Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
File: 5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa (raw, json)
Hash identifier: mcROoJPe5gPoknFsKnqYrE8yuVz6a9zcGRZrTq9A3YQ=
Subject key identifier: 06:C5:24:F0:34:39:DC:29:13:95:4D:5A:84:44:0B:2F:EC:8D:0E:D0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C9C80843313AA360B78F1133B4D3223B23EC5E3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:9c:80:84:33:13:aa:36:0b:78:f1:13:3b:4d:32:23:b2:3e:c5:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bc:82:08:c3:2f:df:b4:05:d0:0c:3d:cc:c0:
96:41:53:57:1b:2a:fa:00:eb:f4:69:a2:66:a1:6d:
a8:b7:a9:ea:d8:e8:ae:e7:7f:9e:1e:de:6a:52:c3:
68:53:e5:2f:1d:c6:e8:f0:c1:70:c9:68:45:89:f3:
93:af:1f:b6:61:04:a6:df:7c:b7:b5:4a:69:0b:40:
76:d0:56:3d:28:1b:b2:d4:4c:24:cd:49:6a:3f:e1:
6a:91:f0:5e:65:6f:64:13:08:f6:b6:7a:0e:10:64:
1d:14:de:f7:58:fe:f9:4e:c8:55:7f:71:78:68:d5:
92:09:1d:50:d3:73:34:52:2b:f7:ce:7a:be:42:31:
7e:e5:43:65:77:68:2c:10:b3:15:da:d7:3f:8d:72:
71:f4:5d:9c:cb:0a:50:f9:a5:19:fe:f2:ba:cd:0a:
1b:9e:b9:ba:a7:73:bd:f9:38:ef:bc:6f:13:6c:a2:
5a:53:db:6d:60:0a:63:a9:60:69:94:c6:10:6a:58:
0e:50:cf:30:f5:4e:4b:d5:dd:8b:7d:24:56:51:d7:
17:9b:13:ca:a8:ae:aa:b6:cd:65:09:42:6f:83:d9:
69:a3:2f:2a:39:36:79:7e:ec:fd:a1:fc:95:75:eb:
27:6a:96:53:e0:45:ae:f4:63:b0:da:1c:84:ca:ec:
68:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C5:24:F0:34:39:DC:29:13:95:4D:5A:84:44:0B:2F:EC:8D:0E:D0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:9c:72:be:4e:e6:ac:fe:dd:20:f5:c9:de:c5:af:8c:14:06:
4e:1b:80:08:bd:cb:e5:1a:3d:98:53:a2:53:6c:67:e3:d8:44:
cb:d7:54:50:01:8c:35:42:b7:41:cf:41:c2:0f:bb:40:e4:d0:
11:f2:76:44:af:55:3d:5c:0d:06:a2:6b:d5:0a:80:a3:94:2e:
b2:15:9e:95:7e:61:ee:c0:10:df:d7:9a:f0:8b:aa:d9:b4:ec:
c0:93:6e:1e:e1:23:ec:97:ee:11:d3:39:cf:67:2b:d8:3f:04:
f4:a7:d0:2b:ec:07:cc:fe:09:06:02:25:83:7a:af:d4:0d:2e:
7b:69:69:c3:35:3f:02:49:e3:7b:1e:00:1c:32:60:56:05:c7:
f9:f6:43:3a:33:0d:9d:d7:ee:46:25:f8:be:8f:65:e8:db:aa:
75:98:ce:52:56:58:c1:e7:c2:6a:31:90:80:b7:93:43:f7:69:
ce:db:f5:19:cb:2a:12:54:e4:18:90:87:dd:25:14:e9:77:de:
bd:95:8b:08:6d:58:a7:fe:9f:b5:21:01:22:a3:3d:64:c6:cf:
16:99:0e:13:eb:cd:75:2b:fe:a1:23:c8:10:ea:45:94:06:3d:
f4:9b:55:10:74:0a:22:43:6e:5a:7a:63:e5:a5:08:f4:0f:be:
fb:bc:44:dd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPJyAhDMTqjYLePETO00yI7I+xeMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5MzViODBjOGFmZWVhYjdkYjk5NmEwYzU2M2YwNDBhNjVlZTIyODZhODVi
M2VmMTAxMDUxMTU4ZDY0NWJhZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK68ggjDL9+0BdAMPczAlkFTVxsq+gDr9GmiZqFtqLep6tjorud/nh7ealLD
aFPlLx3G6PDBcMloRYnzk68ftmEEpt98t7VKaQtAdtBWPSgbstRMJM1Jaj/hapHw
XmVvZBMI9rZ6DhBkHRTe91j++U7IVX9xeGjVkgkdUNNzNFIr9856vkIxfuVDZXdo
LBCzFdrXP41ycfRdnMsKUPmlGf7yus0KG565uqdzvfk477xvE2yiWlPbbWAKY6lg
aZTGEGpYDlDPMPVOS9Xdi30kVlHXF5sTyqiuqrbNZQlCb4PZaaMvKjk2eX7s/aH8
lXXrJ2qWU+BFrvRjsNochMrsaAkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQGxSTw
NDncKROVTVqERAsv7I0O0DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWNlZWE0NTYtNDNkYS00ZmI0LTk1ZjYtZTFiN2IyZTNmNjFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQA2nHK+Tuas/t0g9cnexa+MFAZOG4AIvcvlGj2YU6JT
bGfj2ETL11RQAYw1QrdBz0HCD7tA5NAR8nZEr1U9XA0GomvVCoCjlC6yFZ6VfmHu
wBDf15rwi6rZtOzAk24e4SPsl+4R0znPZyvYPwT0p9Ar7AfM/gkGAiWDeq/UDS57
aWnDNT8CSeN7HgAcMmBWBcf59kM6Mw2d1+5GJfi+j2Xo26p1mM5SVljB58JqMZCA
t5ND92nO2/UZyyoSVOQYkIfdJRTpd969lYsIbVin/p+1IQEioz1kxs8WmQ4T6811
K/6hI8gQ6kWUBj30m1UQdAoiQ25aemPlpQj0D777vETd
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:51 2025 by rpki-client