Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2150330d-575d-4841-9216-26672be29637.roa
File: 2150330d-575d-4841-9216-26672be29637.roa (raw, json)
Hash identifier: tOnQ6F+8c0kq5PDc4lj1u2KniB9GHPNcqBFV1cqQyKI=
Subject key identifier: 1A:38:39:EF:17:5D:E1:2A:D2:1E:D4:2B:44:5F:01:19:FF:48:86:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3BF2FF1CDBBE8AAE4A7F851871B76EFB4675C4F0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2150330d-575d-4841-9216-26672be29637.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:f2:ff:1c:db:be:8a:ae:4a:7f:85:18:71:b7:6e:fb:46:75:c4:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a8:a5:4b:5a:34:c1:a5:e0:71:5c:3b:5c:45:
39:5d:d2:f8:07:c5:b2:b7:bc:ec:d4:56:f5:32:30:
5c:6a:ee:5f:72:69:b5:e3:07:36:17:8f:00:62:02:
93:24:82:dc:a7:85:b5:a1:c1:35:52:e2:2c:d5:98:
b2:16:92:72:47:a2:46:32:72:4a:12:02:fc:9b:da:
cc:00:ec:b9:24:03:4f:d7:3f:b2:39:9b:4a:1a:97:
d9:c2:ee:04:ad:f8:63:da:41:fa:37:5e:bb:de:ae:
4c:32:fe:1d:6b:4c:55:36:94:1c:37:a4:fb:d9:38:
1b:83:fd:c2:c7:6e:06:db:29:35:99:89:5f:c4:43:
d8:5b:77:7d:88:f0:cc:fd:de:f1:1d:18:7a:e4:b1:
89:8c:84:94:be:2b:a1:da:79:cc:e7:1a:e4:4f:55:
0d:54:97:e2:16:6d:74:7a:45:a7:e7:4d:a6:e4:72:
bc:a7:dd:06:a0:4d:6b:e7:cc:2b:bf:c9:f6:ad:83:
18:70:ca:fa:67:af:23:65:06:91:02:1e:5a:2d:cf:
c6:68:a9:29:1b:98:f3:ca:4f:32:e3:62:fb:63:cd:
9b:e9:f1:5b:ef:79:ec:21:be:2b:be:de:a3:57:d5:
62:20:2d:f0:cc:01:93:09:0c:02:ca:d6:4a:fc:0b:
9e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:38:39:EF:17:5D:E1:2A:D2:1E:D4:2B:44:5F:01:19:FF:48:86:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2150330d-575d-4841-9216-26672be29637.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1b:30:30:b4:5d:52:db:89:8f:11:65:51:f4:68:da:66:15:05:
c7:a9:47:01:7d:25:af:c6:21:7b:6c:4b:81:d5:6d:23:b5:19:
c8:59:96:59:26:b1:1b:e4:ad:d2:fe:21:ac:81:8e:1e:6d:6d:
79:36:ad:73:fd:ac:45:8c:13:dc:ee:3f:8c:be:19:46:b9:09:
60:03:3c:1a:1a:d4:92:e6:cf:53:55:17:e4:ce:8e:a1:3f:bc:
03:b5:6d:81:79:7a:58:7d:d6:f6:b9:37:10:19:52:00:90:91:
12:9d:41:af:60:0c:f2:ba:79:c0:04:b3:d7:30:cb:2f:18:5b:
82:84:aa:cf:b5:14:72:19:4a:a8:47:77:44:48:69:6b:ab:c9:
f7:51:7c:38:a0:0c:bf:7d:78:6c:f3:27:25:b2:a0:5e:ab:55:
60:b8:58:77:44:3b:65:6a:0b:48:24:26:15:0c:5d:2a:4f:47:
a1:99:ec:5b:5c:91:e0:2c:29:f2:21:a0:ae:f1:ee:6a:35:81:
89:a3:1d:5d:0b:bf:7c:03:33:79:5f:e7:b6:cf:78:8c:b7:f5:
72:79:25:68:d8:93:bc:d9:53:9b:de:0e:4f:a9:e4:d7:27:22:
63:1a:28:d1:81:f6:6e:a3:ad:35:bd:50:d9:80:8d:45:8e:fc:
12:69:29:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUO/L/HNu+iq5Kf4UYcbdu+0Z1xPAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1Zjk2ZWM1NGNhN2Q4N2ZkZThhNmNjOTA2MmQ0YWE5Nzc3YWUyNDE3Mjlk
OTRjY2M3ZGZiNDIwYjhiMGVjYjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSopUtaNMGl4HFcO1xFOV3S+AfFsre87NRW9TIwXGruX3JpteMHNhePAGIC
kySC3KeFtaHBNVLiLNWYshaSckeiRjJyShIC/JvazADsuSQDT9c/sjmbShqX2cLu
BK34Y9pB+jdeu96uTDL+HWtMVTaUHDek+9k4G4P9wsduBtspNZmJX8RD2Ft3fYjw
zP3e8R0YeuSxiYyElL4rodp5zOca5E9VDVSX4hZtdHpFp+dNpuRyvKfdBqBNa+fM
K7/J9q2DGHDK+mevI2UGkQIeWi3PxmipKRuY88pPMuNi+2PNm+nxW+957CG+K77e
o1fVYiAt8MwBkwkMAsrWSvwLnosCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQaODnv
F13hKtIe1CtEXwEZ/0iGbDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjE1MDMzMGQtNTc1ZC00ODQxLTkyMTYtMjY2NzJiZTI5NjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAGzAwtF1S24mPEWVR9GjaZhUFx6lHAX0lr8Yhe2xL
gdVtI7UZyFmWWSaxG+St0v4hrIGOHm1teTatc/2sRYwT3O4/jL4ZRrkJYAM8GhrU
kubPU1UX5M6OoT+8A7VtgXl6WH3W9rk3EBlSAJCREp1Br2AM8rp5wASz1zDLLxhb
goSqz7UUchlKqEd3REhpa6vJ91F8OKAMv314bPMnJbKgXqtVYLhYd0Q7ZWoLSCQm
FQxdKk9HoZnsW1yR4Cwp8iGgrvHuajWBiaMdXQu/fAMzeV/nts94jLf1cnklaNiT
vNlTm94OT6nk1yciYxoo0YH2bqOtNb1Q2YCNRY78EmkpFg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:54:34 2025 by rpki-client