Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9ed00cb-4182-4753-ab09-f88dbd2952b0.roa
File: e9ed00cb-4182-4753-ab09-f88dbd2952b0.roa (raw, json)
Hash identifier: Ut/U+DT2+pM1d7gjQFNvcKIpSrQt3DLxoXE2YK91j84=
Subject key identifier: 9C:28:2E:96:B2:32:9B:A9:BD:57:2F:8C:6F:BC:EF:BB:8B:E5:6E:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32D9B4C5B6624D42A70F1417F9ED6818D0A26DC9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9ed00cb-4182-4753-ab09-f88dbd2952b0.roa
Signing time: Mon 31 Mar 2025 20:50:24 +0000
ROA not before: Mon 31 Mar 2025 20:50:24 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06e:e000::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Apr 2025 13:52:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:d9:b4:c5:b6:62:4d:42:a7:0f:14:17:f9:ed:68:18:d0:a2:6d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:50:24 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=5afb0d2912ceec857246577116e1aa4e53fc80e1217bd9d20e69874dd1745385, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c3:af:fd:66:e9:1d:f3:a4:79:1f:12:9b:66:
48:1d:4d:9b:e2:b9:75:04:76:d0:9b:be:6b:fb:15:
68:ff:e8:11:2b:b5:95:8a:30:b7:4b:9a:88:f2:e9:
1d:bb:37:9d:db:7a:22:ae:68:3d:66:66:9b:7a:e0:
11:f4:78:86:70:ea:be:19:3f:a9:ef:1c:e7:49:15:
55:c5:e2:bf:9f:7b:14:99:97:ad:b2:aa:e9:53:b3:
78:33:43:0b:70:d5:5d:52:89:a9:62:5b:9c:e6:ac:
f9:2b:1e:f0:fd:90:23:9b:13:60:20:dc:a3:f5:6b:
6e:b4:1b:bf:92:d5:68:21:52:1b:52:25:3c:11:d0:
b4:e7:dd:6e:78:73:77:4e:48:84:27:a1:54:46:f6:
54:cf:f2:da:11:7d:34:23:2d:72:f0:3b:df:37:4f:
79:d6:ee:1c:38:ee:58:3f:53:eb:8b:0d:e3:d4:a6:
97:ab:b8:8f:10:2f:09:37:4c:c9:b4:f9:f8:92:de:
d0:4d:d8:fb:d3:dd:0b:8c:c3:ab:62:d7:f1:6c:93:
80:68:24:90:58:d9:34:24:22:05:31:de:89:cc:45:
21:66:14:d0:c1:e2:9b:f6:5f:72:5e:91:32:c6:59:
b1:3e:b1:91:5e:4a:9e:94:6d:4a:aa:39:d4:0c:40:
6c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:28:2E:96:B2:32:9B:A9:BD:57:2F:8C:6F:BC:EF:BB:8B:E5:6E:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9ed00cb-4182-4753-ab09-f88dbd2952b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06e:e000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:b2:62:99:d7:d5:05:a5:9b:7b:c1:d6:fd:62:d8:d6:4b:90:
38:e9:06:e0:8e:a5:ec:f4:d8:6e:26:62:35:b3:88:7c:fa:69:
0d:62:fc:78:41:23:d3:10:ed:26:64:5d:b8:23:0f:d2:01:76:
f6:1b:ca:17:27:77:53:2a:8e:3c:1a:37:85:ff:05:c5:c8:a2:
57:33:60:c1:9b:5a:26:d8:e9:f8:70:72:47:1d:ed:fd:9b:25:
94:7d:2f:87:e1:43:fe:37:a6:ab:3c:41:1d:13:70:38:25:23:
92:50:5e:1a:c7:2f:f0:cf:d0:cb:bb:63:29:d3:45:74:1d:f5:
70:d5:ed:4d:0d:36:b9:f7:c7:f5:a7:f5:f2:f1:17:ab:7b:ba:
24:0d:ce:50:31:56:16:4c:88:e1:c7:1a:67:21:c5:df:4f:e6:
8c:b1:26:cf:d2:77:ed:cc:44:fe:1c:35:ec:3e:be:56:ce:e0:
24:32:62:23:d3:32:fe:1a:12:4c:ad:70:24:c5:02:90:9b:7a:
30:9b:9a:77:12:01:9f:6d:84:d0:d7:61:b6:e2:c5:a7:df:35:
42:30:d0:04:d5:f9:f6:58:70:97:df:c0:67:64:f6:47:dc:fa:
25:f6:02:bc:02:0c:c5:44:ea:bd:57:fb:92:96:ff:f1:9f:3d:
fc:51:9e:be
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMtm0xbZiTUKnDxQX+e1oGNCibckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDUwMjRaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhZmIwZDI5MTJjZWVjODU3MjQ2NTc3MTE2ZTFhYTRlNTNmYzgwZTEyMTdi
ZDlkMjBlNjk4NzRkZDE3NDUzODUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7Dr/1m6R3zpHkfEptmSB1Nm+K5dQR20Ju+a/sVaP/oESu1lYowt0uaiPLp
Hbs3ndt6Iq5oPWZmm3rgEfR4hnDqvhk/qe8c50kVVcXiv597FJmXrbKq6VOzeDND
C3DVXVKJqWJbnOas+Sse8P2QI5sTYCDco/VrbrQbv5LVaCFSG1IlPBHQtOfdbnhz
d05IhCehVEb2VM/y2hF9NCMtcvA73zdPedbuHDjuWD9T64sN49Sml6u4jxAvCTdM
ybT5+JLe0E3Y+9PdC4zDq2LX8WyTgGgkkFjZNCQiBTHeicxFIWYU0MHim/Zfcl6R
MsZZsT6xkV5KnpRtSqo51AxAbPsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBScKC6W
sjKbqb1XL4xvvO+7i+VugTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTllZDAwY2ItNDE4Mi00NzUzLWFiMDktZjg4ZGJkMjk1MmIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G7g
MA0GCSqGSIb3DQEBCwUAA4IBAQCismKZ19UFpZt7wdb9YtjWS5A46QbgjqXs9Nhu
JmI1s4h8+mkNYvx4QSPTEO0mZF24Iw/SAXb2G8oXJ3dTKo48GjeF/wXFyKJXM2DB
m1om2On4cHJHHe39myWUfS+H4UP+N6arPEEdE3A4JSOSUF4axy/wz9DLu2Mp00V0
HfVw1e1NDTa598f1p/Xy8Rere7okDc5QMVYWTIjhxxpnIcXfT+aMsSbP0nftzET+
HDXsPr5WzuAkMmIj0zL+GhJMrXAkxQKQm3owm5p3EgGfbYTQ12G24sWn3zVCMNAE
1fn2WHCX38BnZPZH3Pol9gK8AgzFROq9V/uSlv/xnz38UZ6+
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:36 2025 by rpki-client