Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05585ded-caa9-4870-9b97-23218aa79783.roa
File: 05585ded-caa9-4870-9b97-23218aa79783.roa (raw, json)
Hash identifier: jBS1v4RG9Oii74QBZEV63agNFg3Q6EXeL6BxHAdmUgc=
Subject key identifier: A9:86:98:EC:C6:AA:CB:04:98:2A:F7:65:11:2E:EE:E2:F2:22:E1:99
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 784B35CC5B5CF00738BD1CF577A63F39CA95997F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05585ded-caa9-4870-9b97-23218aa79783.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:4b:35:cc:5b:5c:f0:07:38:bd:1c:f5:77:a6:3f:39:ca:95:99:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fe:e7:83:54:fd:7a:96:a3:a8:cd:d6:f3:fe:
a7:db:de:ed:d1:94:8a:45:ed:72:66:ea:84:8b:b2:
21:b5:d2:40:ae:d5:19:0e:dc:d7:9a:e4:b2:b9:49:
18:c7:d4:ac:fa:7d:61:b3:c7:28:3e:d9:92:e4:24:
f1:e1:04:42:61:4d:24:f2:2b:2d:92:7b:53:17:aa:
20:1a:b9:cf:e0:dd:de:22:a5:46:67:42:ee:c0:4d:
bd:27:ac:d6:73:48:1d:b0:bf:47:d5:d3:9e:01:82:
d1:ae:1c:6f:3a:2e:76:6a:36:ba:03:ed:71:fe:8f:
c0:ac:b9:58:b8:0a:86:0f:f2:ab:b8:79:f3:c6:eb:
c7:16:3a:f3:ed:75:f9:9c:88:02:bf:d5:36:a2:fe:
80:2f:64:c4:b7:f0:ab:40:a0:e6:61:0a:23:ff:c4:
6d:44:3d:dc:72:db:19:90:60:cb:aa:4a:c9:cc:84:
87:c2:67:68:7a:81:b3:72:2d:e5:18:c3:ea:e6:28:
49:21:ca:ff:f2:43:b5:6b:ea:a1:e5:c3:d3:2c:e5:
54:2b:3e:20:81:e9:c2:56:a3:f6:33:24:d4:99:ab:
64:91:c2:5f:40:38:02:ed:45:c2:4b:24:f3:74:e9:
0d:dd:6a:cc:f3:27:f9:e1:1c:f9:b4:64:7c:16:4e:
35:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:86:98:EC:C6:AA:CB:04:98:2A:F7:65:11:2E:EE:E2:F2:22:E1:99
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05585ded-caa9-4870-9b97-23218aa79783.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
ad:69:2c:7c:e1:40:2d:2e:ac:2c:d4:8d:83:65:72:7d:30:48:
4b:cc:6d:89:a5:f4:7c:c2:95:fb:0c:12:a0:aa:85:fb:27:85:
fb:98:47:26:17:8a:b4:5d:c1:f6:18:27:cd:bf:ff:f6:4b:7e:
05:3d:8e:32:12:22:31:ab:a1:96:ae:4c:de:e8:ac:61:b3:be:
3f:3d:cf:2c:23:a5:b2:af:32:05:3d:7d:fe:61:fa:60:91:0d:
b1:2b:b0:3f:13:f3:a7:1f:2d:5d:49:53:62:dc:a5:58:38:6d:
75:4e:bc:38:2e:0f:93:b1:78:af:c1:85:0d:2f:e4:8d:cf:db:
7d:ae:aa:56:21:60:5e:00:2c:13:ce:3f:60:c8:fa:5f:57:f4:
8a:ba:22:f8:4b:6c:d0:ee:3b:cb:8d:e7:62:a8:f0:f6:8d:77:
b3:ea:8a:a0:a7:42:14:54:c5:b9:59:34:9c:a1:94:5a:11:b2:
07:b2:7a:97:14:a0:04:03:b4:17:74:cb:29:3b:c0:6e:5d:cd:
c0:06:06:0e:e1:71:9f:2e:b4:8a:eb:1b:e4:f9:e8:a3:23:d8:
22:d0:b2:76:94:5d:6e:84:c6:c2:53:dd:6b:28:75:31:09:1f:
bb:4d:a5:44:0b:8d:39:02:58:06:75:0d:cd:4e:c8:dd:4b:41:
2c:e6:33:9a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeEs1zFtc8Ac4vRz1d6Y/OcqVmX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMjAwMDAwMDBaFw0yNTAxMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3OWNhN2M2ZDIwYzkyNmQ1ODcyOTM2ZDU1NzNiYjY5MTA3NWFjMWE2YTFh
ZDIyZmIxZDhlOTg3ZGVhZjJlODExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMD+54NU/XqWo6jN1vP+p9ve7dGUikXtcmbqhIuyIbXSQK7VGQ7c15rksrlJ
GMfUrPp9YbPHKD7ZkuQk8eEEQmFNJPIrLZJ7UxeqIBq5z+Dd3iKlRmdC7sBNvSes
1nNIHbC/R9XTngGC0a4cbzoudmo2ugPtcf6PwKy5WLgKhg/yq7h588brxxY68+11
+ZyIAr/VNqL+gC9kxLfwq0Cg5mEKI//EbUQ93HLbGZBgy6pKycyEh8JnaHqBs3It
5RjD6uYoSSHK//JDtWvqoeXD0yzlVCs+IIHpwlaj9jMk1JmrZJHCX0A4Au1Fwksk
83TpDd1qzPMn+eEc+bRkfBZONYsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSphpjs
xqrLBJgq92URLu7i8iLhmTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDU1ODVkZWQtY2FhOS00ODcwLTliOTctMjMyMThhYTc5NzgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEArWksfOFALS6sLNSNg2VyfTBIS8xtiaX0fMKV+wwS
oKqF+yeF+5hHJheKtF3B9hgnzb//9kt+BT2OMhIiMauhlq5M3uisYbO+Pz3PLCOl
sq8yBT19/mH6YJENsSuwPxPzpx8tXUlTYtylWDhtdU68OC4Pk7F4r8GFDS/kjc/b
fa6qViFgXgAsE84/YMj6X1f0iroi+Ets0O47y43nYqjw9o13s+qKoKdCFFTFuVk0
nKGUWhGyB7J6lxSgBAO0F3TLKTvAbl3NwAYGDuFxny60iusb5PnooyPYItCydpRd
boTGwlPdayh1MQkfu02lRAuNOQJYBnUNzU7I3UtBLOYzmg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:43:06 2025 by rpki-client