Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe20e203-7c12-4c97-b5ee-53cc5f0a350c.roa
File: fe20e203-7c12-4c97-b5ee-53cc5f0a350c.roa (raw, json)
Hash identifier: tov70N68VSrWIinpR+NGpTi6j9zXl1Do39HP4cTs3lU=
Subject key identifier: 7A:EE:46:73:12:96:10:3B:1E:63:D6:1D:2F:62:0F:AC:51:8A:76:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F689E0B8ED837C23C56D50FC0410E9B758692DF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe20e203-7c12-4c97-b5ee-53cc5f0a350c.roa
Signing time: Thu 17 Apr 2025 16:37:12 +0000
ROA not before: Thu 17 Apr 2025 16:37:12 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:9000::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 17 Apr 2025 20:37:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:68:9e:0b:8e:d8:37:c2:3c:56:d5:0f:c0:41:0e:9b:75:86:92:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:37:12 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=445508e9cd135a37e5f5b6a5a02bacd2214b9d7f9720fa357f62a0443607c762, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0f:45:a6:80:4c:90:77:22:2f:fd:07:8b:14:
4b:44:78:b0:a9:93:e8:e3:bb:32:07:f8:95:22:12:
59:e3:24:8f:6d:0b:28:cf:ae:d8:80:4e:c4:3c:44:
31:0f:a6:dd:35:42:03:a4:02:01:f5:52:6f:b5:3a:
86:e2:9d:ca:7c:ac:ef:b0:17:25:2a:0c:42:14:9f:
b3:12:9f:69:73:93:e4:f6:0b:8d:30:9c:1f:72:4d:
76:84:d0:02:3d:b8:10:8b:58:4b:fe:f3:5b:86:a8:
b0:34:05:04:7e:0b:cb:71:d8:81:5e:4b:e1:b1:21:
97:60:80:34:f3:c7:cf:90:1c:00:38:bf:4e:3a:03:
ff:fe:f5:00:1e:77:89:70:3f:72:77:26:e5:53:73:
0a:d2:fb:4f:e1:f8:6f:53:94:f1:f2:3d:2d:7e:d6:
5e:17:e3:cb:2d:a9:90:8d:7d:cb:3d:dd:b4:4c:5a:
3a:f2:6c:33:f9:13:0f:aa:ce:a8:a9:ce:17:13:8a:
f5:d3:a7:57:c5:91:d1:9f:19:98:69:c3:05:70:46:
80:0f:da:55:ac:70:c2:3a:a3:fc:ca:b5:57:ff:83:
0e:0e:f9:c8:c1:fa:3d:4b:bd:db:18:60:92:a0:24:
8a:cc:bc:a5:b5:42:b2:7e:40:5c:0c:1a:42:6c:87:
1a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:EE:46:73:12:96:10:3B:1E:63:D6:1D:2F:62:0F:AC:51:8A:76:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe20e203-7c12-4c97-b5ee-53cc5f0a350c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:9000::/40
Signature Algorithm: sha256WithRSAEncryption
39:f9:35:3d:c4:b4:58:5b:a3:1c:23:72:a4:0d:56:14:71:8c:
eb:77:ee:21:e4:bd:9a:2f:c6:c4:f6:da:33:e8:fe:d4:8d:70:
d0:d0:44:dd:94:aa:2a:53:08:45:77:c4:69:3f:d8:26:69:21:
9b:f0:50:4f:fd:f6:82:8f:f8:8a:8a:19:66:4c:e0:b3:2f:26:
70:80:b5:55:48:04:96:23:4c:d0:42:9c:35:bb:35:60:56:10:
99:ea:b1:c7:0e:a5:37:1e:cd:3d:1b:ed:c8:3f:e6:b5:6e:18:
0b:33:b5:01:95:42:e4:11:a6:05:67:b6:56:2d:ec:68:cd:21:
fc:7f:c7:26:e9:50:88:c2:f0:1a:cb:69:3c:ba:08:28:58:99:
9e:50:71:2d:a5:d1:5b:7a:ae:94:1b:e9:6c:71:1a:e9:76:b2:
f1:de:e5:7d:1f:c7:5f:68:dc:bf:c7:d3:3e:aa:fb:23:0e:60:
fd:f8:e4:eb:4c:42:00:d0:88:fa:1f:bc:37:7e:55:cc:00:c7:
8e:f1:75:a4:b4:cd:c4:bf:65:48:9f:ef:24:44:e1:e3:ee:c5:
89:06:f5:3a:72:69:5c:1f:ae:41:28:b5:21:9b:c0:b3:7e:60:
42:a9:96:11:f0:6f:95:a7:01:46:95:41:10:d9:bb:6e:c6:96:
1a:a3:2c:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP2ieC47YN8I8VtUPwEEOm3WGkt8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM3MTJaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0NTUwOGU5Y2QxMzVhMzdlNWY1YjZhNWEwMmJhY2QyMjE0YjlkN2Y5NzIw
ZmEzNTdmNjJhMDQ0MzYwN2M3NjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0PRaaATJB3Ii/9B4sUS0R4sKmT6OO7Mgf4lSISWeMkj20LKM+u2IBOxDxE
MQ+m3TVCA6QCAfVSb7U6huKdynys77AXJSoMQhSfsxKfaXOT5PYLjTCcH3JNdoTQ
Aj24EItYS/7zW4aosDQFBH4Ly3HYgV5L4bEhl2CANPPHz5AcADi/TjoD//71AB53
iXA/cncm5VNzCtL7T+H4b1OU8fI9LX7WXhfjyy2pkI19yz3dtExaOvJsM/kTD6rO
qKnOFxOK9dOnV8WR0Z8ZmGnDBXBGgA/aVaxwwjqj/Mq1V/+DDg75yMH6PUu92xhg
kqAkisy8pbVCsn5AXAwaQmyHGpsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR67kZz
EpYQOx5j1h0vYg+sUYp2hzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmUyMGUyMDMtN2MxMi00Yzk3LWI1ZWUtNTNjYzVmMGEzNTBjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FuQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA5+TU9xLRYW6McI3KkDVYUcYzrd+4h5L2aL8bE
9toz6P7UjXDQ0ETdlKoqUwhFd8RpP9gmaSGb8FBP/faCj/iKihlmTOCzLyZwgLVV
SASWI0zQQpw1uzVgVhCZ6rHHDqU3Hs09G+3IP+a1bhgLM7UBlULkEaYFZ7ZWLexo
zSH8f8cm6VCIwvAay2k8uggoWJmeUHEtpdFbeq6UG+lscRrpdrLx3uV9H8dfaNy/
x9M+qvsjDmD9+OTrTEIA0Ij6H7w3flXMAMeO8XWktM3Ev2VIn+8kROHj7sWJBvU6
cmlcH65BKLUhm8CzfmBCqZYR8G+VpwFGlUEQ2btuxpYaoyyV
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:38 2025 by rpki-client