Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5a32444-87c2-4f23-8d55-f6b0929e3941.roa
File: f5a32444-87c2-4f23-8d55-f6b0929e3941.roa (raw, json)
Hash identifier: JVNvTnXuwFFCEm1cUaVq0S91ycuzUvYHpODYzoM0UjM=
Subject key identifier: FB:AA:AD:8F:BF:D2:AF:ED:0E:8C:B3:7E:22:E0:8F:BD:9E:BE:8D:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 104166A932B7880EF5893223CF4C1322C4ACE8DF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5a32444-87c2-4f23-8d55-f6b0929e3941.roa
Signing time: Mon 12 May 2025 16:20:21 +0000
ROA not before: Mon 12 May 2025 16:20:21 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:4000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:41:66:a9:32:b7:88:0e:f5:89:32:23:cf:4c:13:22:c4:ac:e8:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 12 16:20:21 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=b9a8e20d29328457e9829e28433c987e9a5f6a789367b72b60b3ae6f61bf0b82, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:da:33:3a:dc:97:b8:bf:bb:60:2c:c6:e8:6b:
d1:5f:d3:2a:eb:31:c7:99:15:31:8f:e2:1b:15:2c:
71:a6:9d:03:9e:07:21:d7:b0:df:11:3b:37:b2:b4:
07:24:26:b6:f8:94:79:5e:b0:87:3b:0e:5b:eb:46:
7e:fa:37:81:ef:d1:f5:f6:81:a2:12:07:78:27:3d:
9b:30:7d:f5:b7:37:9a:41:66:cb:3a:50:49:46:38:
49:5c:f8:f7:dc:85:24:f5:aa:75:0e:07:6f:bd:cd:
a4:4b:cd:1d:0a:d0:43:b2:1f:0a:86:a3:d9:cd:19:
3d:3d:9a:fc:f5:48:41:ee:8c:49:02:a2:3a:dd:cb:
51:a7:34:7e:dc:62:5a:5d:e2:0f:c3:e1:d5:ba:ad:
b9:be:17:0b:be:6e:61:59:80:a2:02:69:db:19:8b:
69:ee:d9:d0:e6:f2:b4:cc:30:04:da:3e:9a:d1:41:
b8:2b:03:79:02:21:dc:1c:78:15:94:f7:11:f4:8f:
e9:a1:cc:fc:67:d0:1c:a2:d8:3b:63:e1:b1:bc:e0:
35:1f:ab:87:83:cb:0f:08:21:04:c3:a9:70:50:c2:
71:06:ce:7d:b6:c8:0d:22:ea:53:56:31:c5:48:6f:
6d:c5:30:69:a0:cb:e7:a2:7e:54:ea:75:ea:44:19:
03:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:AA:AD:8F:BF:D2:AF:ED:0E:8C:B3:7E:22:E0:8F:BD:9E:BE:8D:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f5a32444-87c2-4f23-8d55-f6b0929e3941.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
0d:f8:2d:25:08:7f:6c:6b:ea:1f:47:cf:b6:6c:17:f2:5e:3b:
5f:94:b7:3a:18:19:0f:b5:2f:a0:83:44:72:f9:26:6f:97:07:
78:30:69:45:0d:4e:c8:f6:d3:9c:be:20:56:98:de:66:3d:cd:
4b:40:b4:6b:20:c7:35:3e:88:76:a5:40:0b:43:14:2b:f9:9d:
2b:2c:25:f1:68:90:00:26:e3:44:7f:3b:e8:45:eb:a0:a9:07:
8c:c7:b5:db:44:59:e6:e2:69:bc:36:ab:bf:13:c8:7d:44:9d:
27:b1:ed:fc:92:d0:6a:ac:b1:6e:d0:21:e4:0f:d6:10:9a:5d:
89:4f:0d:89:ad:ba:35:6c:48:f4:89:a0:db:43:6e:f6:18:43:
1f:33:59:ae:95:b3:00:0d:12:6b:44:69:fa:0f:f6:3f:43:56:
fb:c8:85:8c:bd:88:67:de:13:0f:64:c1:6f:f9:7b:ba:a9:e1:
15:11:56:25:67:bf:0a:35:d2:1a:bd:b4:b6:58:f4:fc:31:6e:
04:b8:38:42:6c:52:b4:f3:3b:1f:b9:a0:80:2b:01:14:69:3e:
2f:e4:3d:b7:ff:5c:e6:d3:41:b8:89:78:06:c3:0d:d7:8c:06:
de:fb:c8:35:90:4b:39:3b:0b:b1:e7:0e:03:48:5f:e2:dc:ef:
a4:7c:f0:b5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEEFmqTK3iA71iTIjz0wTIsSs6N8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTIxNjIwMjFaFw0yNTA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5YThlMjBkMjkzMjg0NTdlOTgyOWUyODQzM2M5ODdlOWE1ZjZhNzg5MzY3
YjcyYjYwYjNhZTZmNjFiZjBiODIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOHaMzrcl7i/u2Asxuhr0V/TKusxx5kVMY/iGxUscaadA54HIdew3xE7N7K0
ByQmtviUeV6whzsOW+tGfvo3ge/R9faBohIHeCc9mzB99bc3mkFmyzpQSUY4SVz4
99yFJPWqdQ4Hb73NpEvNHQrQQ7IfCoaj2c0ZPT2a/PVIQe6MSQKiOt3LUac0ftxi
Wl3iD8Ph1bqtub4XC75uYVmAogJp2xmLae7Z0ObytMwwBNo+mtFBuCsDeQIh3Bx4
FZT3EfSP6aHM/GfQHKLYO2PhsbzgNR+rh4PLDwghBMOpcFDCcQbOfbbIDSLqU1Yx
xUhvbcUwaaDL56J+VOp16kQZAxMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT7qq2P
v9Kv7Q6Ms34i4I+9nr6NhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjVhMzI0NDQtODdjMi00ZjIzLThkNTUtZjZiMDkyOWUzOTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FtA
MA0GCSqGSIb3DQEBCwUAA4IBAQAN+C0lCH9sa+ofR8+2bBfyXjtflLc6GBkPtS+g
g0Ry+SZvlwd4MGlFDU7I9tOcviBWmN5mPc1LQLRrIMc1Poh2pUALQxQr+Z0rLCXx
aJAAJuNEfzvoReugqQeMx7XbRFnm4mm8Nqu/E8h9RJ0nse38ktBqrLFu0CHkD9YQ
ml2JTw2Jrbo1bEj0iaDbQ272GEMfM1mulbMADRJrRGn6D/Y/Q1b7yIWMvYhn3hMP
ZMFv+Xu6qeEVEVYlZ78KNdIavbS2WPT8MW4EuDhCbFK08zsfuaCAKwEUaT4v5D23
/1zm00G4iXgGww3XjAbe+8g1kEs5Owux5w4DSF/i3O+kfPC1
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:28 2025 by rpki-client