Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7fc026-d4bf-4785-a339-050c3fe5352d.roa
File: dd7fc026-d4bf-4785-a339-050c3fe5352d.roa (raw, json)
Hash identifier: i7VoNHnD2Gd6D3UbPwy3ZGSukvEaSMV9z0VB7E6NX+M=
Subject key identifier: F1:8C:D1:73:78:7F:B1:62:18:AA:95:DF:C3:9B:FF:CE:46:E2:AE:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 43DADCD24B16D01723AAC458CA77D23D4625185B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7fc026-d4bf-4785-a339-050c3fe5352d.roa
Signing time: Mon 12 May 2025 16:20:51 +0000
ROA not before: Mon 12 May 2025 16:20:51 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:b000::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:da:dc:d2:4b:16:d0:17:23:aa:c4:58:ca:77:d2:3d:46:25:18:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:51 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=7bd39d47306302d363ed076f338686d18c81385b88c419b449f6d24211e972a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:13:1b:b9:d0:8f:af:ac:42:68:10:90:17:eb:
7c:5f:ca:e1:f9:b6:75:70:3e:b7:6b:ad:16:dd:b2:
66:49:aa:57:33:31:53:4e:64:de:2c:2b:3b:a9:12:
c7:13:4f:ea:79:d2:28:8e:65:f1:f3:96:67:69:04:
44:01:e9:a1:09:3e:a5:f1:0a:20:99:9c:9d:c8:a1:
7f:a3:49:ba:a1:ba:f6:a8:bf:54:71:78:a0:41:40:
9a:aa:f7:e0:82:41:8e:14:0e:9c:d9:59:55:8a:f9:
82:34:0f:ef:07:17:b3:aa:bd:82:b3:e6:9a:bd:6d:
dd:9f:39:0e:0e:c4:f2:b7:3f:20:bf:56:a7:12:53:
b5:ba:d2:6b:3a:9e:21:40:ca:26:9f:df:01:c4:0f:
4e:11:9d:01:00:c9:d5:a3:ab:9a:20:45:d3:ee:19:
54:81:66:82:b6:4a:89:be:35:64:da:91:99:ee:81:
b3:07:16:d6:45:4a:2e:7b:a8:52:c7:f9:b8:28:3b:
da:f5:8d:cc:4e:52:e2:de:93:c6:8b:f4:04:22:1a:
89:20:db:12:37:4b:c0:08:36:56:72:96:8e:7c:74:
c4:f6:cd:ae:19:14:69:6e:50:f4:5d:40:ca:e0:86:
77:fa:09:2c:90:bc:c8:20:a1:fd:28:c4:0f:81:cb:
e3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:8C:D1:73:78:7F:B1:62:18:AA:95:DF:C3:9B:FF:CE:46:E2:AE:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd7fc026-d4bf-4785-a339-050c3fe5352d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:b000::/40
Signature Algorithm: sha256WithRSAEncryption
96:5f:da:c4:da:0f:8d:4e:a6:db:b7:e2:24:90:85:bf:18:96:
36:df:08:94:8e:ec:23:7b:8e:dc:af:e9:b4:0b:e5:6f:75:9e:
80:14:b0:ce:d5:da:fa:25:2d:e4:1b:d7:c2:30:c9:c6:f2:a8:
3b:26:76:07:ba:22:03:25:4a:a7:19:73:e7:8d:61:e6:2a:f0:
42:43:1d:91:4a:25:af:3b:fa:13:77:a9:a5:42:3b:10:f5:a9:
c2:75:53:42:ea:81:84:13:d4:1d:43:69:98:21:3b:04:b9:fa:
72:de:b1:0d:19:3f:73:aa:64:04:4b:c6:b8:4c:a9:2c:21:48:
cd:c3:1d:a3:36:ba:8c:db:da:45:66:c1:73:0f:47:2a:b1:6e:
04:e0:99:ce:da:74:29:f1:a7:fc:c8:53:fb:c4:e5:e4:c2:98:
5b:df:89:5e:ac:01:38:f2:dd:e5:67:b8:16:ad:67:73:26:6f:
d7:21:57:dc:ea:ea:8f:62:84:84:d0:42:e4:32:09:55:63:35:
c0:de:b0:b6:69:53:3a:51:8b:fa:35:62:57:a3:41:00:18:b4:
da:69:88:d3:fb:a9:d7:19:17:85:17:50:3f:7d:1a:64:0b:75:
4c:bc:b5:df:19:9b:ff:36:07:9d:e3:e7:e0:61:a8:fa:89:ce:
24:23:02:17
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ9rc0ksW0BcjqsRYynfSPUYlGFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwNTFaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiZDM5ZDQ3MzA2MzAyZDM2M2VkMDc2ZjMzODY4NmQxOGM4MTM4NWI4OGM0
MTliNDQ5ZjZkMjQyMTFlOTcyYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsTG7nQj6+sQmgQkBfrfF/K4fm2dXA+t2utFt2yZkmqVzMxU05k3iwrO6kS
xxNP6nnSKI5l8fOWZ2kERAHpoQk+pfEKIJmcncihf6NJuqG69qi/VHF4oEFAmqr3
4IJBjhQOnNlZVYr5gjQP7wcXs6q9grPmmr1t3Z85Dg7E8rc/IL9WpxJTtbrSazqe
IUDKJp/fAcQPThGdAQDJ1aOrmiBF0+4ZVIFmgrZKib41ZNqRme6BswcW1kVKLnuo
Usf5uCg72vWNzE5S4t6Txov0BCIaiSDbEjdLwAg2VnKWjnx0xPbNrhkUaW5Q9F1A
yuCGd/oJLJC8yCCh/SjED4HL4y8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTxjNFz
eH+xYhiqld/Dm//ORuKunzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ3ZmMwMjYtZDRiZi00Nzg1LWEzMzktMDUwYzNmZTUzNTJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fuw
MA0GCSqGSIb3DQEBCwUAA4IBAQCWX9rE2g+NTqbbt+IkkIW/GJY23wiUjuwje47c
r+m0C+VvdZ6AFLDO1dr6JS3kG9fCMMnG8qg7JnYHuiIDJUqnGXPnjWHmKvBCQx2R
SiWvO/oTd6mlQjsQ9anCdVNC6oGEE9QdQ2mYITsEufpy3rENGT9zqmQES8a4TKks
IUjNwx2jNrqM29pFZsFzD0cqsW4E4JnO2nQp8af8yFP7xOXkwphb34lerAE48t3l
Z7gWrWdzJm/XIVfc6uqPYoSE0ELkMglVYzXA3rC2aVM6UYv6NWJXo0EAGLTaaYjT
+6nXGReFF1A/fRpkC3VMvLXfGZv/Nged4+fgYaj6ic4kIwIX
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:37:47 2025 by rpki-client