Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72fccd43-b670-4a4c-a4dd-752e0ada314a.roa
File: 72fccd43-b670-4a4c-a4dd-752e0ada314a.roa (raw, json)
Hash identifier: V/WD9ZNgk3BcOQoR7eJkyGCfgqj/Z7D7U1cshybayOI=
Subject key identifier: 5D:E9:CD:91:21:A1:43:A5:E4:76:82:DF:45:3B:3B:46:88:A8:89:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F7EE6367D080EC143EA2A65D657A9CFB0D86BBB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72fccd43-b670-4a4c-a4dd-752e0ada314a.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:7e:e6:36:7d:08:0e:c1:43:ea:2a:65:d6:57:a9:cf:b0:d8:6b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:aa:dd:c6:26:ca:76:8d:dc:a3:5e:62:99:e8:
84:ed:fc:cc:1d:8d:ec:02:9a:79:37:e8:9c:18:c5:
fa:0b:0c:6e:f6:00:fe:ff:20:1e:90:d3:b0:17:a4:
1e:49:c3:e1:dc:bb:7d:d1:42:18:74:f3:98:e2:0d:
62:13:00:c2:82:d8:c5:e7:b8:ae:3e:ce:b0:af:cf:
a1:6e:88:e2:52:83:60:a5:f7:f3:d4:8a:f5:7f:c7:
09:80:a9:58:b0:2a:0f:ba:f6:ed:98:c4:ee:fc:e0:
84:c4:49:ee:69:25:e1:dd:fe:f9:9f:1d:82:0c:54:
2b:a7:2e:7b:20:66:28:3a:ac:3b:c8:09:1c:02:e0:
83:f1:c7:cc:22:4b:75:8a:70:e5:c8:91:07:73:be:
c6:e5:94:c1:12:a1:79:3b:88:b0:0f:bf:0e:f7:8b:
d0:17:32:ef:73:8c:48:9d:45:0b:34:c3:ca:4d:7e:
ec:97:bc:bc:10:57:63:bb:3f:6e:ad:36:8d:ea:a6:
b9:19:5d:79:ee:c5:51:8e:9d:26:ba:b3:9b:e3:2c:
a3:0a:03:51:51:32:a3:f7:b9:b4:17:21:e2:3a:a8:
28:b2:25:3e:d3:24:08:5a:3c:9b:e8:16:6a:36:0f:
98:63:64:89:a7:e6:dc:ac:16:7f:39:f7:52:9f:e0:
76:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E9:CD:91:21:A1:43:A5:E4:76:82:DF:45:3B:3B:46:88:A8:89:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72fccd43-b670-4a4c-a4dd-752e0ada314a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:88:8f:27:88:fb:eb:4c:2d:07:19:7a:ca:3d:88:d4:72:9c:
5a:9d:03:1e:d8:d6:22:05:50:a4:26:a2:7b:54:73:ca:4d:86:
99:e3:8f:f2:7b:ce:7f:0a:b2:b1:bf:e0:64:19:d0:0e:a0:20:
cc:40:74:5b:12:5a:ae:1a:7e:1b:fb:75:24:f1:91:cc:ae:b8:
a8:ac:cf:9c:0a:18:e2:f5:b3:b4:4b:10:cc:8e:45:ef:c0:08:
d2:2f:f0:c7:4b:f4:b4:c7:4d:26:5c:bf:e9:d2:74:41:8d:48:
90:1f:65:6b:1e:d9:d4:b6:e8:ec:c8:1f:82:79:ab:d8:79:d9:
84:10:3f:83:d3:61:15:5b:ba:22:0c:a3:20:d9:50:68:4d:e4:
a4:e5:7f:f5:a2:08:a4:07:35:e4:f2:5f:74:6f:f3:e7:69:cc:
e5:37:b0:cb:4d:b4:a9:a6:b0:45:5f:7b:b6:e4:63:4b:41:ad:
b8:2c:60:0a:dc:f0:e2:7d:e5:91:a4:72:82:a4:6b:2b:c7:36:
9c:9b:9b:b4:89:fb:07:ce:c7:e9:1c:a5:5f:39:41:17:3f:35:
62:95:c0:58:d9:1f:da:a9:fb:7e:0a:43:ea:26:e8:bf:e2:38:
44:10:b8:3a:0f:67:6c:94:d1:fc:e6:fa:bd:00:35:27:a6:9c:
50:b2:a4:6e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP37mNn0IDsFD6ipl1lepz7DYa7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDViYzg2YWJmZmFkZWM2NTQzNWE4MjQzNmQ4MjJiMjk5NmZmZjFlOWNjNzZi
YjZiNzM2ZGVlNzFiZjBkNTcwN2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqq3cYmynaN3KNeYpnohO38zB2N7AKaeTfonBjF+gsMbvYA/v8gHpDTsBek
HknD4dy7fdFCGHTzmOINYhMAwoLYxee4rj7OsK/PoW6I4lKDYKX389SK9X/HCYCp
WLAqD7r27ZjE7vzghMRJ7mkl4d3++Z8dggxUK6cueyBmKDqsO8gJHALgg/HHzCJL
dYpw5ciRB3O+xuWUwRKheTuIsA+/DveL0Bcy73OMSJ1FCzTDyk1+7Je8vBBXY7s/
bq02jeqmuRldee7FUY6dJrqzm+MsowoDUVEyo/e5tBch4jqoKLIlPtMkCFo8m+gW
ajYPmGNkiafm3KwWfzn3Up/gdiMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRd6c2R
IaFDpeR2gt9FOztGiKiJdjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzJmY2NkNDMtYjY3MC00YTRjLWE0ZGQtNzUyZTBhZGEzMTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQCAiI8niPvrTC0HGXrKPYjUcpxanQMe2NYiBVCkJqJ7
VHPKTYaZ44/ye85/CrKxv+BkGdAOoCDMQHRbElquGn4b+3Uk8ZHMrriorM+cChji
9bO0SxDMjkXvwAjSL/DHS/S0x00mXL/p0nRBjUiQH2VrHtnUtujsyB+CeavYedmE
ED+D02EVW7oiDKMg2VBoTeSk5X/1ogikBzXk8l90b/PnaczlN7DLTbSpprBFX3u2
5GNLQa24LGAK3PDifeWRpHKCpGsrxzacm5u0ifsHzsfpHKVfOUEXPzVilcBY2R/a
qft+CkPqJui/4jhEELg6D2dslNH85vq9ADUnppxQsqRu
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:47:02 2025 by rpki-client