Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/981b1661-99b8-42c3-8da0-4a3ec14aab72.roa
File: 981b1661-99b8-42c3-8da0-4a3ec14aab72.roa (raw, json)
Hash identifier: hCnoyE7RwLemEtNWlHZjZedcrzVIBthWkxv93VZj7Ug=
Subject key identifier: 04:5C:85:45:72:9F:11:B9:9F:27:8E:A5:6E:75:5B:F2:4B:20:B8:F1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C41FD80BB5669F42A818530F2873FBAE291347B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/981b1661-99b8-42c3-8da0-4a3ec14aab72.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:41:fd:80:bb:56:69:f4:2a:81:85:30:f2:87:3f:ba:e2:91:34:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9f:36:06:74:84:f7:78:9d:1b:87:61:29:08:
a7:e1:14:fc:d4:77:33:55:0e:ff:25:59:15:44:42:
e6:da:98:0e:6b:08:ed:48:01:22:62:33:f1:9c:30:
e5:3d:d7:3d:82:2f:ea:a6:98:ee:67:2c:ba:18:ef:
d9:12:eb:08:08:7a:8c:91:79:f0:f1:cc:7e:5e:e9:
a2:2d:0b:8d:a5:a8:e9:34:47:a3:11:54:99:2e:5a:
80:bf:4f:2e:45:df:2f:d0:4c:87:49:f7:5f:e1:d5:
fb:e4:f6:10:3d:3d:81:ec:21:cc:e0:9f:86:c9:b9:
0c:6d:06:93:e4:c3:f5:d4:1b:0c:20:81:db:9f:8a:
dc:5a:41:5c:8c:da:d6:3d:7a:2a:5e:f8:61:b7:e0:
d5:95:ec:d3:5d:f6:ca:1c:19:18:5d:53:b7:8b:89:
9d:b6:90:ee:ed:b9:4b:56:6e:f4:d2:21:73:1c:bb:
f2:33:52:f9:15:80:e7:f3:54:2d:d1:ca:b5:25:1e:
a0:35:cc:50:d1:86:95:9b:b5:88:f6:56:6c:3a:fb:
c8:82:42:ea:79:7c:b8:44:01:73:4c:38:13:32:7c:
de:21:c9:ac:eb:93:fe:89:a0:5d:b2:76:38:3b:c5:
01:60:b1:36:6c:3c:d2:d7:46:d2:b9:f5:75:72:53:
69:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5C:85:45:72:9F:11:B9:9F:27:8E:A5:6E:75:5B:F2:4B:20:B8:F1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/981b1661-99b8-42c3-8da0-4a3ec14aab72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
78:95:a7:92:9b:c3:68:fc:2d:bd:a4:17:e2:6a:ca:65:66:12:
4e:77:41:7d:28:53:cb:b5:2c:d7:77:26:72:eb:3e:53:a3:d3:
69:cc:9b:0c:e3:7e:db:8d:a8:a0:ca:81:02:b4:38:93:c5:f5:
85:1d:ff:88:22:2f:86:25:34:8b:23:65:5a:b4:01:9f:72:b0:
bb:ba:39:1f:10:e8:4d:d6:b1:b3:b1:0a:06:14:07:64:d2:f1:
0a:5b:4d:4c:27:0c:75:62:bb:58:cd:af:ce:6c:a1:db:7c:b3:
57:cf:ba:b3:97:d9:53:f5:fc:95:29:e6:7d:1e:ad:80:e8:f5:
fa:8d:be:f7:5b:87:66:7f:97:1b:da:69:0e:7f:0c:01:38:e2:
b2:e0:17:f7:a8:80:e8:87:74:8b:09:ff:bc:a1:b6:1a:5e:e0:
74:1e:0e:d4:45:92:a9:2d:41:e5:27:eb:19:35:22:76:f8:50:
3a:a4:47:84:65:4e:18:a1:4a:e5:9c:98:39:da:fc:8c:de:8b:
fa:10:61:a2:38:f3:a2:81:1b:9d:51:54:1c:ee:13:95:dd:04:
e4:97:e4:04:e4:85:22:95:f5:18:4c:84:6a:89:9b:c9:ea:6f:
bf:1d:d8:57:a3:e6:c1:b0:98:b0:51:be:dc:1c:39:9a:8f:55:
09:fd:80:72
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXEH9gLtWafQqgYUw8oc/uuKRNHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxYWQwZmFhNTdiYzBmM2I4MjNiZDViN2ZmMTk4MmYzMmMzZmI5YjQ3ZGI2
ZWMzYjE5OWQ1MjE1ZjE0ZTFkNmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2fNgZ0hPd4nRuHYSkIp+EU/NR3M1UO/yVZFURC5tqYDmsI7UgBImIz8Zww
5T3XPYIv6qaY7mcsuhjv2RLrCAh6jJF58PHMfl7poi0LjaWo6TRHoxFUmS5agL9P
LkXfL9BMh0n3X+HV++T2ED09gewhzOCfhsm5DG0Gk+TD9dQbDCCB25+K3FpBXIza
1j16Kl74Ybfg1ZXs0132yhwZGF1Tt4uJnbaQ7u25S1Zu9NIhcxy78jNS+RWA5/NU
LdHKtSUeoDXMUNGGlZu1iPZWbDr7yIJC6nl8uEQBc0w4EzJ83iHJrOuT/omgXbJ2
ODvFAWCxNmw80tdG0rn1dXJTaS0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQEXIVF
cp8RuZ8njqVudVvySyC48TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTgxYjE2NjEtOTliOC00MmMzLThkYTAtNGEzZWMxNGFhYjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEAeJWnkpvDaPwtvaQX4mrKZWYSTndBfShTy7Us13cm
cus+U6PTacybDON+242ooMqBArQ4k8X1hR3/iCIvhiU0iyNlWrQBn3Kwu7o5HxDo
Tdaxs7EKBhQHZNLxCltNTCcMdWK7WM2vzmyh23yzV8+6s5fZU/X8lSnmfR6tgOj1
+o2+91uHZn+XG9ppDn8MATjisuAX96iA6Id0iwn/vKG2Gl7gdB4O1EWSqS1B5Sfr
GTUidvhQOqRHhGVOGKFK5ZyYOdr8jN6L+hBhojjzooEbnVFUHO4Tld0E5JfkBOSF
IpX1GEyEaombyepvvx3YV6PmwbCYsFG+3Bw5mo9VCf2Acg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:39:27 2025 by rpki-client