Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b82baf-a862-4798-9499-b15840762228.roa
File: f0b82baf-a862-4798-9499-b15840762228.roa (raw, json)
Hash identifier: tEqfDWvVn4R+DOyGAIIYktpej2tum4tY6asIXFnkoXw=
Subject key identifier: 56:D3:25:8B:37:72:7C:48:2C:31:50:8D:A8:51:22:D8:38:6D:DF:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 782B0545B1B165BDC9BFC175D1F3A337E306141F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b82baf-a862-4798-9499-b15840762228.roa
Signing time: Mon 12 May 2025 16:20:11 +0000
ROA not before: Mon 12 May 2025 16:20:11 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:800::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:2b:05:45:b1:b1:65:bd:c9:bf:c1:75:d1:f3:a3:37:e3:06:14:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:11 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=8adb45804a5e35b90aee0907902f9d9cd3006473b118151dab1d0247ea0cd889, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e8:8a:09:c1:ab:24:6a:9d:97:b5:8d:02:1d:
7f:96:8d:9b:be:31:2a:df:27:9c:b1:ba:98:40:b9:
0b:e1:56:33:a3:f8:f4:38:5b:d8:e1:49:8d:e0:5d:
b4:a7:2c:d7:5d:46:64:07:ef:f2:e6:7a:63:e4:b6:
87:2b:eb:37:74:db:ca:4d:d9:75:08:78:4f:63:cc:
7e:76:a0:b5:31:2c:d1:22:4e:54:08:80:78:3a:ef:
1e:cd:26:b2:a0:1a:40:26:3a:1a:28:8a:12:62:34:
63:57:ee:91:07:d2:45:83:05:9b:a6:4d:86:4a:81:
a3:f9:e5:e3:04:66:49:85:d8:85:57:0a:b9:c3:35:
4d:05:56:3f:38:1d:74:c7:0a:ba:38:ed:c0:fb:4e:
e2:84:d3:d2:5f:53:28:9b:ce:da:73:b3:7c:54:16:
c6:4c:4e:58:9d:b5:f4:49:7b:f4:c6:ba:25:4b:9b:
2b:5a:a0:7a:e5:95:ac:4f:00:b9:20:2e:56:8d:84:
4b:53:f5:35:b4:d0:c9:67:8a:70:8d:7b:66:77:68:
91:47:15:3b:67:8e:72:66:7b:c6:78:51:10:1d:c8:
64:dd:ee:54:8b:f8:ff:6c:9d:dd:c7:dd:64:db:ed:
62:26:74:89:43:ab:47:83:21:5d:47:5c:9d:37:ab:
15:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D3:25:8B:37:72:7C:48:2C:31:50:8D:A8:51:22:D8:38:6D:DF:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f0b82baf-a862-4798-9499-b15840762228.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:800::/40
Signature Algorithm: sha256WithRSAEncryption
06:7b:ae:9f:78:94:6f:97:8d:de:ed:5d:fc:29:fe:c8:f1:11:
3d:d1:70:b5:9d:65:a5:3d:c4:8f:2a:9a:65:29:c3:ae:11:ca:
49:26:cb:10:1f:75:b3:07:49:eb:91:86:55:0f:75:43:8d:54:
51:a0:6c:20:ca:e0:72:bf:95:4d:c4:e1:ef:7f:70:64:63:3d:
c3:69:ef:88:4f:d3:db:5b:40:98:4c:c7:3d:b8:e1:9e:c3:f3:
34:1d:76:b3:aa:e1:bf:43:1c:f7:94:a4:02:ef:fb:0b:ab:34:
be:bc:86:53:58:61:2c:aa:fc:f2:be:d7:2b:1f:1d:fc:27:bd:
b7:b0:9e:80:9b:c1:3a:46:a8:04:fb:0b:fe:1d:90:df:08:aa:
ca:33:36:63:53:d0:7b:00:b0:d8:9d:7d:26:66:eb:16:92:a5:
14:a5:fc:1d:a4:17:ab:c2:c1:1d:43:dd:27:06:7c:aa:d5:c9:
c7:d6:50:75:06:84:ac:dd:42:ff:aa:f3:97:91:8e:16:f8:03:
3b:68:ec:5e:77:9e:e6:04:36:26:d4:f3:6a:1d:77:78:3c:03:
02:6b:40:08:b0:0a:c9:3e:00:d5:f7:7e:01:ed:cd:64:90:97:
b1:2c:c0:a8:11:ab:aa:75:79:93:52:03:43:69:ba:28:3c:b7:
6b:75:25:4e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeCsFRbGxZb3Jv8F10fOjN+MGFB8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMTFaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhZGI0NTgwNGE1ZTM1YjkwYWVlMDkwNzkwMmY5ZDljZDMwMDY0NzNiMTE4
MTUxZGFiMWQwMjQ3ZWEwY2Q4ODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALToignBqyRqnZe1jQIdf5aNm74xKt8nnLG6mEC5C+FWM6P49Dhb2OFJjeBd
tKcs111GZAfv8uZ6Y+S2hyvrN3Tbyk3ZdQh4T2PMfnagtTEs0SJOVAiAeDrvHs0m
sqAaQCY6GiiKEmI0Y1fukQfSRYMFm6ZNhkqBo/nl4wRmSYXYhVcKucM1TQVWPzgd
dMcKujjtwPtO4oTT0l9TKJvO2nOzfFQWxkxOWJ219El79Ma6JUubK1qgeuWVrE8A
uSAuVo2ES1P1NbTQyWeKcI17ZndokUcVO2eOcmZ7xnhREB3IZN3uVIv4/2yd3cfd
ZNvtYiZ0iUOrR4MhXUdcnTerFY0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRW0yWL
N3J8SCwxUI2oUSLYOG3fQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjBiODJiYWYtYTg2Mi00Nzk4LTk0OTktYjE1ODQwNzYyMjI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FsI
MA0GCSqGSIb3DQEBCwUAA4IBAQAGe66feJRvl43e7V38Kf7I8RE90XC1nWWlPcSP
KpplKcOuEcpJJssQH3WzB0nrkYZVD3VDjVRRoGwgyuByv5VNxOHvf3BkYz3Dae+I
T9PbW0CYTMc9uOGew/M0HXazquG/Qxz3lKQC7/sLqzS+vIZTWGEsqvzyvtcrHx38
J723sJ6Am8E6RqgE+wv+HZDfCKrKMzZjU9B7ALDYnX0mZusWkqUUpfwdpBerwsEd
Q90nBnyq1cnH1lB1BoSs3UL/qvOXkY4W+AM7aOxed57mBDYm1PNqHXd4PAMCa0AI
sArJPgDV934B7c1kkJexLMCoEauqdXmTUgNDabooPLdrdSVO
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:40:34 2025 by rpki-client