Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02911d55-b354-4ba1-af38-5a4fbd4de1fd.roa
File: 02911d55-b354-4ba1-af38-5a4fbd4de1fd.roa (raw, json)
Hash identifier: WySzhXWBFoEgP/Grr2vSYrZ/58YUy2kaLA5Xgty5xtY=
Subject key identifier: 3A:89:BC:BC:24:A9:2A:45:9E:A4:41:90:94:AD:47:09:64:2E:E9:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2E6DF7DE4862D216A168713EEB75EE0FAB226DAA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02911d55-b354-4ba1-af38-5a4fbd4de1fd.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040:a000::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 22 Jan 2025 02:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:6d:f7:de:48:62:d2:16:a1:68:71:3e:eb:75:ee:0f:ab:22:6d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7a:45:14:7c:a0:00:06:2d:58:8d:d1:db:75:
6b:89:05:4d:0d:d1:29:06:c1:d4:85:7c:5c:14:f3:
38:de:99:4e:2d:97:33:db:50:ab:c9:7a:27:f1:30:
9c:41:0b:4b:00:e9:e7:12:a2:2e:ba:95:9b:1a:a1:
0f:a6:7f:37:ef:93:91:0f:4b:c9:d5:45:8f:7f:f2:
00:bd:70:03:3f:47:c6:93:cc:80:76:ce:e5:b8:f9:
53:1c:2b:f7:cb:79:92:4a:94:e1:37:65:40:75:7e:
4a:b7:59:c4:70:15:f7:bc:ec:86:45:83:f6:b4:7c:
06:bd:b2:be:08:a5:ef:12:e5:e7:fb:dd:48:f8:3c:
6a:cc:fb:80:bd:72:51:a5:97:1c:0d:45:8f:8e:7a:
05:4d:e8:25:4d:69:e7:20:2c:d8:1b:98:dd:f1:fe:
47:52:96:b0:6f:83:e6:af:1e:11:5f:6c:72:9d:41:
ba:23:17:e1:70:7c:ea:98:25:2b:24:00:2f:9c:bf:
a3:d8:40:fe:7f:d0:77:c2:d6:04:08:2a:83:2d:db:
93:b1:35:53:4a:6d:6c:16:99:7b:d4:51:1f:e3:49:
52:16:ae:73:76:23:f4:60:62:91:74:e8:67:3a:db:
74:e9:c2:fb:97:7a:b2:31:8b:61:1d:1f:b2:15:7f:
fa:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:89:BC:BC:24:A9:2A:45:9E:A4:41:90:94:AD:47:09:64:2E:E9:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02911d55-b354-4ba1-af38-5a4fbd4de1fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040:a000::/40
Signature Algorithm: sha256WithRSAEncryption
86:df:ad:5b:63:ef:64:60:00:20:6d:b7:a1:73:21:86:09:36:
44:4e:5b:b9:6f:d8:62:04:5d:16:2e:79:93:c0:b0:08:2c:3e:
74:c7:e4:5a:7b:d5:ee:2a:03:b9:1c:55:e3:81:99:12:42:0a:
33:b4:ac:a5:8f:f6:e2:a5:31:a7:a0:44:9b:90:9c:37:b9:f6:
01:4a:4a:ee:fc:37:5a:65:75:22:21:5a:77:6f:6a:2f:81:77:
7f:96:09:01:25:b6:1e:b1:21:46:7d:d1:58:7f:fb:7c:23:e0:
b6:62:35:a8:bb:51:4c:6a:ac:f7:56:9d:8f:de:1a:02:00:57:
a9:17:4e:3c:f4:52:91:5d:f0:34:a9:11:f2:5f:1b:9d:c2:ff:
64:2e:c1:b0:46:47:e8:66:0f:60:26:ab:b7:36:a8:7d:f2:1b:
f2:33:a3:71:a6:c2:a6:7f:88:da:49:7b:e6:cc:c2:da:58:b8:
ab:48:f1:0b:e5:53:60:73:81:1f:9a:6c:c9:eb:f2:d0:13:ea:
46:13:10:64:6b:2f:df:70:11:43:cc:5f:12:ce:2e:46:7d:1d:
dd:9d:57:e2:c4:d6:5a:48:5c:7e:72:f6:8d:b4:e7:2a:87:0d:
71:ce:63:35:01:9e:be:6b:ab:39:8c:9e:bd:fa:4c:5c:27:f3:
5f:d0:e1:36
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULm333khi0hahaHE+63XuD6sibaowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlYTFkMDBmN2FlMjRmNWI3NTYxOTM0NTIyNTQ3YTA4OGUwMTk0NDJmMmUx
NGVmMWMxMWRiYmNiODYyNjU1OTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALp6RRR8oAAGLViN0dt1a4kFTQ3RKQbB1IV8XBTzON6ZTi2XM9tQq8l6J/Ew
nEELSwDp5xKiLrqVmxqhD6Z/N++TkQ9LydVFj3/yAL1wAz9HxpPMgHbO5bj5Uxwr
98t5kkqU4TdlQHV+SrdZxHAV97zshkWD9rR8Br2yvgil7xLl5/vdSPg8asz7gL1y
UaWXHA1Fj456BU3oJU1p5yAs2BuY3fH+R1KWsG+D5q8eEV9scp1BuiMX4XB86pgl
KyQAL5y/o9hA/n/Qd8LWBAgqgy3bk7E1U0ptbBaZe9RRH+NJUhauc3Yj9GBikXTo
ZzrbdOnC+5d6sjGLYR0fshV/+isCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6iby8
JKkqRZ6kQZCUrUcJZC7pwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDI5MTFkNTUtYjM1NC00YmExLWFmMzgtNWE0ZmJkNGRlMWZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ECg
MA0GCSqGSIb3DQEBCwUAA4IBAQCG361bY+9kYAAgbbehcyGGCTZETlu5b9hiBF0W
LnmTwLAILD50x+Rae9XuKgO5HFXjgZkSQgoztKylj/bipTGnoESbkJw3ufYBSkru
/DdaZXUiIVp3b2ovgXd/lgkBJbYesSFGfdFYf/t8I+C2YjWou1FMaqz3Vp2P3hoC
AFepF0489FKRXfA0qRHyXxudwv9kLsGwRkfoZg9gJqu3Nqh98hvyM6NxpsKmf4ja
SXvmzMLaWLirSPEL5VNgc4EfmmzJ6/LQE+pGExBkay/fcBFDzF8Szi5GfR3dnVfi
xNZaSFx+cvaNtOcqhw1xzmM1AZ6+a6s5jJ69+kxcJ/Nf0OE2
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:33:56 2025 by rpki-client