Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/22e4c463-260d-492f-8eb5-e1e3eda9614c.roa
File: 22e4c463-260d-492f-8eb5-e1e3eda9614c.roa (raw, json)
Hash identifier: KZVryM3UjXkWv76O1IQe2pzTgyT0VenJtj/R/rCTkkA=
Subject key identifier: E6:21:5F:43:5E:8D:71:03:F0:CE:93:54:05:14:F1:7B:91:C7:AC:9D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 48A9B67FBB405214A05C0A450857195B56BCB683
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/22e4c463-260d-492f-8eb5-e1e3eda9614c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:a9:b6:7f:bb:40:52:14:a0:5c:0a:45:08:57:19:5b:56:bc:b6:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:94:ea:30:33:f8:42:d0:af:fa:b2:c0:f2:f3:
60:17:75:de:92:7c:6e:90:a5:b9:37:e2:76:60:6d:
c8:88:30:ec:5f:a4:c5:9c:cc:c6:45:46:8f:14:c0:
b3:a2:e8:f3:bb:48:6b:0a:a8:51:75:2e:92:f6:dc:
1e:4e:6d:14:3b:71:2c:c4:c1:fc:87:78:e3:f3:ae:
97:9e:5a:42:96:9a:bc:ee:3c:90:44:41:21:83:5b:
95:a5:37:b7:d4:60:5a:4e:0d:75:fa:71:fb:c6:77:
0b:b0:49:d2:90:5c:4a:a3:e5:1a:8d:d7:ed:dd:b1:
01:d1:66:8c:51:dc:54:e0:1b:1c:99:35:d9:19:1e:
73:8a:43:f0:af:cc:e8:3c:9b:19:72:3d:d4:23:fc:
e0:d4:c7:00:6c:ff:26:b8:5b:53:0a:9a:2d:9d:04:
14:c2:a5:82:be:e8:c5:56:76:da:85:05:49:b4:f7:
cf:58:8d:dd:64:0b:7f:7c:fc:2e:31:ce:d5:4f:c7:
c0:d9:dc:87:53:e6:45:d4:f6:8c:9e:f6:ba:9e:33:
b2:75:a9:30:5d:91:3f:6a:e2:fe:22:69:35:cb:08:
b5:31:66:f8:51:71:89:a0:8a:b2:03:52:d4:23:4d:
43:ec:ba:85:88:f6:a7:81:c5:27:84:18:ac:5f:57:
8f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:21:5F:43:5E:8D:71:03:F0:CE:93:54:05:14:F1:7B:91:C7:AC:9D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/22e4c463-260d-492f-8eb5-e1e3eda9614c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:80:42:91:67:e6:b7:62:4b:f5:7b:b0:f7:63:23:46:4a:6f:
d5:54:c8:6b:cf:e2:ad:3d:e5:1e:5a:9b:f5:e3:75:d9:4e:8e:
3a:df:a2:d8:14:79:b6:56:17:3b:69:20:1a:96:02:a5:a1:cb:
6c:78:bc:39:40:c2:3d:49:ce:bd:6c:62:5e:73:35:b1:c1:92:
08:95:e6:db:37:81:e7:c0:7f:74:0e:a2:8c:8f:f9:95:fc:2d:
73:c2:7c:f2:72:e9:20:83:a1:1d:1e:af:aa:e3:18:4b:d1:80:
76:b2:da:3e:49:bd:08:01:41:ee:bf:a3:12:1f:d4:85:18:c8:
20:b5:57:0d:c1:4d:1d:61:d2:0d:9b:4f:58:ae:3e:3b:3e:38:
a1:d6:ef:65:d8:f3:4e:ed:03:a7:11:bf:ec:12:2b:07:e0:cc:
4e:bf:7d:4f:4d:85:62:42:e3:d5:d2:f3:31:2c:5c:9a:9c:49:
28:57:3a:79:da:a8:b0:2f:39:7a:32:67:59:36:7d:1a:ae:c1:
50:e7:aa:92:e3:38:80:e4:ea:32:9d:b5:69:e1:d2:55:e1:b7:
40:71:10:84:fe:05:52:b2:9f:ac:d1:6c:4d:39:fa:31:8e:a2:
e5:86:16:66:93:34:74:a2:8f:54:4a:9e:88:9f:d2:6f:4e:d0:
60:0f:78:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSKm2f7tAUhSgXApFCFcZW1a8toMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2OTBmYmMwMmQwNDdiNmI4NzQyMTAwMDJlZGQ0NWU0MTdhN2Y1NTIwNGY4
OWM1MTdlZjdiMzU1ODhiNTc0OTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGU6jAz+ELQr/qywPLzYBd13pJ8bpCluTfidmBtyIgw7F+kxZzMxkVGjxTA
s6Lo87tIawqoUXUukvbcHk5tFDtxLMTB/Id44/Oul55aQpaavO48kERBIYNblaU3
t9RgWk4Ndfpx+8Z3C7BJ0pBcSqPlGo3X7d2xAdFmjFHcVOAbHJk12Rkec4pD8K/M
6DybGXI91CP84NTHAGz/JrhbUwqaLZ0EFMKlgr7oxVZ22oUFSbT3z1iN3WQLf3z8
LjHO1U/HwNnch1PmRdT2jJ72up4zsnWpMF2RP2ri/iJpNcsItTFm+FFxiaCKsgNS
1CNNQ+y6hYj2p4HFJ4QYrF9Xj+cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTmIV9D
Xo1xA/DOk1QFFPF7kcesnTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjJlNGM0NjMtMjYwZC00OTJmLThlYjUtZTFlM2VkYTk2MTRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQC3gEKRZ+a3Ykv1e7D3YyNGSm/VVMhrz+KtPeUeWpv1
43XZTo4636LYFHm2Vhc7aSAalgKloctseLw5QMI9Sc69bGJeczWxwZIIlebbN4Hn
wH90DqKMj/mV/C1zwnzycukgg6EdHq+q4xhL0YB2sto+Sb0IAUHuv6MSH9SFGMgg
tVcNwU0dYdINm09Yrj47Pjih1u9l2PNO7QOnEb/sEisH4MxOv31PTYViQuPV0vMx
LFyanEkoVzp52qiwLzl6MmdZNn0arsFQ56qS4ziA5OoynbVp4dJV4bdAcRCE/gVS
sp+s0WxNOfoxjqLlhhZmkzR0oo9USp6In9JvTtBgD3hL
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:32:59 2025 by rpki-client