Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb25223c-7312-415c-8345-87bab137dfea.roa
File: cb25223c-7312-415c-8345-87bab137dfea.roa (raw, json)
Hash identifier: lhLupHH+mX1DYnDmUROiIimYbPCD4XfVGaLm+Mw9SeE=
Subject key identifier: 47:A6:61:FB:D5:CE:94:F8:90:95:49:B5:F4:0A:DD:3F:99:5F:90:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BDE035BE8AFCCC1F76EAD7F1A6B9DCBB49E1C64
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb25223c-7312-415c-8345-87bab137dfea.roa
Signing time: Mon 12 May 2025 16:20:06 +0000
ROA not before: Mon 12 May 2025 16:20:06 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:e000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:de:03:5b:e8:af:cc:c1:f7:6e:ad:7f:1a:6b:9d:cb:b4:9e:1c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:06 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=d7fb86534f2ee371d1a614198064d5db9da918c01847fb7e9e823578a3447a0f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ac:34:88:5d:4d:30:39:07:50:46:14:b2:f2:
4f:62:d5:2a:7a:34:27:03:ae:93:a3:ce:96:31:d0:
23:f4:60:ed:ee:2a:cb:5e:fd:e8:f7:0b:53:60:3c:
f3:e6:5a:54:01:e4:f3:35:c8:fe:eb:1a:01:fb:5b:
aa:15:a5:bd:38:23:60:28:2f:11:20:73:6f:17:8c:
0e:0a:8d:f3:00:dd:16:e9:a7:f1:eb:9d:74:00:29:
87:98:d9:14:90:bb:1c:8f:1d:c7:06:1d:da:a1:6e:
81:d2:04:42:8d:d8:6c:98:76:1d:b0:8b:05:8d:e7:
8c:34:a3:8d:ce:14:47:a8:9d:07:89:59:7c:44:44:
50:57:c5:20:42:26:08:e4:18:7f:b0:ab:e1:9e:b2:
ca:02:64:c6:c7:7a:08:32:4c:51:bf:a7:ab:fe:55:
49:2e:54:92:5e:5a:9e:1f:5a:e2:b3:61:bf:5e:18:
d4:2a:3d:be:38:ee:f1:96:80:97:c1:2e:65:f1:74:
30:53:ec:d9:27:c3:bf:50:f8:4d:9e:a5:94:a2:75:
d4:9e:bf:bd:3b:5d:91:2a:39:4f:da:16:a0:1b:71:
9a:e7:16:16:f0:65:d7:3b:da:46:eb:4c:c6:bf:34:
72:e8:d7:c6:79:a5:ff:b0:42:db:7c:ea:f8:cb:0d:
77:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A6:61:FB:D5:CE:94:F8:90:95:49:B5:F4:0A:DD:3F:99:5F:90:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb25223c-7312-415c-8345-87bab137dfea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:e000::/40
Signature Algorithm: sha256WithRSAEncryption
63:47:e4:1a:5b:39:9b:7a:a8:24:43:e2:61:7d:0d:f1:38:75:
6a:94:63:70:4d:8a:21:77:c3:fb:c1:b6:ef:b2:ee:77:b8:8f:
65:d3:78:35:22:9e:67:ef:cb:80:e7:c4:95:2f:ab:c4:0c:03:
d7:03:52:27:3e:2e:24:5e:43:11:c5:4c:62:0e:b1:fe:05:cd:
5f:45:54:c4:5c:4d:c4:13:f3:73:44:b8:85:17:c4:70:c8:0e:
94:11:2d:a6:7d:96:58:de:3c:25:80:1d:8e:f7:8d:83:b8:0f:
b5:1b:46:23:de:5a:1d:12:9d:a3:82:d4:84:3d:a4:7d:a9:bb:
2d:65:49:21:78:fd:a6:33:e5:87:31:e9:7d:3f:33:b4:42:6e:
c9:a2:4d:84:f8:42:de:d1:d8:e9:a2:ac:ba:bd:98:b6:69:19:
98:c9:eb:c0:cc:7b:eb:12:59:b2:87:a9:05:35:18:c6:c6:0a:
51:c7:6f:68:ea:c2:8a:db:4e:2b:07:8e:3d:07:7d:09:72:b5:
fa:1b:e9:de:9a:49:f2:62:6f:a1:3b:ee:d2:06:4b:15:e6:ad:
8b:29:02:ce:d6:44:29:6c:dd:4b:81:5c:da:15:3a:84:cc:cf:
40:cd:e8:5f:77:5c:63:f5:b2:cb:c1:77:5c:68:41:0c:ea:c6:
2b:e4:62:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW94DW+ivzMH3bq1/Gmudy7SeHGQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMDZaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3ZmI4NjUzNGYyZWUzNzFkMWE2MTQxOTgwNjRkNWRiOWRhOTE4YzAxODQ3
ZmI3ZTllODIzNTc4YTM0NDdhMGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOasNIhdTTA5B1BGFLLyT2LVKno0JwOuk6POljHQI/Rg7e4qy1796PcLU2A8
8+ZaVAHk8zXI/usaAftbqhWlvTgjYCgvESBzbxeMDgqN8wDdFumn8euddAAph5jZ
FJC7HI8dxwYd2qFugdIEQo3YbJh2HbCLBY3njDSjjc4UR6idB4lZfEREUFfFIEIm
COQYf7Cr4Z6yygJkxsd6CDJMUb+nq/5VSS5Ukl5anh9a4rNhv14Y1Co9vjju8ZaA
l8EuZfF0MFPs2SfDv1D4TZ6llKJ11J6/vTtdkSo5T9oWoBtxmucWFvBl1zvaRutM
xr80cujXxnml/7BC23zq+MsNd+MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHpmH7
1c6U+JCVSbX0Ct0/mV+QLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2IyNTIyM2MtNzMxMi00MTVjLTgzNDUtODdiYWIxMzdkZmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fvg
MA0GCSqGSIb3DQEBCwUAA4IBAQBjR+QaWzmbeqgkQ+JhfQ3xOHVqlGNwTYohd8P7
wbbvsu53uI9l03g1Ip5n78uA58SVL6vEDAPXA1InPi4kXkMRxUxiDrH+Bc1fRVTE
XE3EE/NzRLiFF8RwyA6UES2mfZZY3jwlgB2O942DuA+1G0Yj3lodEp2jgtSEPaR9
qbstZUkheP2mM+WHMel9PzO0Qm7Jok2E+ELe0djpoqy6vZi2aRmYyevAzHvrElmy
h6kFNRjGxgpRx29o6sKK204rB449B30JcrX6G+nemknyYm+hO+7SBksV5q2LKQLO
1kQpbN1LgVzaFTqEzM9Azehfd1xj9bLLwXdcaEEM6sYr5GJF
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:01:44 2025 by rpki-client