Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ee9724cc-614c-478b-9858-9bedc62207c7.roa
File: ee9724cc-614c-478b-9858-9bedc62207c7.roa (raw, json)
Hash identifier: rZKtv5nOZI/3sltnXEXiuhxt/cwLJ6ddH9/txhvQu30=
Subject key identifier: BE:EF:DD:95:4B:AB:83:A6:37:5D:B0:9D:CE:1A:07:76:4D:23:15:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7216D81C49ACA3F0125E3F80B1B6E52371FBA4DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ee9724cc-614c-478b-9858-9bedc62207c7.roa
Signing time: Thu 17 Apr 2025 16:37:07 +0000
ROA not before: Thu 17 Apr 2025 16:37:07 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:1000::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 17 Apr 2025 20:37:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:16:d8:1c:49:ac:a3:f0:12:5e:3f:80:b1:b6:e5:23:71:fb:a4:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:37:07 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=4f907c1d74454e9d5707ca125ee5e68fdc4c533313121edf7cc86ee9c86a1fd1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f6:21:ff:4e:47:2a:91:ae:e6:6d:10:5e:1b:
0b:fd:34:65:75:4d:fa:66:f0:9f:d5:d1:c7:8a:d4:
32:fc:50:b7:5c:89:b1:70:d3:75:7e:5d:ee:75:a5:
d6:41:de:85:37:47:2d:0d:87:52:5d:14:c5:9a:78:
c3:28:31:92:fb:f1:17:ee:5e:b6:19:a1:1a:86:dd:
13:fe:cd:33:da:87:07:d8:09:89:e2:72:0b:c0:00:
60:d2:6b:23:20:4e:84:28:24:68:9e:ec:53:ee:ec:
39:c8:67:bf:eb:06:59:7c:1f:9e:d3:d3:2d:4d:1c:
bf:2f:ce:e9:55:1e:7c:ef:34:84:11:02:3b:3d:4b:
4d:05:fb:e7:59:3f:0c:4c:25:73:63:de:0c:b6:40:
2e:d3:5d:21:5d:24:81:23:c7:ef:d2:7c:0a:17:ee:
3f:c9:c9:8e:55:b8:db:ec:9b:48:ce:8f:0a:44:72:
1a:f1:42:c7:e0:60:57:fe:d9:c9:a6:ac:7b:ed:44:
98:ee:7b:c1:d5:06:a5:bc:53:41:dd:7c:7d:1a:b3:
f6:00:f6:22:79:ec:bf:e4:81:f9:27:09:98:cf:7d:
1a:8f:ec:2a:4d:5d:af:59:4d:0b:0b:1b:86:7a:55:
1e:fa:d9:1f:48:6a:9a:27:82:73:b1:ce:50:f9:fb:
ba:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:EF:DD:95:4B:AB:83:A6:37:5D:B0:9D:CE:1A:07:76:4D:23:15:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ee9724cc-614c-478b-9858-9bedc62207c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:1000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:36:b3:89:58:31:e9:c8:08:41:89:c4:7c:03:3a:54:f6:29:
8f:7e:bc:ac:f0:04:b4:0c:c3:89:64:e9:9b:18:15:a5:43:99:
75:66:3a:49:72:85:e0:54:6e:18:33:d1:35:63:b2:84:ea:54:
ec:d5:0a:58:be:36:de:11:61:00:d2:70:a2:22:ad:26:42:70:
d5:6d:d4:2c:4a:98:9f:36:61:0c:81:54:00:75:08:c1:ba:ba:
4c:7c:02:33:99:12:bd:3a:52:f5:61:66:50:67:2f:9d:25:75:
d2:7d:eb:a3:76:c8:90:b2:99:80:c8:15:98:ed:fe:cb:86:1e:
bd:14:0b:ab:6c:ab:62:33:0d:26:ea:e4:a0:33:2a:0c:ab:16:
c7:ba:2b:3b:5c:11:a1:10:e5:ad:66:53:a8:1c:38:41:6c:23:
40:58:bc:be:b3:9f:aa:1f:ed:c6:3e:83:aa:de:a6:be:6e:c4:
de:b1:a0:67:5e:71:47:e4:7f:29:80:95:a0:87:e9:84:71:44:
76:c1:47:4d:0d:6d:3f:c9:e0:48:f6:75:58:31:f5:02:7e:33:
5d:b9:6e:8f:53:43:ea:cc:51:97:f2:54:5a:05:db:10:98:46:
3e:15:c1:e6:11:2e:8b:8c:b6:f5:88:52:62:6b:b8:8c:d1:b8:
b3:83:b6:09
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUchbYHEmso/ASXj+AsbblI3H7pN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM3MDdaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmOTA3YzFkNzQ0NTRlOWQ1NzA3Y2ExMjVlZTVlNjhmZGM0YzUzMzMxMzEy
MWVkZjdjYzg2ZWU5Yzg2YTFmZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKz2If9ORyqRruZtEF4bC/00ZXVN+mbwn9XRx4rUMvxQt1yJsXDTdX5d7nWl
1kHehTdHLQ2HUl0UxZp4wygxkvvxF+5ethmhGobdE/7NM9qHB9gJieJyC8AAYNJr
IyBOhCgkaJ7sU+7sOchnv+sGWXwfntPTLU0cvy/O6VUefO80hBECOz1LTQX751k/
DEwlc2PeDLZALtNdIV0kgSPH79J8ChfuP8nJjlW42+ybSM6PCkRyGvFCx+BgV/7Z
yaase+1EmO57wdUGpbxTQd18fRqz9gD2Innsv+SB+ScJmM99Go/sKk1dr1lNCwsb
hnpVHvrZH0hqmieCc7HOUPn7uo0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS+792V
S6uDpjddsJ3OGgd2TSMV3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWU5NzI0Y2MtNjE0Yy00NzhiLTk4NTgtOWJlZGM2MjIwN2M3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FsQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDHNrOJWDHpyAhBicR8AzpU9imPfrys8AS0DMOJ
ZOmbGBWlQ5l1ZjpJcoXgVG4YM9E1Y7KE6lTs1QpYvjbeEWEA0nCiIq0mQnDVbdQs
SpifNmEMgVQAdQjBurpMfAIzmRK9OlL1YWZQZy+dJXXSfeujdsiQspmAyBWY7f7L
hh69FAurbKtiMw0m6uSgMyoMqxbHuis7XBGhEOWtZlOoHDhBbCNAWLy+s5+qH+3G
PoOq3qa+bsTesaBnXnFH5H8pgJWgh+mEcUR2wUdNDW0/yeBI9nVYMfUCfjNduW6P
U0PqzFGX8lRaBdsQmEY+FcHmES6LjLb1iFJia7iM0bizg7YJ
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:26 2025 by rpki-client