Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1e068ff-4b68-41da-853b-c228a382c6bd.roa
File: d1e068ff-4b68-41da-853b-c228a382c6bd.roa (raw, json)
Hash identifier: IJ/G+kF+jmiBz50tAsgHgtNWxoOTQMPBu0rqgxxVxf4=
Subject key identifier: 7C:B2:2E:68:E3:AC:A7:32:0E:46:0D:0A:54:3E:6D:8D:82:18:6E:A9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52F685F6A445C15E1DA8CBA7E00664E6FF58D55A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1e068ff-4b68-41da-853b-c228a382c6bd.roa
Signing time: Mon 12 May 2025 16:20:48 +0000
ROA not before: Mon 12 May 2025 16:20:48 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:9000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:f6:85:f6:a4:45:c1:5e:1d:a8:cb:a7:e0:06:64:e6:ff:58:d5:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:48 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=5639377d833068f5800ac56f6f0244041d60b25b608ab8ea027b2e7b81d7c279, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:46:43:ea:9a:0e:07:24:21:52:e0:75:ad:62:
b1:70:a3:c0:c2:ec:68:7d:ab:d7:0b:09:24:97:18:
36:3f:9b:a9:d5:dd:bc:77:cd:fe:4a:dd:53:10:2b:
55:c6:b8:93:14:48:f5:be:7e:38:9a:5b:dc:d7:90:
46:9d:19:0e:91:da:76:2c:e4:a8:89:02:71:8c:ca:
a6:6b:bc:40:c0:7a:b3:a2:b3:a0:7f:ec:5a:37:86:
c8:5f:1e:48:b1:5c:b4:3f:e2:f3:71:b9:ef:49:e3:
a6:08:9b:30:e9:a7:0d:c2:63:2f:9f:22:52:f6:a1:
d4:b5:bd:53:b8:bf:d8:a3:56:1c:a5:42:6d:c2:55:
23:b1:d1:03:c1:cc:40:80:b1:df:21:6c:68:1a:cd:
5f:ba:31:51:2a:52:e3:2a:c0:e3:2b:ca:cc:bf:87:
57:75:0e:6e:b5:9d:d2:fd:42:08:71:d7:8f:5e:52:
4c:b5:20:d4:32:88:b2:c2:8c:08:c5:14:1b:4b:5d:
eb:6a:d9:8c:a0:f0:30:32:6e:3d:77:6e:6f:5a:f9:
58:bc:47:71:72:09:31:71:26:ea:75:78:8c:d6:6a:
d0:07:d5:16:29:2e:c5:17:57:89:66:54:40:4c:ec:
58:68:e8:fa:a0:f9:e7:76:9e:22:83:cb:83:3a:e0:
14:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B2:2E:68:E3:AC:A7:32:0E:46:0D:0A:54:3E:6D:8D:82:18:6E:A9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1e068ff-4b68-41da-853b-c228a382c6bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:9000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:13:43:ae:0c:3e:4d:19:d2:a3:53:95:47:dc:00:47:b7:73:
9d:d6:68:4f:4f:df:9f:ca:9f:88:34:b1:49:d5:21:91:b8:0f:
ee:82:72:ee:e9:8a:d7:71:47:b8:af:3c:bf:f6:9d:0d:69:f8:
03:d8:9e:cf:13:cd:a8:68:4a:b7:ac:a4:17:76:15:34:74:69:
cd:d9:ab:19:ed:e1:4f:40:fd:8d:fd:a7:d7:28:8a:ca:35:7f:
5b:a9:ad:48:4e:e4:ce:dc:4b:0f:a9:d0:b1:01:78:24:9d:05:
07:b3:fb:1e:17:cd:36:57:b8:5d:bd:47:c3:73:cf:b9:23:bf:
3e:c5:cd:d6:24:07:24:5e:5e:b9:16:aa:fd:8a:a4:4b:e9:5a:
a5:11:95:61:bf:84:23:5c:88:1d:a4:e3:79:00:ce:0f:23:31:
09:ac:0c:eb:3c:61:d0:5f:21:ae:e7:5c:43:a2:18:23:fb:a9:
57:22:f2:7c:59:de:37:d0:e6:a7:0b:fb:69:2b:d2:bc:9e:df:
d3:7b:2f:9d:6d:85:f4:fa:1b:a6:45:18:98:65:59:40:27:d8:
3b:a1:b2:b4:2c:5a:84:99:8b:f7:e7:1d:14:82:1b:16:e8:d3:
27:c2:04:35:2f:2f:d7:36:cd:a9:14:c0:8a:cb:a4:8f:76:60:
8e:b7:55:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUvaF9qRFwV4dqMun4AZk5v9Y1VowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwNDhaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2MzkzNzdkODMzMDY4ZjU4MDBhYzU2ZjZmMDI0NDA0MWQ2MGIyNWI2MDhh
YjhlYTAyN2IyZTdiODFkN2MyNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxGQ+qaDgckIVLgda1isXCjwMLsaH2r1wsJJJcYNj+bqdXdvHfN/krdUxAr
Vca4kxRI9b5+OJpb3NeQRp0ZDpHadizkqIkCcYzKpmu8QMB6s6KzoH/sWjeGyF8e
SLFctD/i83G570njpgibMOmnDcJjL58iUvah1LW9U7i/2KNWHKVCbcJVI7HRA8HM
QICx3yFsaBrNX7oxUSpS4yrA4yvKzL+HV3UObrWd0v1CCHHXj15STLUg1DKIssKM
CMUUG0td62rZjKDwMDJuPXdub1r5WLxHcXIJMXEm6nV4jNZq0AfVFikuxRdXiWZU
QEzsWGjo+qD553aeIoPLgzrgFEMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR8si5o
46ynMg5GDQpUPm2NghhuqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDFlMDY4ZmYtNGI2OC00MWRhLTg1M2ItYzIyOGEzODJjNmJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FuQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB+E0OuDD5NGdKjU5VH3ABHt3Od1mhPT9+fyp+I
NLFJ1SGRuA/ugnLu6YrXcUe4rzy/9p0NafgD2J7PE82oaEq3rKQXdhU0dGnN2asZ
7eFPQP2N/afXKIrKNX9bqa1ITuTO3EsPqdCxAXgknQUHs/seF802V7hdvUfDc8+5
I78+xc3WJAckXl65Fqr9iqRL6VqlEZVhv4QjXIgdpON5AM4PIzEJrAzrPGHQXyGu
51xDohgj+6lXIvJ8Wd430OanC/tpK9K8nt/Tey+dbYX0+humRRiYZVlAJ9g7obK0
LFqEmYv35x0UghsW6NMnwgQ1Ly/XNs2pFMCKy6SPdmCOt1Ud
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:35 2025 by rpki-client