Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb1b933f-488b-4999-8d01-1b5c2d8459f9.roa
File: eb1b933f-488b-4999-8d01-1b5c2d8459f9.roa (raw, json)
Hash identifier: U+N0cOL+NOH/1+yvx9Gl14Nb8gviUBahXGcek7Y13Is=
Subject key identifier: C8:4C:CA:6A:8A:04:29:94:02:EE:44:F6:FD:50:33:6F:1C:73:12:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1124A4567693105116AE44EEED69F40E6B7AC926
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb1b933f-488b-4999-8d01-1b5c2d8459f9.roa
Signing time: Tue 20 May 2025 18:51:24 +0000
ROA not before: Tue 20 May 2025 18:51:24 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:9000::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:24:a4:56:76:93:10:51:16:ae:44:ee:ed:69:f4:0e:6b:7a:c9:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:51:24 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=8810a7128c9aa412152d0bf1270cd506cdbd8e36c70e89b13a20d92ced569a20, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:20:37:ea:31:1b:2a:d5:75:32:26:de:e0:92:
b4:35:7d:7e:8a:47:4c:19:b0:af:e2:bb:8d:a4:98:
a5:6b:a5:5a:61:a0:d0:2b:58:2a:1b:3a:4c:81:93:
cd:35:7b:0d:b0:47:ba:90:0f:82:30:17:f3:40:41:
ca:e2:ef:27:b9:5f:9c:6b:c2:e6:5e:92:de:5c:89:
dd:2a:ce:a3:30:54:da:08:6f:67:d3:9d:f5:34:6e:
f6:d4:9e:96:23:42:ae:be:c8:b1:36:fe:f8:39:c9:
64:8a:1b:17:1d:1c:30:00:e7:e5:99:2d:bb:f3:b8:
9f:64:01:be:3c:3c:d6:50:d6:6e:b5:de:16:4b:09:
2c:07:c5:74:80:45:81:79:5d:9b:e4:e7:2d:86:db:
b8:2f:a6:a9:b9:40:65:2c:dc:e4:4f:1b:3b:f0:e5:
a4:cb:05:55:1c:23:1d:2f:1f:2a:28:05:24:a0:b8:
1d:da:d9:06:78:15:26:b6:8c:9a:29:e6:74:3f:20:
4f:9c:50:a2:65:3c:20:40:34:56:82:49:ef:8d:9e:
4f:c2:24:a6:2f:1d:61:b8:d5:1c:0b:a1:9d:0d:cc:
53:fc:6d:fd:59:58:7b:12:c9:ad:07:4c:36:f8:07:
de:d8:25:cf:a4:3e:e9:d4:c4:53:15:c5:ef:68:46:
58:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:4C:CA:6A:8A:04:29:94:02:EE:44:F6:FD:50:33:6F:1C:73:12:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb1b933f-488b-4999-8d01-1b5c2d8459f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9000::/40
Signature Algorithm: sha256WithRSAEncryption
b3:f0:7c:0f:2d:36:e8:d2:85:f8:11:26:a5:81:52:60:90:13:
21:04:c5:a2:03:7c:cf:21:23:f3:71:95:3b:7c:6a:24:9c:1c:
af:24:e0:2c:35:3d:1e:0f:6e:91:ba:5e:42:68:fc:39:01:c7:
9c:67:2c:c1:16:3d:1f:e0:a8:42:3d:27:3c:4b:94:a5:f6:93:
53:b6:82:46:46:14:33:6a:3d:80:52:db:e1:be:b1:29:31:75:
b2:07:88:19:a4:aa:3b:0f:2f:7f:68:f7:78:5d:7c:d5:72:e2:
67:91:be:4b:e8:68:2d:26:65:41:60:5b:98:21:2e:2e:d7:2b:
96:38:87:09:0d:e7:39:63:23:c0:43:be:53:9e:35:10:e3:25:
fe:98:d8:44:ff:e4:b3:06:e5:b8:28:38:92:f4:cc:ff:0c:26:
f1:5c:d7:a0:80:4c:dd:f9:7c:eb:8a:d4:ce:57:29:cc:60:0f:
30:23:ce:86:db:b4:3e:62:77:3e:6d:c7:e9:9f:ca:cf:88:cd:
a2:75:18:74:6b:6d:4d:eb:81:6d:91:9a:58:33:00:03:59:f4:
3f:0e:f9:73:83:70:df:f8:7d:55:5f:85:20:bc:78:72:62:17:
c1:3a:49:79:55:ed:d5:20:1e:db:66:fb:15:93:80:c2:2c:06:
99:18:fb:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUESSkVnaTEFEWrkTu7Wn0Dmt6ySYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUxMjRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4MTBhNzEyOGM5YWE0MTIxNTJkMGJmMTI3MGNkNTA2Y2RiZDhlMzZjNzBl
ODliMTNhMjBkOTJjZWQ1NjlhMjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUgN+oxGyrVdTIm3uCStDV9fopHTBmwr+K7jaSYpWulWmGg0CtYKhs6TIGT
zTV7DbBHupAPgjAX80BByuLvJ7lfnGvC5l6S3lyJ3SrOozBU2ghvZ9Od9TRu9tSe
liNCrr7IsTb++DnJZIobFx0cMADn5Zktu/O4n2QBvjw81lDWbrXeFksJLAfFdIBF
gXldm+TnLYbbuC+mqblAZSzc5E8bO/DlpMsFVRwjHS8fKigFJKC4HdrZBngVJraM
minmdD8gT5xQomU8IEA0VoJJ742eT8Ikpi8dYbjVHAuhnQ3MU/xt/VlYexLJrQdM
NvgH3tglz6Q+6dTEUxXF72hGWI0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTITMpq
igQplALuRPb9UDNvHHMS4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWIxYjkzM2YtNDg4Yi00OTk5LThkMDEtMWI1YzJkODQ1OWY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCz8HwPLTbo0oX4ESalgVJgkBMhBMWiA3zPISPz
cZU7fGoknByvJOAsNT0eD26Rul5CaPw5AcecZyzBFj0f4KhCPSc8S5Sl9pNTtoJG
RhQzaj2AUtvhvrEpMXWyB4gZpKo7Dy9/aPd4XXzVcuJnkb5L6GgtJmVBYFuYIS4u
1yuWOIcJDec5YyPAQ75TnjUQ4yX+mNhE/+SzBuW4KDiS9Mz/DCbxXNeggEzd+Xzr
itTOVynMYA8wI86G27Q+Ync+bcfpn8rPiM2idRh0a21N64FtkZpYMwADWfQ/Dvlz
g3Df+H1VX4UgvHhyYhfBOkl5Ve3VIB7bZvsVk4DCLAaZGPsB
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:27 2025 by rpki-client