Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a92f2152-65f4-45b1-b1ba-aeb6af713988.roa
File: a92f2152-65f4-45b1-b1ba-aeb6af713988.roa (raw, json)
Hash identifier: iLDhbhL8TyR4B+RUn8jao3v6lavEmLINfvMEa6Njdfg=
Subject key identifier: A8:47:89:3C:D8:AC:5C:EF:BC:B5:E0:49:AB:CF:41:23:75:B8:71:E5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B813B87D91B3D5AD67E8B1E3B1CE2C79F40A0CA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a92f2152-65f4-45b1-b1ba-aeb6af713988.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:81:3b:87:d9:1b:3d:5a:d6:7e:8b:1e:3b:1c:e2:c7:9f:40:a0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:61:12:5a:fe:98:12:be:f7:e5:91:1e:00:d5:
76:de:8b:a7:45:83:5f:a7:e8:bc:d4:20:af:14:84:
2d:37:8a:65:01:e0:27:55:e0:c8:c9:c8:f6:5b:a9:
d5:4a:8e:64:24:6e:50:19:9b:a4:04:d6:9b:3a:4f:
db:d9:ad:0d:7a:27:ab:47:6d:a5:80:2c:cd:f6:8c:
cc:ed:39:a0:1d:d1:81:a2:a5:43:fd:dc:bc:af:90:
66:d5:33:9f:de:4f:eb:09:44:bd:27:2e:d9:cb:83:
d3:42:a9:24:c1:c9:03:d8:1f:de:c6:a4:42:a0:f5:
58:67:02:2b:17:1f:8b:50:7d:60:85:f4:eb:f9:70:
cf:c2:0e:94:a6:56:f8:f9:d3:fe:62:22:ec:4e:2b:
d2:63:1d:c2:84:9e:8f:2b:3a:00:1b:30:97:82:2f:
b2:29:bb:5e:a7:72:c0:35:c0:49:47:fe:bf:aa:1a:
8f:57:da:2c:4e:81:96:98:12:6e:31:93:5b:f2:70:
23:c1:86:9d:fc:69:58:ae:4b:5d:63:61:02:f6:47:
8c:ca:7a:0c:29:86:9d:5e:6d:34:ac:c0:98:e1:91:
b7:0a:a4:5b:96:a9:3a:33:c0:6b:ec:e1:07:5d:8b:
be:13:dd:4a:29:5b:8d:af:51:10:24:6c:37:64:74:
7a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:47:89:3C:D8:AC:5C:EF:BC:B5:E0:49:AB:CF:41:23:75:B8:71:E5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a92f2152-65f4-45b1-b1ba-aeb6af713988.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.171.0/24
Signature Algorithm: sha256WithRSAEncryption
74:ab:09:09:54:22:b7:a2:93:c9:bc:c8:1e:0f:b3:86:7f:f4:
e7:77:71:df:dd:b3:5c:bf:ab:59:b3:17:6a:f2:fc:6f:e8:80:
54:f9:eb:56:c5:f8:b4:71:4f:db:4b:20:7e:b3:ec:eb:3f:fa:
01:4f:06:25:8e:b1:05:ba:0e:6b:35:a2:9c:21:b0:d1:fd:8d:
90:86:e1:77:07:db:3a:e6:37:ec:cf:5b:da:d3:2b:71:63:13:
d4:26:ec:90:43:5c:8f:5e:61:fa:91:94:bc:c1:dd:c5:e2:36:
13:8d:7b:e4:85:c0:31:df:ff:fa:41:a1:01:75:fa:d0:1b:3d:
e8:59:5c:91:d8:7e:69:a1:2a:07:0d:cd:9e:c7:0b:a9:5e:fe:
c5:a5:e6:1f:56:5f:5f:d8:1e:62:ff:b5:48:77:f3:e9:bf:a8:
af:6a:5a:65:be:e1:c9:61:fa:ba:95:96:59:5e:a4:e3:7e:8c:
29:8f:9c:fd:bc:ae:7d:7d:4b:b1:17:d3:5d:b3:7b:63:d4:27:
da:38:3f:6c:87:92:97:91:6f:ab:49:f0:a2:f2:be:99:75:a6:
7c:b9:2b:84:98:a7:3b:38:07:f9:84:8e:95:d7:a5:8f:8f:c8:
ce:26:80:98:f2:16:46:28:11:95:98:a8:89:b4:78:29:49:97:
8a:79:7b:c1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUK4E7h9kbPVrWfoseOxzix59AoMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjkwMDAwMDBaFw0yNTAxMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiMWFhMDk2NDQ5MzRiMTU4OGFkMjE4ODYxYzVmMTQ1MmRhYmQxNzNiNzc3
MGUyYzg3ZWQ1MTM2NDQ4ZjUwZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNhElr+mBK+9+WRHgDVdt6Lp0WDX6fovNQgrxSELTeKZQHgJ1XgyMnI9lup
1UqOZCRuUBmbpATWmzpP29mtDXonq0dtpYAszfaMzO05oB3RgaKlQ/3cvK+QZtUz
n95P6wlEvScu2cuD00KpJMHJA9gf3sakQqD1WGcCKxcfi1B9YIX06/lwz8IOlKZW
+PnT/mIi7E4r0mMdwoSejys6ABswl4Ivsim7XqdywDXASUf+v6oaj1faLE6BlpgS
bjGTW/JwI8GGnfxpWK5LXWNhAvZHjMp6DCmGnV5tNKzAmOGRtwqkW5apOjPAa+zh
B12LvhPdSilbja9RECRsN2R0elUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSoR4k8
2Kxc77y14Emrz0Ejdbhx5TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTkyZjIxNTItNjVmNC00NWIxLWIxYmEtYWViNmFmNzEzOTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qzAN
BgkqhkiG9w0BAQsFAAOCAQEAdKsJCVQit6KTybzIHg+zhn/053dx392zXL+rWbMX
avL8b+iAVPnrVsX4tHFP20sgfrPs6z/6AU8GJY6xBboOazWinCGw0f2NkIbhdwfb
OuY37M9b2tMrcWMT1CbskENcj15h+pGUvMHdxeI2E4175IXAMd//+kGhAXX60Bs9
6Flckdh+aaEqBw3NnscLqV7+xaXmH1ZfX9geYv+1SHfz6b+or2paZb7hyWH6upWW
WV6k436MKY+c/byufX1LsRfTXbN7Y9Qn2jg/bIeSl5Fvq0nwovK+mXWmfLkrhJin
OzgH+YSOldelj4/IziaAmPIWRigRlZioibR4KUmXinl7wQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:38:51 2025 by rpki-client