Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e1caf547-2935-44bf-98d9-79d19e0e8d09.roa
File: e1caf547-2935-44bf-98d9-79d19e0e8d09.roa (raw, json)
Hash identifier: EC/DfPExfctXYdlAsr9/kSyKgdeK7DIknBnwbYrVLRo=
Subject key identifier: 0E:39:D3:B5:60:EF:37:89:9A:68:AE:03:F6:98:74:32:2F:C5:3F:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7D4BE469B70F69335AF4D5DA4C10BD3E711C5C02
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e1caf547-2935-44bf-98d9-79d19e0e8d09.roa
Signing time: Thu 22 May 2025 01:24:05 +0000
ROA not before: Thu 22 May 2025 01:24:05 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:c080::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:4b:e4:69:b7:0f:69:33:5a:f4:d5:da:4c:10:bd:3e:71:1c:5c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:24:05 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=24c1b369b3ec44725992e2c9a4a2ee8fd146a7891fe42be1b2038789071f3f76, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:07:cc:0e:86:31:21:be:62:ab:cd:74:ac:ef:
2b:f7:36:f6:14:f6:ef:26:25:a9:05:36:6e:df:3b:
bf:0b:4d:2e:5f:c4:e7:21:ec:39:bf:bf:56:be:80:
6b:f4:bd:a8:81:8b:a9:c7:72:4b:f0:81:0a:ad:12:
f2:a6:05:54:38:3d:30:dc:57:8a:bf:33:98:1a:b6:
06:e5:11:04:8d:5e:45:89:fd:b7:d6:c7:c3:5c:02:
38:9e:0d:9a:d8:99:a4:d0:37:52:5b:fa:ea:6e:1a:
91:2e:ca:3c:6e:aa:5b:bb:86:38:b6:0e:3b:9f:af:
70:98:4b:a2:02:27:df:b2:a7:35:57:66:1e:eb:93:
ef:3c:4f:4d:03:22:24:f3:da:a2:f5:ed:90:58:5a:
a9:ef:18:09:d4:28:a6:65:25:80:6a:0e:3e:5a:87:
44:5b:c3:2f:9b:94:3b:a3:94:0d:91:22:2e:a1:f9:
55:3b:b4:bb:61:20:7f:19:a8:fe:88:10:d7:91:e3:
61:05:75:23:4a:9c:cf:6d:0d:10:be:72:69:a0:8a:
7c:81:57:30:6a:49:a8:21:9b:e6:66:b1:80:d9:0a:
d0:97:c6:b3:8a:ca:29:4f:8e:19:90:a4:e4:3c:51:
ed:32:47:bf:fb:28:88:4b:38:63:2c:d2:90:28:17:
e1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:39:D3:B5:60:EF:37:89:9A:68:AE:03:F6:98:74:32:2F:C5:3F:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e1caf547-2935-44bf-98d9-79d19e0e8d09.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:c080::/48
Signature Algorithm: sha256WithRSAEncryption
87:17:a2:7b:f7:1f:1a:35:c2:86:a4:66:dd:eb:ef:32:40:73:
8a:df:d8:56:df:9a:b8:db:5c:36:43:22:ec:c6:79:d4:b5:1e:
fc:4f:74:cd:22:e4:7b:f1:26:72:e6:a6:56:00:89:e6:52:33:
f2:37:20:5a:60:90:a8:bc:db:9f:96:11:e5:ca:9a:95:1d:91:
ce:96:b9:49:e8:45:70:4d:c0:33:f1:a2:55:b5:4b:51:5f:50:
e5:44:d4:bc:80:c8:a2:f3:1d:4c:ae:17:7e:d9:55:cf:17:3f:
0f:1a:dc:98:1d:82:5b:f5:58:e2:8c:02:4f:a8:15:77:36:b5:
17:15:a0:c4:e5:59:cd:05:c6:aa:d8:8c:64:09:28:02:0b:5c:
d6:ea:e8:55:08:ce:42:26:92:8b:6c:2f:74:a0:9e:51:f8:2e:
87:ec:8e:a1:31:9d:67:c7:2a:be:b5:1f:c9:95:18:3d:03:b1:
31:d9:bb:5c:c8:1e:2b:2b:3f:06:a9:1a:9a:46:97:9f:6c:e5:
9f:45:2b:f5:6d:46:91:53:ae:7b:2b:ec:18:eb:e4:d4:cb:ed:
33:ad:1f:33:39:af:e5:85:12:6c:73:02:f4:4b:14:95:09:f0:
f1:2d:9e:72:d5:d3:4a:e7:8b:57:03:2a:bd:53:ae:7c:fb:b0:
76:15:2c:ea
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfUvkabcPaTNa9NXaTBC9PnEcXAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTI0MDVaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0YzFiMzY5YjNlYzQ0NzI1OTkyZTJjOWE0YTJlZThmZDE0NmE3ODkxZmU0
MmJlMWIyMDM4Nzg5MDcxZjNmNzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMHzA6GMSG+YqvNdKzvK/c29hT27yYlqQU2bt87vwtNLl/E5yHsOb+/Vr6A
a/S9qIGLqcdyS/CBCq0S8qYFVDg9MNxXir8zmBq2BuURBI1eRYn9t9bHw1wCOJ4N
mtiZpNA3Ulv66m4akS7KPG6qW7uGOLYOO5+vcJhLogIn37KnNVdmHuuT7zxPTQMi
JPPaovXtkFhaqe8YCdQopmUlgGoOPlqHRFvDL5uUO6OUDZEiLqH5VTu0u2Egfxmo
/ogQ15HjYQV1I0qcz20NEL5yaaCKfIFXMGpJqCGb5maxgNkK0JfGs4rKKU+OGZCk
5DxR7TJHv/soiEs4YyzSkCgX4aMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQOOdO1
YO83iZporgP2mHQyL8U/rTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTFjYWY1NDctMjkzNS00NGJmLTk4ZDktNzlkMTllMGU4ZDA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FnA
gDANBgkqhkiG9w0BAQsFAAOCAQEAhxeie/cfGjXChqRm3evvMkBzit/YVt+auNtc
NkMi7MZ51LUe/E90zSLke/EmcuamVgCJ5lIz8jcgWmCQqLzbn5YR5cqalR2Rzpa5
SehFcE3AM/GiVbVLUV9Q5UTUvIDIovMdTK4XftlVzxc/DxrcmB2CW/VY4owCT6gV
dza1FxWgxOVZzQXGqtiMZAkoAgtc1uroVQjOQiaSi2wvdKCeUfguh+yOoTGdZ8cq
vrUfyZUYPQOxMdm7XMgeKys/BqkamkaXn2zln0Ur9W1GkVOueyvsGOvk1MvtM60f
Mzmv5YUSbHMC9EsUlQnw8S2ectXTSueLVwMqvVOufPuwdhUs6g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:05:13 2025 by rpki-client