vFOZl5m6D/ItTvSw1KftUCkrnTg=
Subject key identifier: AF:04:5F:A8:9E:BB:CF:9C:6C:27:2E:E7:24:76:3E:CD:D2:84:4C:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5738A112DB8BF8222F678B57B7217DF0A9C768FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c97f681a-cc69-4f2e-a3db-335145b02e2c.roa
Signing time: Mon 12 May 2025 16:20:26 +0000
ROA not before: Mon 12 May 2025 16:20:26 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:8000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:38:a1:12:db:8b:f8:22:2f:67:8b:57:b7:21:7d:f0:a9:c7:68:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:26 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=3e962122aa5426e9101f028254c563f46dd2a95cc33ae0f06f2ce1eedb5da3bd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9b:fb:98:5f:dd:22:85:05:a1:98:0b:4c:51:
b1:b4:2d:25:e6:30:05:ec:bc:cf:43:a1:bd:a8:ed:
c1:e0:78:ca:cc:6b:b6:57:0a:4e:6b:36:15:a1:5a:
3b:bf:cc:c3:0b:48:99:50:45:4e:d2:66:18:be:7e:
28:ed:9a:d8:5a:4e:42:f8:cf:f1:01:c0:bf:17:77:
ed:5b:1b:64:f3:5b:9e:a9:23:ba:4b:7c:9c:f4:d6:
39:a6:44:0c:bb:dc:e6:52:5e:f2:97:22:96:e2:2a:
f5:da:e2:01:7e:bc:b5:40:54:b7:33:58:07:77:69:
77:60:cf:19:db:41:78:23:c8:a1:c7:74:a1:4d:0d:
7d:64:d0:93:d5:9f:5e:0f:03:f6:4d:df:85:1d:13:
8f:dd:e5:1c:07:4e:df:52:5d:32:31:57:1c:5b:37:
61:17:7d:54:b8:38:cc:60:40:3f:64:73:d5:f5:8d:
01:ab:60:91:20:c2:e9:45:89:56:50:1d:4e:8e:67:
b4:41:6d:67:03:dc:77:bd:82:2c:d8:71:44:41:b5:
c4:cb:53:0f:95:eb:c6:1d:ad:35:10:ab:39:b8:ba:
75:bf:df:b1:83:2b:10:4a:41:7a:33:f3:7d:b5:89:
a1:61:2f:4c:0d:2d:06:45:18:a6:af:4c:3f:84:40:
99:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:04:5F:A8:9E:BB:CF:9C:6C:27:2E:E7:24:76:3E:CD:D2:84:4C:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c97f681a-cc69-4f2e-a3db-335145b02e2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:8000::/40
Signature Algorithm: sha256WithRSAEncryption
84:c6:b6:e6:57:fe:7b:b7:6e:cf:c6:80:39:71:e6:ed:7c:47:
be:d7:a9:30:b3:53:dd:01:8e:c4:9c:19:41:e5:77:51:84:76:
68:7c:1e:40:9b:e3:d3:d8:f1:ba:89:cd:56:63:34:62:8f:27:
36:50:9d:97:9e:f5:00:05:73:a5:47:67:a5:11:1a:f8:31:f4:
b9:10:99:96:3c:21:4a:8c:62:0b:09:76:33:96:d8:d1:8a:59:
c9:b2:33:32:e1:58:89:71:26:dd:cb:45:ea:cd:8b:5f:88:3c:
47:40:8b:bb:d2:5d:74:6a:0f:a2:66:57:f8:f9:86:68:60:d6:
7b:dd:30:57:4d:9b:81:35:c1:c5:9e:db:19:87:84:2f:99:f4:
02:87:4d:cc:06:50:f2:e3:4e:97:c9:c3:66:ed:6f:c3:c2:39:
18:1e:a2:de:d8:9a:99:83:b5:3b:d7:71:21:11:a8:27:85:9b:
fd:da:05:4d:9c:c7:b2:2e:0e:52:2c:ab:81:59:1e:44:0f:d9:
9f:5e:23:7c:8d:88:6e:7a:12:68:de:a0:07:82:e0:b3:f2:99:
ad:5c:75:8e:cb:a7:fa:a4:69:c9:1e:40:d8:45:8e:c0:ea:2e:
9e:75:2e:83:99:8b:52:f5:9a:5e:bf:90:1f:30:cc:85:38:16:
f1:1f:92:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVzihEtuL+CIvZ4tXtyF98KnHaPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMjZaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlOTYyMTIyYWE1NDI2ZTkxMDFmMDI4MjU0YzU2M2Y0NmRkMmE5NWNjMzNh
ZTBmMDZmMmNlMWVlZGI1ZGEzYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+b+5hf3SKFBaGYC0xRsbQtJeYwBey8z0OhvajtweB4ysxrtlcKTms2FaFa
O7/MwwtImVBFTtJmGL5+KO2a2FpOQvjP8QHAvxd37VsbZPNbnqkjukt8nPTWOaZE
DLvc5lJe8pciluIq9driAX68tUBUtzNYB3dpd2DPGdtBeCPIocd0oU0NfWTQk9Wf
Xg8D9k3fhR0Tj93lHAdO31JdMjFXHFs3YRd9VLg4zGBAP2Rz1fWNAatgkSDC6UWJ
VlAdTo5ntEFtZwPcd72CLNhxREG1xMtTD5Xrxh2tNRCrObi6db/fsYMrEEpBejPz
fbWJoWEvTA0tBkUYpq9MP4RAmScCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSvBF+o
nrvPnGwnLuckdj7N0oRMCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzk3ZjY4MWEtY2M2OS00ZjJlLWEzZGItMzM1MTQ1YjAyZTJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G6A
MA0GCSqGSIb3DQEBCwUAA4IBAQCExrbmV/57t27PxoA5cebtfEe+16kws1PdAY7E
nBlB5XdRhHZofB5Am+PT2PG6ic1WYzRijyc2UJ2XnvUABXOlR2elERr4MfS5EJmW
PCFKjGILCXYzltjRilnJsjMy4ViJcSbdy0XqzYtfiDxHQIu70l10ag+iZlf4+YZo
YNZ73TBXTZuBNcHFntsZh4QvmfQCh03MBlDy406XycNm7W/DwjkYHqLe2JqZg7U7
13EhEagnhZv92gVNnMeyLg5SLKuBWR5ED9mfXiN8jYhuehJo3qAHguCz8pmtXHWO
y6f6pGnJHkDYRY7A6i6edS6DmYtS9Zpev5AfMMyFOBbxH5Ih
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:31 2025 by rpki-client