Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/942fda94-0f9b-4fc2-96fb-33fe58d39a68.roa
File: 942fda94-0f9b-4fc2-96fb-33fe58d39a68.roa (raw, json)
Hash identifier: T578Htulkj4LElVMPHQ4R5gH5gT3/TkT8BscZyof9Mc=
Subject key identifier: 82:B0:9A:86:DA:83:2A:D8:A9:85:53:87:56:25:C7:D0:C9:16:D7:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F3B4B8AE4A762101637473939BB935FAC68838B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/942fda94-0f9b-4fc2-96fb-33fe58d39a68.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.112.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:3b:4b:8a:e4:a7:62:10:16:37:47:39:39:bb:93:5f:ac:68:83:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bc:3f:8f:de:a1:e0:49:63:32:a9:47:55:ed:
89:40:64:3e:d9:b4:a7:3f:7b:33:2b:4a:ef:6a:dd:
5a:2b:9c:1e:eb:7a:91:ff:7d:21:4a:58:ae:ff:dc:
fd:d6:de:77:56:c4:6c:31:7b:7e:36:2e:60:12:e1:
3d:5c:93:cc:f0:c0:a7:0f:4b:94:96:b1:bf:be:68:
3a:3d:2a:e1:43:98:b7:44:63:6e:d4:68:44:46:85:
ba:18:13:58:05:4e:f8:a0:18:ef:9f:27:6d:ed:61:
38:75:6d:a7:75:01:60:ac:3f:3c:01:e9:14:da:d6:
4f:a6:e9:fd:c9:c1:2c:b0:eb:8a:89:b0:87:3a:c7:
01:d7:6b:bd:4b:e8:5c:2d:59:b1:d2:b9:cc:c2:25:
6f:88:6f:a2:6e:74:c7:58:2c:b6:10:4c:cc:4b:60:
a8:6f:77:6d:fe:25:ca:e2:0b:55:90:db:22:2d:1f:
69:7a:11:20:ac:f0:ac:cf:dc:e2:35:55:4f:ef:5e:
ef:5d:a3:7a:0f:83:70:c3:b9:fe:51:c7:f7:91:fd:
01:96:82:4d:04:bb:ac:05:51:f4:a5:f3:0b:b0:68:
94:e5:d3:e1:24:ef:45:c9:8d:55:21:ee:ac:56:17:
1a:ee:49:a0:7e:ca:f0:c0:39:a8:fd:3f:cd:a2:b5:
93:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B0:9A:86:DA:83:2A:D8:A9:85:53:87:56:25:C7:D0:C9:16:D7:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/942fda94-0f9b-4fc2-96fb-33fe58d39a68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
38:78:6f:b0:1a:30:d1:96:d8:3b:46:f7:98:1a:18:95:7b:56:
31:b2:f6:07:9e:78:51:8d:04:24:da:f5:56:45:c7:df:03:a1:
53:a3:ac:94:5a:83:52:55:1e:f1:d0:ce:2d:86:d8:38:94:0b:
4b:58:ed:a5:9a:29:62:28:c4:26:d5:05:fc:03:fa:a9:28:2a:
b9:38:44:05:06:f1:21:16:c1:59:0d:d1:30:97:e4:33:83:84:
43:e3:8f:c4:1c:c2:1d:a2:18:5b:59:19:aa:0e:bc:a2:48:4a:
c3:66:1e:0e:a0:de:aa:f4:11:ee:d1:be:6a:e9:a6:01:f6:01:
6e:6e:bd:2d:4e:3d:30:73:af:00:9c:ce:20:33:93:bf:14:54:
75:fe:1a:0b:54:c2:f0:af:5c:cf:37:35:05:cc:f0:0e:5a:0e:
80:7a:04:61:9c:8d:4a:29:ae:e0:61:85:a2:00:b8:f9:1f:e4:
00:d4:fc:f6:b4:a8:a7:f7:3b:1d:54:58:f6:a8:75:f5:39:a7:
cc:a7:ec:8f:dd:a1:40:ad:8f:9a:e2:27:ca:7f:01:b7:af:16:
53:eb:00:98:b4:c9:2e:69:eb:5d:0a:19:37:a7:9a:cf:08:59:
46:08:83:97:02:8e:75:2e:aa:30:8b:d5:c9:c0:09:ae:74:fc:
94:29:8e:d0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULztLiuSnYhAWN0c5ObuTX6xog4swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDIwMDAwMDBaFw0yNTAxMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3OWZiMGZmYWQ1YjJjMmNkN2Y2ODk0ODdkZWFiNzBiYTE5NDAxZjEyODlj
YmM1OWQ2ZjI0MDQ2MzdiMDY2YjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL68P4/eoeBJYzKpR1XtiUBkPtm0pz97MytK72rdWiucHut6kf99IUpYrv/c
/dbed1bEbDF7fjYuYBLhPVyTzPDApw9LlJaxv75oOj0q4UOYt0RjbtRoREaFuhgT
WAVO+KAY758nbe1hOHVtp3UBYKw/PAHpFNrWT6bp/cnBLLDriomwhzrHAddrvUvo
XC1ZsdK5zMIlb4hvom50x1gsthBMzEtgqG93bf4lyuILVZDbIi0faXoRIKzwrM/c
4jVVT+9e712jeg+DcMO5/lHH95H9AZaCTQS7rAVR9KXzC7BolOXT4STvRcmNVSHu
rFYXGu5JoH7K8MA5qP0/zaK1k/MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSCsJqG
2oMq2KmFU4dWJcfQyRbXLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTQyZmRhOTQtMGY5Yi00ZmMyLTk2ZmItMzNmZTU4ZDM5YTY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQA4eG+wGjDRltg7RveYGhiVe1YxsvYHnnhRjQQk2vVW
RcffA6FTo6yUWoNSVR7x0M4thtg4lAtLWO2lmiliKMQm1QX8A/qpKCq5OEQFBvEh
FsFZDdEwl+Qzg4RD44/EHMIdohhbWRmqDryiSErDZh4OoN6q9BHu0b5q6aYB9gFu
br0tTj0wc68AnM4gM5O/FFR1/hoLVMLwr1zPNzUFzPAOWg6AegRhnI1KKa7gYYWi
ALj5H+QA1Pz2tKin9zsdVFj2qHX1OafMp+yP3aFArY+a4ifKfwG3rxZT6wCYtMku
aetdChk3p5rPCFlGCIOXAo51Lqowi9XJwAmudPyUKY7Q
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:47:00 2025 by rpki-client