Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29c1ffc0-3f01-4867-a937-39ae790437d4.roa
File: 29c1ffc0-3f01-4867-a937-39ae790437d4.roa (raw, json)
Hash identifier: WIdqLGjAfxZM5sV4xf0xU01nfKFBHB/QEFRS2d+557c=
Subject key identifier: 09:C1:C1:EB:53:0E:3D:D7:07:C7:9D:7D:02:05:0F:79:91:9B:AD:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0BF72E1DFE89090F036B081D7A533CCF1918585F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29c1ffc0-3f01-4867-a937-39ae790437d4.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.240.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:f7:2e:1d:fe:89:09:0f:03:6b:08:1d:7a:53:3c:cf:19:18:58:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:14:15:19:1c:1b:24:1f:88:43:80:4e:63:6b:
f3:ee:a5:66:0d:52:ce:f8:2c:41:fb:99:1e:26:ba:
c6:a8:0d:a6:87:79:2e:b0:7f:87:63:c8:a4:11:6d:
7f:4c:ec:09:7f:45:a1:02:65:4a:52:db:30:9b:49:
b8:91:d3:05:97:dc:eb:2c:95:cc:59:01:fd:3c:c2:
07:e2:ff:f2:93:b8:d0:f3:08:22:d3:43:33:4f:f9:
9b:d2:e0:41:d4:f1:18:4b:15:b5:1d:ad:e9:1b:e6:
70:07:9e:99:58:af:ba:aa:07:0f:0b:61:d6:b5:c5:
31:c1:fc:0f:16:cd:49:e5:a4:5f:1c:90:06:40:25:
98:86:0f:cd:a4:ce:ce:68:c0:31:08:4d:e4:a7:c3:
b4:a5:de:d7:67:63:ea:bd:5f:d5:1e:2b:2d:ed:c4:
bd:5b:4c:18:78:a1:d4:3b:20:73:0f:e2:06:f2:6d:
2a:73:60:5d:40:24:3f:d8:86:23:e6:18:7d:e2:51:
7f:20:2f:96:b6:b2:c0:cb:73:55:05:d5:f9:c0:42:
5b:09:6d:aa:b6:1e:92:50:e4:09:0c:95:66:0e:12:
34:60:8e:75:91:fb:1c:24:67:18:ab:b9:59:2d:f4:
95:ff:98:fd:76:d0:d0:a1:db:0d:50:f8:32:f6:e2:
58:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C1:C1:EB:53:0E:3D:D7:07:C7:9D:7D:02:05:0F:79:91:9B:AD:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29c1ffc0-3f01-4867-a937-39ae790437d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:44:f5:81:ba:a4:bc:9b:34:19:3f:eb:6d:a9:6a:7a:65:ca:
5c:26:9b:49:01:7c:14:c9:e3:c7:c4:d2:a2:a7:a4:d3:cc:4d:
4e:de:e1:f9:a9:58:c4:72:4a:9a:32:a9:8c:6b:18:d4:dc:fc:
24:6e:98:81:2f:e7:1b:31:96:3d:b5:67:5b:8a:47:37:87:12:
f0:1b:e3:b9:4d:97:be:e8:e8:43:59:25:7e:34:ac:1e:5e:ab:
c6:bc:d5:30:21:3e:4c:a9:a1:cb:1d:b3:ac:b8:de:20:73:bf:
43:00:7d:7f:38:5e:27:30:32:d4:31:db:bb:e0:f2:d6:21:60:
db:a9:f9:c3:cb:51:97:ac:c3:73:45:b9:da:a6:55:e4:54:1f:
5c:4d:e6:d5:b3:ff:6c:5d:3d:ae:8f:94:a1:9c:f5:05:91:a6:
b1:93:31:3d:45:6c:89:b3:65:4a:59:b6:f8:6f:b5:65:b5:50:
1b:7d:b3:1b:23:90:ee:9e:a4:b9:c0:1b:48:d9:87:58:01:70:
4c:00:70:48:64:c5:eb:c0:f9:10:04:32:ae:d6:3c:0e:42:79:
13:22:2e:b6:92:47:8a:15:14:1c:5b:ce:4e:b8:82:39:e4:8f:
32:a4:3a:50:18:79:18:bd:03:c7:0f:a4:57:9c:c7:9f:1e:7d:
58:46:09:15
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUC/cuHf6JCQ8DawgdelM8zxkYWF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjkwMDAwMDBaFw0yNTAxMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjYzVlZTg4MWI1NThlMzkyOGZkNzhkNDI1ODhlMTUyOTBiYmRiODAyNzA4
YTI4MGU2YTk2MDYzZWY4MzM2YmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMUFRkcGyQfiEOATmNr8+6lZg1SzvgsQfuZHia6xqgNpod5LrB/h2PIpBFt
f0zsCX9FoQJlSlLbMJtJuJHTBZfc6yyVzFkB/TzCB+L/8pO40PMIItNDM0/5m9Lg
QdTxGEsVtR2t6RvmcAeemVivuqoHDwth1rXFMcH8DxbNSeWkXxyQBkAlmIYPzaTO
zmjAMQhN5KfDtKXe12dj6r1f1R4rLe3EvVtMGHih1Dsgcw/iBvJtKnNgXUAkP9iG
I+YYfeJRfyAvlraywMtzVQXV+cBCWwltqrYeklDkCQyVZg4SNGCOdZH7HCRnGKu5
WS30lf+Y/XbQ0KHbDVD4MvbiWHMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQJwcHr
Uw491wfHnX0CBQ95kZut6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjljMWZmYzAtM2YwMS00ODY3LWE5MzctMzlhZTc5MDQzN2Q0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1N28DAN
BgkqhkiG9w0BAQsFAAOCAQEAO0T1gbqkvJs0GT/rbalqemXKXCabSQF8FMnjx8TS
oqek08xNTt7h+alYxHJKmjKpjGsY1Nz8JG6YgS/nGzGWPbVnW4pHN4cS8BvjuU2X
vujoQ1klfjSsHl6rxrzVMCE+TKmhyx2zrLjeIHO/QwB9fzheJzAy1DHbu+Dy1iFg
26n5w8tRl6zDc0W52qZV5FQfXE3m1bP/bF09ro+UoZz1BZGmsZMxPUVsibNlSlm2
+G+1ZbVQG32zGyOQ7p6kucAbSNmHWAFwTABwSGTF68D5EAQyrtY8DkJ5EyIutpJH
ihUUHFvOTriCOeSPMqQ6UBh5GL0Dxw+kV5zHnx59WEYJFQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:15:12 2025 by rpki-client