Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
File: 69740d55-a842-4e2d-a267-6df47f50e20c.roa (raw, json)
Hash identifier: K5I5tOgaZthslagKB+f0pHYSUtMHJbCxtuTb4k/KZzw=
Subject key identifier: E8:B3:96:48:E0:D9:BE:F9:A1:46:A7:B3:E2:35:59:9C:E8:5F:69:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B6D2CAFCD9653EC66BD5BBC12E52100A2526CE3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:6d:2c:af:cd:96:53:ec:66:bd:5b:bc:12:e5:21:00:a2:52:6c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8f:7b:ef:10:5b:99:88:82:27:25:0b:a4:7a:
ab:cd:01:a2:1e:44:d0:fb:fc:da:8e:fb:c9:b5:83:
56:f4:34:9a:a8:fe:74:ab:56:d7:53:f5:22:e4:f3:
b5:26:d7:9e:76:ea:6c:12:45:af:3c:14:b9:5c:9f:
b8:16:72:d4:0d:a3:30:27:59:2e:30:7b:8f:c9:b7:
f4:75:35:d9:52:fb:31:ab:89:f1:dd:47:01:2a:11:
84:02:0d:74:34:02:21:45:40:d1:16:4b:b5:49:56:
94:04:21:d2:30:3d:03:ad:56:c6:a9:47:ef:aa:c4:
12:af:eb:7b:b8:23:94:80:cb:b9:5a:62:71:c3:30:
19:86:86:f6:20:06:82:49:77:1d:74:b1:1b:5f:bd:
50:9c:01:26:9b:43:aa:c1:98:db:f3:6e:3c:40:ab:
10:85:2f:04:92:c9:e0:7b:1f:a3:50:71:31:35:ba:
c7:0b:d7:a7:6e:76:62:fa:1c:42:86:d8:f4:20:db:
4f:16:02:90:c7:06:94:e6:76:ac:65:6c:9f:be:b7:
96:8f:3f:22:a6:1e:2e:c8:d5:af:a4:13:25:e6:d0:
35:c6:14:a5:14:ae:c6:fe:8b:b2:e9:d0:db:db:88:
30:0a:3a:4b:31:7b:f6:67:c8:51:22:60:d1:1b:e3:
24:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B3:96:48:E0:D9:BE:F9:A1:46:A7:B3:E2:35:59:9C:E8:5F:69:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
52:f8:53:17:92:f5:8e:34:4f:5a:b8:00:71:96:2b:f8:67:6f:
e5:37:c0:78:e1:dd:ea:91:74:12:80:ec:51:f7:0d:3d:3f:24:
81:8e:b8:97:da:15:62:dd:c3:98:49:1c:fa:a8:08:d6:47:db:
c0:5b:ae:fa:b6:e4:c5:d3:e8:d0:11:0d:52:ed:21:58:51:8c:
1d:62:aa:77:47:1f:e8:07:4f:57:68:ce:03:3b:a9:e6:f4:5d:
f5:b5:4b:05:88:ef:ee:6c:38:95:a7:34:fe:f1:e3:72:d8:cd:
a5:a8:d3:0f:d6:86:49:10:aa:94:c7:50:a5:b7:cd:f1:a5:f0:
f6:d1:81:e8:f7:44:d2:1a:61:5f:ae:c3:66:2d:8c:03:27:a5:
46:10:3c:61:74:ee:f5:14:c5:d6:80:d6:dd:14:be:83:79:fb:
a4:a8:58:ef:55:1b:02:ef:0b:0a:55:d1:c7:0e:05:8e:b5:c8:
ae:7e:94:94:46:fe:0c:9f:c4:58:f4:d9:23:42:9a:ee:81:e8:
d6:a3:a3:1c:e1:ac:e9:cd:f3:d2:6f:f2:5a:55:89:4c:88:32:
53:38:35:78:16:f6:00:66:11:ad:85:e3:49:91:40:94:e8:92:
21:6c:41:3b:a6:e0:be:aa:87:82:91:0b:7f:71:33:e7:7b:80:
23:f4:f7:07
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUC20sr82WU+xmvVu8EuUhAKJSbOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyMDhlNjE2MmM3MGNiOTYyMTIxZDIzMzgwZjEyNTdlMTNhZjczMmJlOWUw
ZjMzYmE1MjczNTZjZTc0MTg1ZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOePe+8QW5mIgiclC6R6q80Boh5E0Pv82o77ybWDVvQ0mqj+dKtW11P1IuTz
tSbXnnbqbBJFrzwUuVyfuBZy1A2jMCdZLjB7j8m39HU12VL7MauJ8d1HASoRhAIN
dDQCIUVA0RZLtUlWlAQh0jA9A61WxqlH76rEEq/re7gjlIDLuVpiccMwGYaG9iAG
gkl3HXSxG1+9UJwBJptDqsGY2/NuPECrEIUvBJLJ4Hsfo1BxMTW6xwvXp252Yvoc
QobY9CDbTxYCkMcGlOZ2rGVsn763lo8/IqYeLsjVr6QTJebQNcYUpRSuxv6LsunQ
29uIMAo6SzF79mfIUSJg0RvjJIUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTos5ZI
4Nm++aFGp7PiNVmc6F9pSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk3NDBkNTUtYTg0Mi00ZTJkLWEyNjctNmRmNDdmNTBlMjBjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEAUvhTF5L1jjRPWrgAcZYr+Gdv5TfAeOHd6pF0EoDs
UfcNPT8kgY64l9oVYt3DmEkc+qgI1kfbwFuu+rbkxdPo0BENUu0hWFGMHWKqd0cf
6AdPV2jOAzup5vRd9bVLBYjv7mw4lac0/vHjctjNpajTD9aGSRCqlMdQpbfN8aXw
9tGB6PdE0hphX67DZi2MAyelRhA8YXTu9RTF1oDW3RS+g3n7pKhY71UbAu8LClXR
xw4FjrXIrn6UlEb+DJ/EWPTZI0Ka7oHo1qOjHOGs6c3z0m/yWlWJTIgyUzg1eBb2
AGYRrYXjSZFAlOiSIWxBO6bgvqqHgpELf3Ez53uAI/T3Bw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:00:40 2025 by rpki-client