Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe5392b2-dcf2-4b71-b739-321411278879.roa
File: fe5392b2-dcf2-4b71-b739-321411278879.roa (raw, json)
Hash identifier: 6qdl5UrGv1PIXHybaCEkNk4cM6f8duUVPy4ckjAkaHU=
Subject key identifier: E0:B3:D5:4D:65:14:D7:B5:B4:12:0E:87:6F:15:3A:FB:AA:EC:C5:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F6A8269D581C89407250C2A46B28CFDB199B8FF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe5392b2-dcf2-4b71-b739-321411278879.roa
Signing time: Thu 17 Apr 2025 16:37:09 +0000
ROA not before: Thu 17 Apr 2025 16:37:09 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:4000::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 17 Apr 2025 20:37:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:6a:82:69:d5:81:c8:94:07:25:0c:2a:46:b2:8c:fd:b1:99:b8:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:37:09 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=f9f19cd708fccf4f1afa7cdcc679a4a141a9674ebea641b841bf0f9a116e66d9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3a:66:a5:0d:96:a8:b5:0d:9e:79:c0:01:94:
e8:73:da:f3:c6:38:42:e0:9c:45:be:ab:f4:0e:73:
ef:de:01:29:79:87:c7:49:3b:33:8e:4e:10:99:d4:
fa:b4:89:e0:02:7d:f5:fa:66:9e:1c:32:5e:ff:60:
2c:a5:37:09:83:fb:6b:02:86:8e:17:c0:0d:f9:02:
f7:ab:61:e0:04:88:e1:2a:5e:37:5e:55:01:0f:d2:
2f:d0:5a:79:1c:07:05:67:af:f9:62:6a:94:60:a5:
a2:fd:60:ca:2b:d8:b7:dc:16:c7:03:da:0d:e3:a8:
a7:d4:00:df:54:7c:67:2c:1d:07:c5:fa:dd:c3:17:
f5:c6:c8:8b:fa:6d:e2:19:3f:e8:1a:4b:9c:69:c7:
27:15:41:4a:78:b7:ed:cd:87:54:2c:ba:3f:b1:05:
45:43:cc:6c:d6:fc:15:0b:e9:6e:17:fb:8b:3b:14:
49:b0:3c:d4:fc:9d:6b:d6:25:be:f9:ab:c6:c3:ab:
f4:40:bb:e4:a0:3d:b0:1b:ee:a6:bc:e0:cd:f8:08:
a7:42:70:50:c0:d9:6a:a5:2b:f8:ae:f6:6a:fb:bf:
f2:d9:4c:ad:42:07:2f:7f:1b:82:ab:19:4f:55:88:
19:4c:3f:ca:86:0a:1f:03:79:e9:9d:70:0a:8d:97:
1f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B3:D5:4D:65:14:D7:B5:B4:12:0E:87:6F:15:3A:FB:AA:EC:C5:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fe5392b2-dcf2-4b71-b739-321411278879.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:4000::/40
Signature Algorithm: sha256WithRSAEncryption
57:af:97:97:c7:cb:5c:24:fc:41:2e:1b:79:c0:b9:91:50:17:
a5:aa:24:ff:1c:d5:41:8e:96:f2:d6:1d:b7:b3:51:11:44:0a:
8e:67:b6:44:f8:f2:fc:e8:c5:f8:77:18:e9:b8:80:53:2e:f0:
05:ce:25:12:9e:4a:a4:eb:31:8e:cf:11:2e:da:f9:cf:99:45:
d7:02:30:12:e9:55:22:9a:69:d4:b0:63:66:16:2b:c3:85:17:
ff:0b:04:50:aa:96:f4:cd:4f:ae:d7:05:6b:01:40:85:cf:52:
b3:22:64:a4:6d:8f:62:23:04:43:2e:e3:c6:df:96:70:c6:fd:
ae:eb:1a:25:b5:9d:02:99:11:d1:62:b0:15:ce:40:55:05:cf:
6e:67:44:54:ba:b4:40:ce:ef:8d:12:9e:c8:ff:db:95:b1:22:
9a:06:57:84:c1:9d:64:8b:32:f0:68:4a:21:e5:05:60:04:b3:
69:42:2b:2f:f6:54:35:73:fb:ef:8b:7b:ee:90:16:0f:4d:1b:
34:56:e3:82:6e:a6:f8:b5:13:f4:77:7c:6e:6a:21:f0:0a:be:
ec:f9:f8:f0:78:7c:02:61:9a:c4:57:1e:cf:c7:e3:ed:dc:aa:
15:b7:f9:ad:97:22:ab:7d:82:15:7b:8f:47:78:c5:cf:c0:09:
4a:f3:f0:2b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP2qCadWByJQHJQwqRrKM/bGZuP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM3MDlaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5ZjE5Y2Q3MDhmY2NmNGYxYWZhN2NkY2M2NzlhNGExNDFhOTY3NGViZWE2
NDFiODQxYmYwZjlhMTE2ZTY2ZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQ6ZqUNlqi1DZ55wAGU6HPa88Y4QuCcRb6r9A5z794BKXmHx0k7M45OEJnU
+rSJ4AJ99fpmnhwyXv9gLKU3CYP7awKGjhfADfkC96th4ASI4SpeN15VAQ/SL9Ba
eRwHBWev+WJqlGClov1gyivYt9wWxwPaDeOop9QA31R8ZywdB8X63cMX9cbIi/pt
4hk/6BpLnGnHJxVBSni37c2HVCy6P7EFRUPMbNb8FQvpbhf7izsUSbA81Pyda9Yl
vvmrxsOr9EC75KA9sBvuprzgzfgIp0JwUMDZaqUr+K72avu/8tlMrUIHL38bgqsZ
T1WIGUw/yoYKHwN56Z1wCo2XH8UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTgs9VN
ZRTXtbQSDodvFTr7quzFezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmU1MzkyYjItZGNmMi00YjcxLWI3MzktMzIxNDExMjc4ODc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FtA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXr5eXx8tcJPxBLht5wLmRUBelqiT/HNVBjpby
1h23s1ERRAqOZ7ZE+PL86MX4dxjpuIBTLvAFziUSnkqk6zGOzxEu2vnPmUXXAjAS
6VUimmnUsGNmFivDhRf/CwRQqpb0zU+u1wVrAUCFz1KzImSkbY9iIwRDLuPG35Zw
xv2u6xoltZ0CmRHRYrAVzkBVBc9uZ0RUurRAzu+NEp7I/9uVsSKaBleEwZ1kizLw
aEoh5QVgBLNpQisv9lQ1c/vvi3vukBYPTRs0VuOCbqb4tRP0d3xuaiHwCr7s+fjw
eHwCYZrEVx7Px+Pt3KoVt/mtlyKrfYIVe49HeMXPwAlK8/Ar
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:47:12 2025 by rpki-client