Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd410136-409f-4c89-bc70-90b55daa78bb.roa
File: fd410136-409f-4c89-bc70-90b55daa78bb.roa (raw, json)
Hash identifier: 7W03n3CpOT25MfD8po+b9QG2QR1JPzV4XUbdTx1VmaU=
Subject key identifier: 2F:2B:4B:96:A2:DE:7C:CE:84:26:19:10:C4:34:2F:AA:D4:4C:D5:81
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A2CB839F70CE511ADFF6FE8E350EC349DFE84C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd410136-409f-4c89-bc70-90b55daa78bb.roa
Signing time: Mon 31 Mar 2025 20:00:10 +0000
ROA not before: Mon 31 Mar 2025 20:00:10 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:80c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 16 Apr 2025 19:22:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:2c:b8:39:f7:0c:e5:11:ad:ff:6f:e8:e3:50:ec:34:9d:fe:84:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 20:00:10 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=b1edbbb71677f36408d415b2ad2199fa9c5600ab4b519b30031d607dea6e82ee, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:97:29:f1:8e:91:d8:26:96:f3:15:b0:14:d6:
49:c6:22:d7:8b:dd:46:d5:a6:43:3d:72:36:6f:ea:
17:bb:38:77:ad:dd:9e:d0:d8:a4:1f:6f:bb:e8:cc:
f4:42:a2:e9:96:08:f8:aa:1c:9f:af:4a:59:e2:13:
28:02:51:64:56:ab:40:73:f1:2a:5f:93:cd:fe:7e:
75:c0:91:c5:c5:4a:53:10:33:1c:16:35:74:b2:83:
80:c6:bc:07:58:b4:d3:7a:48:02:6e:8a:72:77:3e:
61:b6:5a:25:56:74:d8:00:0a:5f:f1:37:4b:30:73:
81:dc:8d:d2:e2:5b:cb:82:1e:ce:14:a7:38:e2:20:
24:97:70:5e:0f:a1:df:34:e4:04:a7:c2:56:65:e5:
be:bc:75:17:fe:26:33:58:4d:42:5c:0e:82:ca:62:
9d:39:c5:4c:5c:65:17:f3:e6:75:6f:95:40:71:4d:
cd:d2:07:77:db:32:fa:2d:8b:eb:12:61:fb:ce:ae:
29:73:aa:bf:d4:29:43:bf:3c:59:3b:8c:9a:6e:1e:
ff:ae:fb:37:f1:4f:cc:2b:22:f4:a9:80:61:2b:a0:
14:62:16:1a:06:07:e4:10:df:95:08:f5:f3:2b:e2:
78:36:4c:d6:40:7a:29:b6:9d:f4:c7:fd:93:8b:f6:
0c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2B:4B:96:A2:DE:7C:CE:84:26:19:10:C4:34:2F:AA:D4:4C:D5:81
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd410136-409f-4c89-bc70-90b55daa78bb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
b1:6c:86:c4:05:bc:4d:2f:f6:45:1b:9c:23:ff:21:13:ce:a6:
8a:a4:cd:87:e5:84:4b:7c:50:11:b5:0d:d5:70:8d:bf:75:b9:
48:0a:27:b7:3a:9b:58:11:d4:d7:85:ba:6f:39:6e:38:7a:5e:
a7:5b:e8:4a:b5:4a:23:ef:8b:11:55:7c:0f:3e:b6:4f:35:f9:
40:bc:89:03:fd:0e:6c:0f:e2:2b:5a:a8:34:31:99:7d:63:05:
99:25:ca:0e:24:d3:27:9d:b5:37:94:6f:3a:59:ed:58:6b:3d:
2f:e4:6f:6a:a9:d1:c7:68:33:cb:c0:39:13:6a:f3:25:e7:fd:
ad:9c:ec:41:48:fa:c2:3d:be:64:a2:08:c4:4d:16:79:f1:d9:
57:da:3b:76:5e:ba:b3:95:1f:af:5c:64:54:68:56:bb:39:04:
8b:70:92:c0:05:da:b1:cf:f7:b4:51:fb:bf:dc:30:e2:3a:23:
5a:47:83:7a:c4:5a:00:33:5f:d9:f6:85:1d:20:3e:77:05:35:
a3:1e:40:b4:e4:6f:2e:d6:85:ee:a9:f5:41:97:c9:b7:1f:5e:
fe:ae:ab:67:80:0e:10:dd:b5:05:6c:1f:0d:7e:31:12:0e:73:
8a:89:6e:76:d5:0d:6d:15:61:26:94:e7:3b:a2:36:73:df:02:
a5:f6:01:af
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCiy4OfcM5RGt/2/o41DsNJ3+hMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzEyMDAwMTBaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxZWRiYmI3MTY3N2YzNjQwOGQ0MTViMmFkMjE5OWZhOWM1NjAwYWI0YjUx
OWIzMDAzMWQ2MDdkZWE2ZTgyZWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJaXKfGOkdgmlvMVsBTWScYi14vdRtWmQz1yNm/qF7s4d63dntDYpB9vu+jM
9EKi6ZYI+Kocn69KWeITKAJRZFarQHPxKl+Tzf5+dcCRxcVKUxAzHBY1dLKDgMa8
B1i003pIAm6Kcnc+YbZaJVZ02AAKX/E3SzBzgdyN0uJby4IezhSnOOIgJJdwXg+h
3zTkBKfCVmXlvrx1F/4mM1hNQlwOgspinTnFTFxlF/PmdW+VQHFNzdIHd9sy+i2L
6xJh+86uKXOqv9QpQ788WTuMmm4e/677N/FPzCsi9KmAYSugFGIWGgYH5BDflQj1
8yvieDZM1kB6Kbad9Mf9k4v2DCUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQvK0uW
ot58zoQmGRDENC+q1EzVgTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmQ0MTAxMzYtNDA5Zi00Yzg5LWJjNzAtOTBiNTVkYWE3OGJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSA
wDANBgkqhkiG9w0BAQsFAAOCAQEAsWyGxAW8TS/2RRucI/8hE86miqTNh+WES3xQ
EbUN1XCNv3W5SAontzqbWBHU14W6bzluOHpep1voSrVKI++LEVV8Dz62TzX5QLyJ
A/0ObA/iK1qoNDGZfWMFmSXKDiTTJ521N5RvOlntWGs9L+RvaqnRx2gzy8A5E2rz
Jef9rZzsQUj6wj2+ZKIIxE0WefHZV9o7dl66s5Ufr1xkVGhWuzkEi3CSwAXasc/3
tFH7v9ww4jojWkeDesRaADNf2faFHSA+dwU1ox5AtORvLtaF7qn1QZfJtx9e/q6r
Z4AOEN21BWwfDX4xEg5zioludtUNbRVhJpTnO6I2c98CpfYBrw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:56 2025 by rpki-client