Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3218e14-7351-4916-8f96-9f1bc2dc84b3.roa
File: e3218e14-7351-4916-8f96-9f1bc2dc84b3.roa (raw, json)
Hash identifier: 2UC2v6ehkY8n+XAXGc3nI2O1MGpKKDzkVpfNAT8EXxs=
Subject key identifier: 4E:CB:66:25:46:E5:23:04:65:29:94:9A:48:74:7E:70:D6:58:8F:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05397D31033C5D4537E001BA5E63D2150BCDDB2D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3218e14-7351-4916-8f96-9f1bc2dc84b3.roa
Signing time: Mon 12 May 2025 16:20:12 +0000
ROA not before: Mon 12 May 2025 16:20:12 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:2000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:39:7d:31:03:3c:5d:45:37:e0:01:ba:5e:63:d2:15:0b:cd:db:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:12 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=26bac5c3eea97b147a6542caec95927f134c35df89fa489665b618cd171fec25, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ee:be:72:dc:6f:86:82:53:ba:06:46:a8:a1:
6a:ad:34:ac:45:3e:11:a3:04:4e:ef:f5:0a:07:4e:
b1:96:43:53:fa:a9:42:42:1a:31:22:2c:d6:a7:5b:
f0:74:2f:ce:50:d6:2c:ea:15:eb:24:de:32:93:35:
78:8a:ec:17:11:42:88:e8:00:1f:7a:67:0f:b3:1f:
8d:a9:12:aa:f1:7e:1b:cb:e3:40:bd:e5:2b:4d:3c:
13:8d:6c:78:a2:92:f1:cc:c6:89:59:e5:b1:9f:5b:
7a:f3:f5:77:40:3a:56:2a:7b:e1:16:75:b8:dd:89:
64:e0:41:1d:29:0e:51:f0:7e:99:3b:1e:06:cd:51:
91:b2:1c:4e:c3:bb:94:ff:35:ca:5e:56:fd:63:2a:
fa:82:0f:ce:78:9d:12:c8:10:4a:63:3a:43:83:50:
9f:d8:fe:8f:79:53:ed:83:d2:4b:e8:e6:ec:be:5e:
cd:7b:12:46:4c:17:fb:43:39:09:45:79:e4:12:32:
74:05:94:47:ae:ad:ca:7e:25:9a:1d:24:80:4e:5d:
18:90:83:e1:5d:75:3e:8b:09:f7:fc:f5:51:8c:a8:
d8:9c:44:56:af:cb:3d:1e:1a:70:ab:64:23:7b:96:
ff:d0:40:fa:01:eb:2f:23:c0:39:2e:06:cf:6a:d2:
c7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CB:66:25:46:E5:23:04:65:29:94:9A:48:74:7E:70:D6:58:8F:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3218e14-7351-4916-8f96-9f1bc2dc84b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:2000::/40
Signature Algorithm: sha256WithRSAEncryption
30:0c:7e:1f:98:3d:bd:9c:bd:dc:a7:95:bb:dd:b3:38:9b:71:
0b:33:41:f6:c3:5a:43:a7:93:98:4b:c2:5e:99:a4:90:6d:91:
3d:fb:8a:23:45:64:3c:62:00:28:6e:2d:60:a4:8c:45:47:d4:
46:68:24:e3:6b:f6:10:7c:0d:0a:31:f9:5a:8f:80:b6:0f:c5:
da:c9:fd:cb:17:6a:41:15:48:51:4e:d2:73:df:54:0c:ca:22:
8c:bf:41:ef:59:45:d6:de:ca:e3:6f:b9:12:9b:15:ac:ac:dd:
e7:22:1d:14:5e:3e:8e:0f:6d:6a:29:37:84:fd:12:49:78:cf:
69:7b:1a:54:f1:91:26:d1:bc:0c:b4:30:c1:19:bb:30:30:cf:
ee:68:c4:77:62:3c:47:88:e2:c5:20:94:31:40:1f:38:33:33:
08:76:29:db:13:79:b4:83:8c:43:17:96:e4:bf:24:84:84:99:
4b:48:f3:db:42:c9:b4:82:e7:54:9a:a5:22:db:65:1d:52:df:
f4:2d:4c:29:9c:01:7a:ef:4c:4c:f4:03:e5:97:7b:24:e6:da:
ea:53:6b:56:73:cb:bb:ed:c4:40:55:73:9f:16:b3:19:f4:a7:
0a:34:ab:b1:75:d8:06:b6:74:ec:3e:13:f9:bc:e1:94:3f:2e:
3b:05:0e:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBTl9MQM8XUU34AG6XmPSFQvN2y0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMTJaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2YmFjNWMzZWVhOTdiMTQ3YTY1NDJjYWVjOTU5MjdmMTM0YzM1ZGY4OWZh
NDg5NjY1YjYxOGNkMTcxZmVjMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDuvnLcb4aCU7oGRqihaq00rEU+EaMETu/1CgdOsZZDU/qpQkIaMSIs1qdb
8HQvzlDWLOoV6yTeMpM1eIrsFxFCiOgAH3pnD7MfjakSqvF+G8vjQL3lK008E41s
eKKS8czGiVnlsZ9bevP1d0A6Vip74RZ1uN2JZOBBHSkOUfB+mTseBs1RkbIcTsO7
lP81yl5W/WMq+oIPznidEsgQSmM6Q4NQn9j+j3lT7YPSS+jm7L5ezXsSRkwX+0M5
CUV55BIydAWUR66tyn4lmh0kgE5dGJCD4V11PosJ9/z1UYyo2JxEVq/LPR4acKtk
I3uW/9BA+gHrLyPAOS4Gz2rSxyECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROy2Yl
RuUjBGUplJpIdH5w1liPvjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTMyMThlMTQtNzM1MS00OTE2LThmOTYtOWYxYmMyZGM4NGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G4g
MA0GCSqGSIb3DQEBCwUAA4IBAQAwDH4fmD29nL3cp5W73bM4m3ELM0H2w1pDp5OY
S8JemaSQbZE9+4ojRWQ8YgAobi1gpIxFR9RGaCTja/YQfA0KMflaj4C2D8Xayf3L
F2pBFUhRTtJz31QMyiKMv0HvWUXW3srjb7kSmxWsrN3nIh0UXj6OD21qKTeE/RJJ
eM9pexpU8ZEm0bwMtDDBGbswMM/uaMR3YjxHiOLFIJQxQB84MzMIdinbE3m0g4xD
F5bkvySEhJlLSPPbQsm0gudUmqUi22UdUt/0LUwpnAF670xM9APll3sk5trqU2tW
c8u77cRAVXOfFrMZ9KcKNKuxddgGtnTsPhP5vOGUPy47BQ6L
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:03:19 2025 by rpki-client